Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/see-0.72/src/see.c
Examining data/see-0.72/src/server.c
Examining data/see-0.72/src/main.h
Examining data/see-0.72/src/util.c
FINAL RESULTS:
data/see-0.72/src/see.c:136:6: [5] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is high; the length parameter
appears to be a constant, instead of computing the number of characters
left.
strncat(Seefile->name,optarg,SECLEN);
data/see-0.72/src/see.c:62:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Config->seedata, "%s/.seedata",homedir);
data/see-0.72/src/see.c:93:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(cwd,argv[1]);
data/see-0.72/src/see.c:106:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(cwd,argv[1]);
data/see-0.72/src/see.c:119:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(image);
data/see-0.72/src/see.c:146:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(term,optarg);
data/see-0.72/src/see.c:196:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(image, "%s/seeon.png", SDIR);
data/see-0.72/src/see.c:201:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(image, "%s/seeoff.png",SDIR);
data/see-0.72/src/see.c:372:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Fhist[histC],line);
data/see-0.72/src/see.c:388:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(string, "Apropos search for \"%s\"?",term);
data/see-0.72/src/see.c:397:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(string, "apropos \"%s\"", term);
data/see-0.72/src/see.c:398:15: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((fstIN = popen(string, "r")) == NULL) {
data/see-0.72/src/see.c:722:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmpname,"%s(%s)",Seefile->path,Seefile->sec);
data/see-0.72/src/see.c:746:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(messg, "Corrupted entry in\n%s!",Config->seedata);
data/see-0.72/src/see.c:797:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmmd,"Execute:\n%s",term);
data/see-0.72/src/see.c:807:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tfile,"%s/.seeTMP",homedir);
data/see-0.72/src/see.c:828:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cmmd,term); }
data/see-0.72/src/see.c:840:6: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
pin=popen(cmmd,"r");
data/see-0.72/src/see.c:870:2: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
sscanf(++ptr,tplate,sec);
data/see-0.72/src/see.c:923:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name, "%s/%s", Config->copyto,term);
data/see-0.72/src/see.c:924:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
if (sel) sprintf(messg,"Copy selected text to\n\"%s/%s\"?",Config->copyto,term);
data/see-0.72/src/see.c:925:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else sprintf(messg,"Copy text buffer content to\n\"%s/%s\"?",Config->copyto,term);
data/see-0.72/src/see.c:937:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(messg, "Copy failed:\n%s",rp);
data/see-0.72/src/see.c:1001:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tagline,coord); }
data/see-0.72/src/see.c:1116:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
if (len==0) sprintf(messg, "\"%s\"\nhas no content",Seefile->path);
data/see-0.72/src/see.c:1117:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else sprintf(messg, "Can't open\n%s", Seefile->path);
data/see-0.72/src/see.c:1135:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
if (i==0) sprintf(messg, "Permission denied for\n%s", Seefile->path);
data/see-0.72/src/see.c:1136:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else sprintf(messg, "Read short on\n%s", Seefile->path);
data/see-0.72/src/see.c:1153:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(messg,"%d %s",CurFS,Seefile->name);
data/see-0.72/src/see.c:1175:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(title, "Loading \"%s\"...", Seefile->name);
data/see-0.72/src/see.c:1199:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(FileCon,buffer);
data/see-0.72/src/see.c:1227:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(messg,"Could not open filelist:\n%s",strerror(errno));
data/see-0.72/src/see.c:1239:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(list[i],line);
data/see-0.72/src/see.c:1246:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(messg,"Filelist entry \"%s\" is not formatted correctly.\n",bad);
data/see-0.72/src/see.c:1264:52: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
if ((!Seefile->sec[0]) || (Seefile->sec[0]=='*')) sprintf(cmmd,"man -w %s",Seefile->path); /* no section OR out-of-tree */
data/see-0.72/src/see.c:1265:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else sprintf(cmmd,"man -w %s %s",Seefile->sec,Seefile->path); /* with section */
