Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/sjeng-11.2/crazy.c
Examining data/sjeng-11.2/partner.c
Examining data/sjeng-11.2/epd.c
Examining data/sjeng-11.2/see.c
Examining data/sjeng-11.2/learn.c
Examining data/sjeng-11.2/leval.c
Examining data/sjeng-11.2/segtb.c
Examining data/sjeng-11.2/seval.c
Examining data/sjeng-11.2/ttable.c
Examining data/sjeng-11.2/sjeng.c
Examining data/sjeng-11.2/sjeng.h
Examining data/sjeng-11.2/book.c
Examining data/sjeng-11.2/draw.c
Examining data/sjeng-11.2/eval.c
Examining data/sjeng-11.2/moves.c
Examining data/sjeng-11.2/neval.c
Examining data/sjeng-11.2/search.c
Examining data/sjeng-11.2/squares.h
Examining data/sjeng-11.2/rcfile.c
Examining data/sjeng-11.2/utils.c
Examining data/sjeng-11.2/ecache.c
Examining data/sjeng-11.2/newbook.c
Examining data/sjeng-11.2/protos.h
Examining data/sjeng-11.2/blob2.c
Examining data/sjeng-11.2/extvars.h
Examining data/sjeng-11.2/attacks.c
Examining data/sjeng-11.2/probe.c
Examining data/sjeng-11.2/proof.c
FINAL RESULTS:
data/sjeng-11.2/partner.c:65:4: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(input+1, "%s", my_partner);
data/sjeng-11.2/proof.c:1399:8: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (PV, output);
data/sjeng-11.2/proof.c:1467:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (PV, output);
data/sjeng-11.2/segtb.c:512:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname, THREE_PIECE_FILE);
data/sjeng-11.2/segtb.c:973:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname, THREE_PIECE_FILE);
data/sjeng-11.2/sjeng.c:299:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(opening_history, output);
data/sjeng-11.2/sjeng.c:302:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(opening_history, output);
data/sjeng-11.2/sjeng.c:455:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(opening_history, input);
data/sjeng-11.2/sjeng.c:458:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(opening_history, input);
data/sjeng-11.2/utils.c:553:8: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, output);
data/sjeng-11.2/utils.c:573:12: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (str, output);
data/sjeng-11.2/book.c:62:4: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand((unsigned) time (NULL));
data/sjeng-11.2/book.c:185:4: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/sjeng-11.2/newbook.c:466:3: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/sjeng-11.2/book.c:28:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char book[4000][161];
data/sjeng-11.2/book.c:29:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char book_flags[4000][41];
data/sjeng-11.2/book.c:33:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char opening_history[STR_BUFF];
data/sjeng-11.2/book.c:66:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((f_book = fopen ("normal.opn", "r")) == NULL)
data/sjeng-11.2/book.c:71:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((f_book = fopen ("zh.opn", "r")) == NULL)
data/sjeng-11.2/book.c:76:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((f_book = fopen ("suicide.opn", "r")) == NULL)
data/sjeng-11.2/book.c:81:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((f_book = fopen ("losers.opn", "r")) == NULL)
data/sjeng-11.2/book.c:86:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((f_book = fopen ("bug.opn", "r")) == NULL)
data/sjeng-11.2/book.c:180:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char possible_move[5], coord_move[5];
data/sjeng-11.2/crazy.c:32:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char realholdings[255];
data/sjeng-11.2/epd.c:67:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
for (j = 0; j < atoi(&inbuff[i]); j++)
data/sjeng-11.2/epd.c:70:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fileoffset += atoi(&inbuff[i]);
data/sjeng-11.2/epd.c:193:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char san[STR_BUFF];
data/sjeng-11.2/epd.c:222:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char readbuff[2000];
data/sjeng-11.2/epd.c:223:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char testname[FILENAME_MAX];
data/sjeng-11.2/epd.c:224:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempbuff[2000];
data/sjeng-11.2/epd.c:240:15: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
thinktime = atol(readbuff);
data/sjeng-11.2/epd.c:245:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
testsuite = fopen(testname, "r");
data/sjeng-11.2/eval.c:305:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char p_tropism[144][144];
data/sjeng-11.2/eval.c:306:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char q_tropism[144][144];
data/sjeng-11.2/eval.c:307:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char n_tropism[144][144];
data/sjeng-11.2/eval.c:308:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char r_tropism[144][144];
data/sjeng-11.2/eval.c:309:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char b_tropism[144][144];
data/sjeng-11.2/extvars.h:24:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char divider[50];
data/sjeng-11.2/extvars.h:78:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char book[4000][161];
data/sjeng-11.2/extvars.h:82:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char opening_history[STR_BUFF];