data/see-0.72/src/see.c:1270:14: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (!(pin = popen(cmmd, "r"))) {
data/see-0.72/src/see.c:1271:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(messg, "\"%s\" failed", cmmd);
data/see-0.72/src/see.c:1294:24: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
if (Seefile->sec[0]) sprintf(cmmd,"No manual entry for\n\"man %s %s\"",Seefile->sec,Seefile->path);
data/see-0.72/src/see.c:1295:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else sprintf(cmmd, "No manual entry for \n\"man %s\"",Seefile->path);
data/see-0.72/src/see.c:1306:3: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(ptr, "/man%s", Seefile->sec);
data/see-0.72/src/see.c:1308:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Seefile->name,Seefile->sec);
data/see-0.72/src/see.c:1311:30: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
if (Seefile->sec[0] == '*') sprintf(cmmd, "man %s | col -b -x", Seefile->path);
data/see-0.72/src/see.c:1312:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else sprintf(cmmd, "man %s %s | col -b -x", Seefile->sec, Seefile->path);
data/see-0.72/src/see.c:1315:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(messg, "Loading %s...", Seefile->name);
data/see-0.72/src/see.c:1320:13: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((pin = popen(cmmd, "r")) == NULL) {
data/see-0.72/src/see.c:1321:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(messg, "\"%s\" failed", cmmd);
data/see-0.72/src/see.c:1335:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmmd, "No manual entry for \n\"man %s\"",Seefile->path);
data/see-0.72/src/see.c:1341:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(FileCon,EXDline);
data/see-0.72/src/see.c:1345:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(messg, "Manual Page for \"%s\"", Seefile->name);
data/see-0.72/src/see.c:1358:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(messg,"%d %s",CurFS,Seefile->name);
data/see-0.72/src/see.c:1379:23: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
if (file[0] != '/') sprintf(messg, "Load manual page for\n%s?",file);
data/see-0.72/src/see.c:1380:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else sprintf(messg, "Load \n%s?", file);
data/see-0.72/src/see.c:1568:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fname,"%s/.seeconfig",SDIR);
data/see-0.72/src/see.c:1607:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(copy,needle);
data/see-0.72/src/see.c:1698:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(r->filelist,SDIR);
data/see-0.72/src/see.c:1701:29: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
if (strlen(homedir) <= 97) sprintf(r->sock, "%s/.seesock",homedir);
data/see-0.72/src/see.c:1705:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(r->seedata,"%s/.seedata",homedir);
data/see-0.72/src/see.c:1708:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(configfile,"%s/.seeconfig",homedir);
data/see-0.72/src/see.c:1716:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(r->txtfnt,tok);
data/see-0.72/src/see.c:1734:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(r->seedata,tok);
data/see-0.72/src/see.c:1764:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char*)r->tbcolor,tok);
data/see-0.72/src/see.c:1786:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(configfile,"No %s/.seeconfig found.",homedir);
data/see-0.72/src/see.c:1879:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmp,"%s/.SeeTP",homedir); /* use homedir rather than /tmp to not intefere with other users */
data/see-0.72/src/see.c:1908:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(seeline, "%s*%d",sptr,bookmarks[0]); /* bookmarks[0] is the number of bookmarks */
data/see-0.72/src/see.c:1912:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(seeline,num);
data/see-0.72/src/see.c:1919:39: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
if (getagcoords(boldblue,tagline)>0) strcat(seeline,tagline);
data/see-0.72/src/see.c:1920:38: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
if (getagcoords(italred,tagline)>0) strcat(seeline,tagline);
data/see-0.72/src/see.c:2150:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(text, "\n\ttext area font: %s\n",cfg->txtfnt);
data/see-0.72/src/see.c:2164:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(text,cfg->seedata);
data/see-0.72/src/see.c:2174:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(text,cfg->filelist);
data/see-0.72/src/see.c:2182:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(text, "\n\t\"seesocket\" location: %s\n\n",cfg->sock);
data/see-0.72/src/see.c:2193:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(text,"\tYour editor command: \"%s\"\n",cfg->editor);
data/see-0.72/src/see.c:2201:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(text, "\n\tYour \"copy to\" directory: %s\n", Config->copyto);
data/see-0.72/src/see.c:2291:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(FileCon,line);
data/see-0.72/src/see.c:2327:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(string,"%s %s", Config->editor, Seefile->path);
data/see-0.72/src/see.c:2328:3: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(string);
data/see-0.72/src/see.c:2331:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(string, "%s sent to %s", Seefile->name, Config->editor);
data/see-0.72/src/see.c:2407:24: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
if (Seefile->sec[0]) sprintf(newListing,"%s|(%s)",Seefile->path,Seefile->sec);
data/see-0.72/src/see.c:2408:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else sprintf(newListing,"%s|",Seefile->path);
data/see-0.72/src/see.c:2413:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
if (old->sec[0]) sprintf(oldListing,"%s|(%s)",old->path,old->sec);
data/see-0.72/src/see.c:2414:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else sprintf(oldListing,"%s|",old->path);
data/see-0.72/src/server.c:104:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(addr.sun_path,sock);
data/see-0.72/src/server.c:122:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name.sun_path, file);
data/see-0.72/src/server.c:140:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(addr.sun_path,Config->sock);
data/see-0.72/src/server.c:151:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"LOAD %s",Seefile->path);
data/see-0.72/src/server.c:153:32: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
if (Seefile->path[0] == '/') sprintf(buffer, "SMAN *** %s",Seefile->path); /* section *** is out-of-tree */
data/see-0.72/src/server.c:154:29: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else if (Seefile->sec[0]) sprintf(buffer, "SMAN %s %s",Seefile->sec,Seefile->path);
data/see-0.72/src/server.c:155:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else sprintf(buffer,"MAN %s",Seefile->path);
data/see-0.72/src/server.c:159:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer,term);
data/see-0.72/src/util.c:44:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(new_line,string);
data/see-0.72/src/util.c:67:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer,errmsg);
data/see-0.72/src/util.c:111:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(line,buffer);
data/see-0.72/src/util.c:121:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(line,buffer);
data/see-0.72/src/util.c:159:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(retline,&line[len]);
data/see-0.72/src/util.c:207:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(EXDline,string);
data/see-0.72/src/util.c:214:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(EXDline,string);
data/see-0.72/src/util.c:222:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(copy,string);
data/see-0.72/src/util.c:226:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(rp,"%s%s%s",copy,newname,&ptr[6]);
data/see-0.72/src/see.c:39:25: [3] (buffer) g_get_home_dir:
This function is synonymous with 'getenv("HOME")';it returns untrustable
input if the environment can beset by an attacker. It can have any content
and length, and the same variable can be set more than once (CWE-807,
CWE-20). Check environment variables carefully before using them.
const gchar *homedir = g_get_home_dir();
data/see-0.72/src/see.c:114:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt=getopt(argc, argv, options))>0) switch (opt) {
data/see-0.72/src/see.c:805:13: [3] (buffer) g_get_home_dir:
This function is synonymous with 'getenv("HOME")';it returns untrustable
input if the environment can beset by an attacker. It can have any content
and length, and the same variable can be set more than once (CWE-807,
CWE-20). Check environment variables carefully before using them.
homedir = g_get_home_dir();
data/see-0.72/src/see.c:1664:25: [3] (buffer) g_get_home_dir:
This function is synonymous with 'getenv("HOME")';it returns untrustable
input if the environment can beset by an attacker. It can have any content
and length, and the same variable can be set more than once (CWE-807,
CWE-20). Check environment variables carefully before using them.
const gchar *homedir = g_get_home_dir();
data/see-0.72/src/see.c:1871:23: [3] (buffer) g_get_home_dir:
This function is synonymous with 'getenv("HOME")';it returns untrustable
input if the environment can beset by an attacker. It can have any content
and length, and the same variable can be set more than once (CWE-807,
CWE-20). Check environment variables carefully before using them.