data/sjeng-11.2/extvars.h:94:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char ponder_input[STR_BUFF];
data/sjeng-11.2/extvars.h:113:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char my_partner[STR_BUFF];
data/sjeng-11.2/extvars.h:171:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char realholdings[255];
data/sjeng-11.2/extvars.h:178:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char searching_move[20];
data/sjeng-11.2/extvars.h:180:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char setcode[30];
data/sjeng-11.2/extvars.h:187:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char EGTBDir[STR_BUFF];
data/sjeng-11.2/newbook.c:64:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[STR_BUFF];
data/sjeng-11.2/newbook.c:161:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char movebuff[STR_BUFF], sjmove[STR_BUFF];
data/sjeng-11.2/newbook.c:379:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bookname[FILENAME_MAX], kks[STR_BUFF];
data/sjeng-11.2/newbook.c:384:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pgnbook = fopen(bookname, "r");
data/sjeng-11.2/newbook.c:411:12: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
kksize = atol(kks);
data/sjeng-11.2/newbook.c:463:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output[6];
data/sjeng-11.2/partner.c:84:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char howmuch[80] = "is...uh...what did you say?\n";
data/sjeng-11.2/partner.c:167:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(howmuch, "mates");
data/sjeng-11.2/partner.c:172:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(howmuch, "is VERY good (ptell me 'x' to play normal again)");
data/sjeng-11.2/partner.c:177:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(howmuch, "is good (ptell me 'x' to play normal again)");
data/sjeng-11.2/partner.c:322:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(howmuch, "mates you (ptell me 'x' when it no longer mates you)");
data/sjeng-11.2/partner.c:327:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(howmuch, "is VERY bad (ptell me 'x' when it is no longer bad)");
data/sjeng-11.2/partner.c:332:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(howmuch, "is bad (ptell me 'x' when it is no longer bad)");
data/sjeng-11.2/probe.c:91:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char EGTBDir[STR_BUFF];
data/sjeng-11.2/proof.c:1031:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output[8];
data/sjeng-11.2/proof.c:1313:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output[8192];
data/sjeng-11.2/proof.c:1314:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char PV[8192];
data/sjeng-11.2/rcfile.c:30:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[STR_BUFF];
data/sjeng-11.2/rcfile.c:55:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((rcfile = fopen ("sjeng.rc", "r")) == NULL)
data/sjeng-11.2/rcfile.c:63:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(EGTBDir, "TB");
data/sjeng-11.2/rcfile.c:85:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(setcode, "%u", setc);
data/sjeng-11.2/rcfile.c:182:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(setcode, "%u", setc);
data/sjeng-11.2/search.c:38:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char postpv[STR_BUFF];
data/sjeng-11.2/search.c:40:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char searching_move[20];
data/sjeng-11.2/search.c:1451:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char postmove[STR_BUFF];
data/sjeng-11.2/search.c:1461:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output[8];
data/sjeng-11.2/segtb.c:487:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(!(f = fopen(TWO_PIECE_FILE, "w"))) return 0;
data/sjeng-11.2/segtb.c:506:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
signed char fname[13];
data/sjeng-11.2/segtb.c:517:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(!(f = fopen(fname,"w"))) return 0;
data/sjeng-11.2/segtb.c:950:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(!(f = fopen(TWO_PIECE_FILE, "r"))) return 0;
data/sjeng-11.2/segtb.c:967:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
signed char fname[13];
data/sjeng-11.2/segtb.c:978:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(!(f = fopen(fname,"r"))) return 0;
data/sjeng-11.2/sjeng.c:35:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char divider[50] = "-------------------------------------------------";
data/sjeng-11.2/sjeng.c:60:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char setcode[30];
data/sjeng-11.2/sjeng.c:81:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char my_partner[STR_BUFF];
data/sjeng-11.2/sjeng.c:95:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input[STR_BUFF], *p, output[STR_BUFF];
data/sjeng-11.2/sjeng.c:96:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char readbuff[STR_BUFF];
data/sjeng-11.2/sjeng.c:116:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(material, std_material, sizeof(std_material));
data/sjeng-11.2/sjeng.c:122:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((lrn_standard = fopen ("standard.lrn", "rb+")) == NULL)
data/sjeng-11.2/sjeng.c:126:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((lrn_standard = fopen ("standard.lrn", "wb+")) == NULL)