const gchar *homedir=g_get_home_dir();
data/see-0.72/src/main.h:64:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sock[108]; /* seesocket name */
data/see-0.72/src/main.h:80:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MPTH+1];
data/see-0.72/src/main.h:81:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[NAMELEN+1];
data/see-0.72/src/main.h:83:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sec[SECLEN+1];
data/see-0.72/src/main.h:135:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int loadlist (char list[27][FLESZ]);
data/see-0.72/src/see.c:63:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((opt=open(Config->seedata,O_WRONLY|O_CREAT,S_IWRITE|S_IREAD))==-1) {
data/see-0.72/src/see.c:118:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(image, "killall -9 seetxt & killall -9 seeman");
data/see-0.72/src/see.c:493:38: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if (!(ptr=textline(bookmarks[i]))) sprintf(snippet, "LINE NUMBER INVALID");
data/see-0.72/src/see.c:719:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpname[FLESZ], *line=NULL, *tok, messg[FLESZ], DL[]="*\n";
data/see-0.72/src/see.c:733:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bookmarks=ec_malloc(atoi(tok)+1);
data/see-0.72/src/see.c:734:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bookmarks[0]=atoi(tok);
data/see-0.72/src/see.c:736:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bookmarks[i]=atoi(tok);
data/see-0.72/src/see.c:754:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Ts=atoi(tok); /* these numbers should be paired */
data/see-0.72/src/see.c:755:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!(Te=atoi(strtok(NULL,DL)))) return; /* missing one? ...oh well */
data/see-0.72/src/see.c:771:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[12]=" See/Error ";
data/see-0.72/src/see.c:808:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(tfp=fopen(tfile,"w"))) {
data/see-0.72/src/see.c:829:25: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (Config->bRedirect) strcat(cmmd," 2>&1"); /* redirect stderr */
data/see-0.72/src/see.c:847:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "Process returned %d",pclose(pin));
data/see-0.72/src/see.c:865:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ptr, sec[SECLEN+1] = "\0", tplate[16];
data/see-0.72/src/see.c:869:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tplate,"(%%%d[^)]",SECLEN);
data/see-0.72/src/see.c:910:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char messg[MPTH+256], name[MPTH], *rp, flag=0, *ptr;
data/see-0.72/src/see.c:955:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char list[27][FLESZ], *ptr;
data/see-0.72/src/see.c:985:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char coord[16];
data/see-0.72/src/see.c:993:24: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if (tag == boldblue) sprintf(tagline,"*B*%d*",cc);
data/see-0.72/src/see.c:994:28: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else if (tag == italred) sprintf(tagline, "*R*%d*",cc);
data/see-0.72/src/see.c:999:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(coord, "%d*", cc);
data/see-0.72/src/see.c:1095:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char list[27][FLESZ], *ptr;
data/see-0.72/src/see.c:1111:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char messg[NAMELEN+128];
data/see-0.72/src/see.c:1213:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int loadlist (char list[27][FLESZ]) {
data/see-0.72/src/see.c:1225:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fstRO=fopen(Config->filelist,"r"))) {
data/see-0.72/src/see.c:1247:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(messg,"If you are using a filelist from a version prior to 0.70,\n"
data/see-0.72/src/see.c:1259:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char byte, cmmd[MPTH+256], *line, *ptr, messg[NAMELEN+256];
data/see-0.72/src/see.c:1366:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char messg[256];
data/see-0.72/src/see.c:1545:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[4096];
data/see-0.72/src/see.c:1603:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char copy[nlen+1], UC=0;
data/see-0.72/src/see.c:1632:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(lnum, "%5d ", i+1);
data/see-0.72/src/see.c:1648:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char messg[25];
data/see-0.72/src/see.c:1653:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(messg, "Bookmark set at line %d", ln+1);
data/see-0.72/src/see.c:1665:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char configfile[MPTH], *tok, *line;
data/see-0.72/src/see.c:1699:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(r->filelist,"/filelist");
data/see-0.72/src/see.c:1709:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fstRO = fopen(configfile, "r"))) {
data/see-0.72/src/see.c:1750:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((DBL=open(tok,O_CREAT|O_WRONLY,S_IREAD|S_IWRITE))<3) continue;
data/see-0.72/src/see.c:1872:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *line, tmp[strlen(homedir)+8], seeline[8192], tagline[4096], *sptr, num[7];
data/see-0.72/src/see.c:1886:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fstRO = fopen(Config->seedata, "r")) == NULL) {
data/see-0.72/src/see.c:1890:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fstW = fopen(tmp, "w")) == NULL) {
data/see-0.72/src/see.c:1911:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(num,"*%d",bookmarks[i]);
data/see-0.72/src/see.c:1971:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tonumLbl[7], title[128];
data/see-0.72/src/see.c:1990:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(title, "Searching for ");
data/see-0.72/src/see.c:2019:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tonumLbl,"%d",x/2);
data/see-0.72/src/see.c:2023:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tonumLbl,"%d",x/2);
data/see-0.72/src/see.c:2035:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tonumLbl,"%d",x/2);
data/see-0.72/src/see.c:2039:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tonumLbl,"%d",x/2);
data/see-0.72/src/see.c:2056:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tonumLbl,"%d",totalF);
data/see-0.72/src/see.c:2075:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str,"%d",CurFS-1);
data/see-0.72/src/see.c:2120:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(r,orig,sizeof(seefile));
data/see-0.72/src/see.c:2126:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char list[27][FLESZ];
data/see-0.72/src/see.c:2146:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(text, "\n___Configuration___\n\n");
data/see-0.72/src/see.c:2152:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else strcpy(text, "\n\tno text font selected.\n");
data/see-0.72/src/see.c:2155:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(text, "\twatch interval set to %d seconds\n",cfg->watchtime);
data/see-0.72/src/see.c:2158:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(text,"\ttext area width=%dpx height=%dpx\n\n",cfg->width,cfg->height);
data/see-0.72/src/see.c:2162:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(text, "\t\"seedata\" file path ");
data/see-0.72/src/see.c:2167:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(text, "\t...no \"seedata\" file in use.");
data/see-0.72/src/see.c:2172:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(text, "\n\tfilelist path ");
data/see-0.72/src/see.c:2177:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(text, "\n\t...no filelist in use.\n");
data/see-0.72/src/see.c:2185:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(text,
data/see-0.72/src/see.c:2198:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(text, "\tSORRY: Could not open your \"copy to\" directory.\n");
data/see-0.72/src/see.c:2204:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(text,"\tstderr redirection turned off.\n");
data/see-0.72/src/see.c:2209:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(text, "\n\tNo \"copy to\" directory defined.\n");
data/see-0.72/src/see.c:2213:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(text,"\n\t\"Tail at\" boundary: %d bytes\n",Config->tailat);
data/see-0.72/src/see.c:2216:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if (cfg->bConfirm) sprintf(text,"\n\t\"Confirm load\" turned off.\n");
data/see-0.72/src/see.c:2217:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else sprintf(text,"\n\tConfirm load is on.\n");
data/see-0.72/src/see.c:2220:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(text,"\n For more information, see under \n \"CONFIGURATION\" in the ");
data/see-0.72/src/see.c:2222:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(text,"manual page");
data/see-0.72/src/see.c:2224:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(text,".\n");
data/see-0.72/src/see.c:2286:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fin=fopen(Seefile->path,"r");
data/see-0.72/src/see.c:2321:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MPTH+16];
data/see-0.72/src/see.c:2392:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char list[27][FLESZ], newListing[FLESZ]="\0", oldListing[FLESZ]="\0";
data/see-0.72/src/see.c:2397:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fstW=fopen(Config->filelist,"w"))) {
data/see-0.72/src/server.c:22:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/see-0.72/src/server.c:133:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[TRANS_MAX];
data/see-0.72/src/server.c:158:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer," FIND ");
data/see-0.72/src/server.c:180:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[TRANS_MAX];
data/see-0.72/src/server.c:232:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[TRANS_MAX], *tok, *sec;
data/see-0.72/src/server.c:268:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char messg[256];
data/see-0.72/src/util.c:13:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *EXDline, Me[64];
data/see-0.72/src/util.c:29:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fstRO=fopen(tmp, "r")) == NULL) return -4;
data/see-0.72/src/util.c:30:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fstW=fopen(perm, "w")) == NULL) {
data/see-0.72/src/util.c:64:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int FDIN=open(source,O_RDONLY);
data/see-0.72/src/util.c:153:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fstRO = fopen(file, "r");
data/see-0.72/src/util.c:192:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[bsize];
data/see-0.72/src/util.c:221:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char copy[strlen(string)+1], *ptr, *rp; /* !never screw with a gtk const char directly... */