data/sjeng-11.2/sjeng.c:133:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
lrn_standard = fopen ("standard.lrn", "rb+");
data/sjeng-11.2/sjeng.c:136:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((lrn_zh = fopen ("bug.lrn", "rb+")) == NULL)
data/sjeng-11.2/sjeng.c:140:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((lrn_zh = fopen ("bug.lrn", "wb+")) == NULL)
data/sjeng-11.2/sjeng.c:147:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
lrn_zh = fopen ("bug.lrn", "rb+");
data/sjeng-11.2/sjeng.c:150:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((lrn_suicide = fopen ("suicide.lrn", "rb+")) == NULL)
data/sjeng-11.2/sjeng.c:154:26: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((lrn_suicide = fopen ("suicide.lrn", "wb+")) == NULL)
data/sjeng-11.2/sjeng.c:161:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
lrn_suicide = fopen ("suicide.lrn", "rb+");
data/sjeng-11.2/sjeng.c:164:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((lrn_losers = fopen ("losers.lrn", "rb+")) == NULL)
data/sjeng-11.2/sjeng.c:168:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((lrn_losers = fopen ("losers.lrn", "wb+")) == NULL)
data/sjeng-11.2/sjeng.c:175:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
lrn_losers = fopen ("losers.lrn", "rb+");
data/sjeng-11.2/sjeng.c:529:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(material, std_material, sizeof(std_material));
data/sjeng-11.2/sjeng.c:681:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(material, std_material, sizeof(std_material));
data/sjeng-11.2/sjeng.c:687:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(material, zh_material, sizeof(zh_material));
data/sjeng-11.2/sjeng.c:693:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(material, zh_material, sizeof(zh_material));
data/sjeng-11.2/sjeng.c:700:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(material, suicide_material, sizeof(suicide_material));
data/sjeng-11.2/sjeng.c:707:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(material, suicide_material, sizeof(suicide_material));
data/sjeng-11.2/sjeng.c:713:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(material, losers_material, sizeof(losers_material));
data/sjeng-11.2/sjeng.c:828:12: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pn_time = atol(readbuff) * 100;
data/sjeng-11.2/sjeng.c:841:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(material, std_material, sizeof(std_material));
data/sjeng-11.2/utils.c:165:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, "%c@%c%d", type_to_char[move.promoted], t_file, t_rank);
data/sjeng-11.2/utils.c:173:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, "%c%d", t_file, t_rank);
data/sjeng-11.2/utils.c:177:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, "%c%d=%c", t_file, t_rank, type_to_char[move.promoted]);
data/sjeng-11.2/utils.c:184:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, "%cx%c%d", f_file, t_file, t_rank);
data/sjeng-11.2/utils.c:188:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, "%cx%c%d=%c", f_file, t_file, t_rank,
data/sjeng-11.2/utils.c:197:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, "O-O");
data/sjeng-11.2/utils.c:201:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "O-O-O");
data/sjeng-11.2/utils.c:240:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%c%c%c%d", type_to_char[board[move.from]],
data/sjeng-11.2/utils.c:243:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%c%d%c%d", type_to_char[board[move.from]],
data/sjeng-11.2/utils.c:249:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%c%cx%c%d", type_to_char[board[move.from]],
data/sjeng-11.2/utils.c:252:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%c%dx%c%d", type_to_char[board[move.from]],
data/sjeng-11.2/utils.c:260:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%c%c%d", type_to_char[board[move.from]],
data/sjeng-11.2/utils.c:265:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%cx%c%d", type_to_char[board[move.from]],
data/sjeng-11.2/utils.c:277:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "illg");
data/sjeng-11.2/utils.c:331:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, "%c@%c%d", type_to_char[prom], t_file, t_rank);
data/sjeng-11.2/utils.c:337:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, "%c%d%c%d", f_file, f_rank, t_file, t_rank);
data/sjeng-11.2/utils.c:343:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, "%c%d%c%dn", f_file, f_rank, t_file, t_rank);
data/sjeng-11.2/utils.c:346:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, "%c%d%c%dr", f_file, f_rank, t_file, t_rank);
data/sjeng-11.2/utils.c:349:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, "%c%d%c%db", f_file, f_rank, t_file, t_rank);
data/sjeng-11.2/utils.c:353:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, "%c%d%c%dk", f_file, f_rank, t_file, t_rank);
data/sjeng-11.2/utils.c:357:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, "%c%d%c%dq", f_file, f_rank, t_file, t_rank);
data/sjeng-11.2/utils.c:369:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *piece_rep[14] = {"!!", " P", "*P", " N", "*N", " K", "*K", " R",
data/sjeng-11.2/utils.c:422:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (board, init_board, sizeof (init_board));