data/see-0.72/src/util.c:243:24: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int done, size, newfd=open(file,O_WRONLY|O_CREAT|O_EXCL,S_IREAD|S_IWRITE);
data/see-0.72/src/see.c:50:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(SDIR) > MPTH-128) {
data/see-0.72/src/see.c:61:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Config->seedata=ec_malloc(strlen(homedir)+10);
data/see-0.72/src/see.c:80:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(argv[1])>MPTH-1) {
data/see-0.72/src/see.c:88:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!cwd || (strlen(cwd) + strlen(argv[1]) > MPTH-1)) {
data/see-0.72/src/see.c:88:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!cwd || (strlen(cwd) + strlen(argv[1]) > MPTH-1)) {
data/see-0.72/src/see.c:92:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(cwd,"/");
data/see-0.72/src/see.c:101:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!cwd || (strlen(cwd) + strlen(argv[1]) > MPTH-1)) {
data/see-0.72/src/see.c:101:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!cwd || (strlen(cwd) + strlen(argv[1]) > MPTH-1)) {
data/see-0.72/src/see.c:105:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(cwd,"/");
data/see-0.72/src/see.c:128:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(optarg)>15) || (strcmp(argv[0],"seeman")!=0) || !Seefile) {
data/see-0.72/src/see.c:132:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(Seefile->sec,optarg,SECLEN);
data/see-0.72/src/see.c:133:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(Seefile->name);
data/see-0.72/src/see.c:135:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(Seefile->name,"(");
data/see-0.72/src/see.c:137:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(Seefile->name,")");
data/see-0.72/src/see.c:141:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(optarg) > MAXTERMLEN) {
data/see-0.72/src/see.c:145:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
term=ec_malloc(strlen(optarg)+1);
data/see-0.72/src/see.c:371:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Fhist[histC] = ec_malloc(strlen(line)+1);
data/see-0.72/src/see.c:381:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(term);
data/see-0.72/src/see.c:705:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strncmp(ptr,"file:///",8)!=0) || (strlen(ptr)>MPTH)) got=FALSE;
data/see-0.72/src/see.c:793:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((!(term)) || ((strlen(term))==0)) return;
data/see-0.72/src/see.c:796:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmmd=ec_malloc(strlen(term)+16);
data/see-0.72/src/see.c:806:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tfile = ec_malloc(strlen(homedir)+16);
data/see-0.72/src/see.c:823:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len=strlen(text);
data/see-0.72/src/see.c:827:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else { cmmd=ec_malloc(strlen(term)+8);
data/see-0.72/src/see.c:913:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ip = strlen(term);
data/see-0.72/src/see.c:914:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((!ip) || (ip+strlen(Config->copyto)>MPTH)) {
data/see-0.72/src/see.c:942:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ip!=strlen(ptr)) gtk_window_set_title(GTK_WINDOW (MainWindow), "Copy Incomplete!");
data/see-0.72/src/see.c:963:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lend = strlen(file);
data/see-0.72/src/see.c:995:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
total=strlen(tagline);
data/see-0.72/src/see.c:1000:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((total+=strlen(coord))>=4096) break;
data/see-0.72/src/see.c:1062:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(r->path,path,MPTH);
data/see-0.72/src/see.c:1070:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(r->name,++ptr,NAMELEN);
data/see-0.72/src/see.c:1073:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(sec);
data/see-0.72/src/see.c:1075:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(r->name,path,NAMELEN-len-2);
data/see-0.72/src/see.c:1077:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(r->name,"(");
data/see-0.72/src/see.c:1078:4: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(r->name,sec,len);
data/see-0.72/src/see.c:1079:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(r->name,")");
data/see-0.72/src/see.c:1080:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(r->sec,sec,SECLEN);
data/see-0.72/src/see.c:1083:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(r->name,path,NAMELEN-1);
data/see-0.72/src/see.c:1156:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SFsz=strlen(FileCon);
data/see-0.72/src/see.c:1233:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (i==27 || !strlen(line)) break;
data/see-0.72/src/see.c:1307:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(Seefile->name,"(");
data/see-0.72/src/see.c:1309:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(Seefile->name,")");
data/see-0.72/src/see.c:1334:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(EXDline) < 25) { /* can happen with man pages that used to exist but have been removed */
data/see-0.72/src/see.c:1370:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(file)>MPTH-1) {
data/see-0.72/src/see.c:1573:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(fname,word,4095);
data/see-0.72/src/see.c:1602:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nlen=strlen(needle), hslen=strlen(haystack), i, ii;
data/see-0.72/src/see.c:1602:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nlen=strlen(needle), hslen=strlen(haystack), i, ii;
data/see-0.72/src/see.c:1633:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nlen = strlen(lnum);
data/see-0.72/src/see.c:1697:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r->filelist = ec_malloc(strlen(SDIR)+16);
data/see-0.72/src/see.c:1701:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(homedir) <= 97) sprintf(r->sock, "%s/.seesock",homedir);
data/see-0.72/src/see.c:1704:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r->seedata = ec_malloc(strlen(homedir)+10);
data/see-0.72/src/see.c:1715:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r->txtfnt = ec_malloc(strlen(tok)+1);
data/see-0.72/src/see.c:1730:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = strlen(tok);
data/see-0.72/src/see.c:1744:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(tok) > 107) continue;
data/see-0.72/src/see.c:1747:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(r->sock,tok,107);
data/see-0.72/src/see.c:1763:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r->tbcolor=ec_malloc(strlen(tok)+1);
data/see-0.72/src/see.c:1872:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *line, tmp[strlen(homedir)+8], seeline[8192], tagline[4096], *sptr, num[7];
data/see-0.72/src/see.c:1902:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(line,sptr,strlen(sptr)) != 0) fprintf(fstW,"%s",line);
data/see-0.72/src/see.c:1974:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int slen=strlen(fthis), x=0, i, sw=0, cc=0, tmp;
data/see-0.72/src/see.c:1984:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FCend=FileCon+strlen(FileCon);
data/see-0.72/src/see.c:1991:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(title, fthis, 112);
data/see-0.72/src/see.c:2296:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SFsz=strlen(FileCon);
data/see-0.72/src/see.c:2309:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int cc=0, lc=1, lstart=0, len=strlen(FileCon);
data/see-0.72/src/see.c:2417:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newsz = strlen(newListing);
data/see-0.72/src/see.c:2418:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
oldsz = strlen(oldListing);
data/see-0.72/src/server.c:81:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((err = read(fd,&buffer[c],1))) {
data/see-0.72/src/server.c:118:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(file)) > 107) return -2;
data/see-0.72/src/server.c:161:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buffer,"\n");
data/see-0.72/src/server.c:163:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(remote,buffer,strlen(buffer));
data/see-0.72/src/server.c:223:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(mproc,buffer,strlen(buffer));
data/see-0.72/src/util.c:17:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int blen = strlen(buffer), NofL=0, i;
data/see-0.72/src/util.c:41:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len=strlen(string), i;
data/see-0.72/src/util.c:72:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(FDIN,&ch,1)!=1) break;
data/see-0.72/src/util.c:110:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else { line=ec_malloc(strlen(buffer)+1); line[0]='\0'; }
data/see-0.72/src/util.c:117:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (kb) { if (!(tmp=realloc(line,kb*1024+strlen(buffer)+1))) {
data/see-0.72/src/util.c:120:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else line=ec_malloc(strlen(buffer)+1);
data/see-0.72/src/util.c:128:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int i, len=strlen(buffer);
data/see-0.72/src/util.c:151:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len=strlen(match);
data/see-0.72/src/util.c:158:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
retline=ec_malloc(strlen(line)-len+1);
data/see-0.72/src/util.c:194:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len=strlen(buffer);
data/see-0.72/src/util.c:197:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(*line,buffer,len);
data/see-0.72/src/util.c:204:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(string);
data/see-0.72/src/util.c:221:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char copy[strlen(string)+1], *ptr, *rp; /* !never screw with a gtk const char directly... */
data/see-0.72/src/util.c:224:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rp=ec_malloc(strlen(string)+(strlen(newname)-6)+8); /* room for redirect */
data/see-0.72/src/util.c:224:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rp=ec_malloc(strlen(string)+(strlen(newname)-6)+8); /* room for redirect */
data/see-0.72/src/util.c:245:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size=strlen(buffer);
ANALYSIS SUMMARY:
Hits = 283
Lines analyzed = 3273 in approximately 0.16 seconds (20892 lines/second)
Physical Source Lines of Code (SLOC) = 2693
Hits@level = [0] 42 [1] 87 [2] 92 [3] 5 [4] 98 [5] 1
Hits@level+ = [0+] 325 [1+] 283 [2+] 196 [3+] 104 [4+] 99 [5+] 1
Hits/KSLOC@level+ = [0+] 120.683 [1+] 105.087 [2+] 72.7813 [3+] 38.6186 [4+] 36.762 [5+] 0.371333
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.