data/sjeng-11.2/utils.c:481:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input[STR_BUFF], *p;
data/sjeng-11.2/utils.c:493:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
depth = atoi (input);
data/sjeng-11.2/utils.c:535:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output[STR_BUFF];
data/sjeng-11.2/utils.c:554:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "> ");
data/sjeng-11.2/utils.c:564:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output[STR_BUFF];
data/sjeng-11.2/utils.c:592:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output[STR_BUFF];
data/sjeng-11.2/utils.c:593:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hashpv[STR_BUFF];
data/sjeng-11.2/utils.c:640:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output[STR_BUFF];
data/sjeng-11.2/utils.c:658:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output[STR_BUFF];
data/sjeng-11.2/utils.c:676:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output[STR_BUFF];
data/sjeng-11.2/utils.c:712:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char move[STR_BUFF];
data/sjeng-11.2/utils.c:929:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input[STR_BUFF];
data/sjeng-11.2/utils.c:938:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
depth = atoi (input);
data/sjeng-11.2/utils.c:947:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((stream = fopen (input, "w")) == NULL) {
data/sjeng-11.2/utils.c:974:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comp_move[6];
data/sjeng-11.2/utils.c:1251:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (board, init_board, sizeof (init_board));
data/sjeng-11.2/book.c:90:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = getc(f_book)) != EOF) {
data/sjeng-11.2/book.c:216:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(possible_move, book[i] + (book_ply * 4), 4);
data/sjeng-11.2/crazy.c:113:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(realholdings, str, 200);
data/sjeng-11.2/newbook.c:72:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(pgnbook);
data/sjeng-11.2/newbook.c:83:24: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while(((buff[b++] = getc(pgnbook)) != ']') && (b < STR_BUFF));
data/sjeng-11.2/newbook.c:178:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(pgnbook);
data/sjeng-11.2/newbook.c:195:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
xch = getc(pgnbook);
data/sjeng-11.2/newbook.c:213:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
xch = getc(pgnbook);
data/sjeng-11.2/newbook.c:230:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (((ch = getc(pgnbook)) != '[') && !feof(pgnbook));
data/sjeng-11.2/newbook.c:236:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
xch = getc(pgnbook);
data/sjeng-11.2/newbook.c:245:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while(((ch = getc(pgnbook)) != '.') && !feof(pgnbook));
data/sjeng-11.2/newbook.c:251:22: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (((ch = getc(pgnbook)) != '[') && !feof(pgnbook));
data/sjeng-11.2/newbook.c:265:25: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
movebuff[ms++] = getc(pgnbook);
data/sjeng-11.2/newbook.c:314:22: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (((ch = getc(pgnbook)) != '[') && !feof(pgnbook));
data/sjeng-11.2/proof.c:1400:8: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (PV, " ");
data/sjeng-11.2/proof.c:1468:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (PV, " ");
data/sjeng-11.2/segtb.c:957:27: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
table[j] = (signed char) fgetc(f);
data/sjeng-11.2/utils.c:301:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str, "#");
data/sjeng-11.2/utils.c:303:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str, "+");
data/sjeng-11.2/utils.c:552:8: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str, "<");
data/sjeng-11.2/utils.c:574:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (str, " ");
data/sjeng-11.2/utils.c:857:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = getc (stream)) != (int) '\n' && ch != EOF) {
data/sjeng-11.2/utils.c:1046:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(stdin);
data/sjeng-11.2/utils.c:1054:4: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(stdin);
data/sjeng-11.2/utils.c:1084:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(stdin);
data/sjeng-11.2/utils.c:1092:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(stdin);
data/sjeng-11.2/utils.c:1105:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(stdin);
data/sjeng-11.2/utils.c:1113:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(stdin);
data/sjeng-11.2/utils.c:1133:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(stdin);
data/sjeng-11.2/utils.c:1141:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(stdin);
ANALYSIS SUMMARY:
Hits = 174
Lines analyzed = 18035 in approximately 0.44 seconds (41390 lines/second)
Physical Source Lines of Code (SLOC) = 13313
Hits@level = [0] 333 [1] 30 [2] 130 [3] 3 [4] 11 [5] 0
Hits@level+ = [0+] 507 [1+] 174 [2+] 144 [3+] 14 [4+] 11 [5+] 0
Hits/KSLOC@level+ = [0+] 38.0831 [1+] 13.0699 [2+] 10.8165 [3+] 1.0516 [4+] 0.82626 [5+] 0
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.