Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/speedcrunch-0.12.0/src/core/book.cpp
Examining data/speedcrunch-0.12.0/src/core/book.h
Examining data/speedcrunch-0.12.0/src/core/constants.cpp
Examining data/speedcrunch-0.12.0/src/core/constants.h
Examining data/speedcrunch-0.12.0/src/core/errors.h
Examining data/speedcrunch-0.12.0/src/core/evaluator.cpp
Examining data/speedcrunch-0.12.0/src/core/evaluator.h
Examining data/speedcrunch-0.12.0/src/core/functions.cpp
Examining data/speedcrunch-0.12.0/src/core/functions.h
Examining data/speedcrunch-0.12.0/src/core/manualserver.cpp
Examining data/speedcrunch-0.12.0/src/core/manualserver.h
Examining data/speedcrunch-0.12.0/src/core/numberformatter.cpp
Examining data/speedcrunch-0.12.0/src/core/numberformatter.h
Examining data/speedcrunch-0.12.0/src/core/opcode.cpp
Examining data/speedcrunch-0.12.0/src/core/opcode.h
Examining data/speedcrunch-0.12.0/src/core/pageserver.cpp
Examining data/speedcrunch-0.12.0/src/core/pageserver.h
Examining data/speedcrunch-0.12.0/src/core/session.cpp
Examining data/speedcrunch-0.12.0/src/core/session.h
Examining data/speedcrunch-0.12.0/src/core/sessionhistory.cpp
Examining data/speedcrunch-0.12.0/src/core/sessionhistory.h
Examining data/speedcrunch-0.12.0/src/core/settings.cpp
Examining data/speedcrunch-0.12.0/src/core/settings.h
Examining data/speedcrunch-0.12.0/src/core/userfunction.cpp
Examining data/speedcrunch-0.12.0/src/core/userfunction.h
Examining data/speedcrunch-0.12.0/src/core/variable.cpp
Examining data/speedcrunch-0.12.0/src/core/variable.h
Examining data/speedcrunch-0.12.0/src/gui/aboutbox.cpp
Examining data/speedcrunch-0.12.0/src/gui/aboutbox.h
Examining data/speedcrunch-0.12.0/src/gui/bitfieldwidget.cpp
Examining data/speedcrunch-0.12.0/src/gui/bitfieldwidget.h
Examining data/speedcrunch-0.12.0/src/gui/bookdock.cpp
Examining data/speedcrunch-0.12.0/src/gui/bookdock.h
Examining data/speedcrunch-0.12.0/src/gui/constantswidget.cpp
Examining data/speedcrunch-0.12.0/src/gui/constantswidget.h
Examining data/speedcrunch-0.12.0/src/gui/editor.cpp
Examining data/speedcrunch-0.12.0/src/gui/editor.h
Examining data/speedcrunch-0.12.0/src/gui/functionswidget.cpp
Examining data/speedcrunch-0.12.0/src/gui/functionswidget.h
Examining data/speedcrunch-0.12.0/src/gui/genericdock.h
Examining data/speedcrunch-0.12.0/src/gui/historywidget.cpp
Examining data/speedcrunch-0.12.0/src/gui/historywidget.h
Examining data/speedcrunch-0.12.0/src/gui/keypad.cpp
Examining data/speedcrunch-0.12.0/src/gui/keypad.h
Examining data/speedcrunch-0.12.0/src/gui/mainwindow.cpp
Examining data/speedcrunch-0.12.0/src/gui/mainwindow.h
Examining data/speedcrunch-0.12.0/src/gui/manualwindow.cpp
Examining data/speedcrunch-0.12.0/src/gui/manualwindow.h
Examining data/speedcrunch-0.12.0/src/gui/resultdisplay.cpp
Examining data/speedcrunch-0.12.0/src/gui/resultdisplay.h
Examining data/speedcrunch-0.12.0/src/gui/syntaxhighlighter.cpp
Examining data/speedcrunch-0.12.0/src/gui/syntaxhighlighter.h
Examining data/speedcrunch-0.12.0/src/gui/userfunctionlistwidget.cpp
Examining data/speedcrunch-0.12.0/src/gui/userfunctionlistwidget.h
Examining data/speedcrunch-0.12.0/src/gui/variablelistwidget.cpp
Examining data/speedcrunch-0.12.0/src/gui/variablelistwidget.h
Examining data/speedcrunch-0.12.0/src/main.cpp
Examining data/speedcrunch-0.12.0/src/math/cmath.cpp
Examining data/speedcrunch-0.12.0/src/math/cmath.h
Examining data/speedcrunch-0.12.0/src/math/cnumberparser.cpp
Examining data/speedcrunch-0.12.0/src/math/cnumberparser.h
Examining data/speedcrunch-0.12.0/src/math/floatcommon.c
Examining data/speedcrunch-0.12.0/src/math/floatcommon.h
Examining data/speedcrunch-0.12.0/src/math/floatconfig.h
Examining data/speedcrunch-0.12.0/src/math/floatconst.c
Examining data/speedcrunch-0.12.0/src/math/floatconst.h
Examining data/speedcrunch-0.12.0/src/math/floatconvert.c
Examining data/speedcrunch-0.12.0/src/math/floatconvert.h
Examining data/speedcrunch-0.12.0/src/math/floaterf.c
Examining data/speedcrunch-0.12.0/src/math/floaterf.h
Examining data/speedcrunch-0.12.0/src/math/floatexp.c
Examining data/speedcrunch-0.12.0/src/math/floatexp.h
Examining data/speedcrunch-0.12.0/src/math/floatgamma.c
Examining data/speedcrunch-0.12.0/src/math/floatgamma.h
Examining data/speedcrunch-0.12.0/src/math/floathmath.c
Examining data/speedcrunch-0.12.0/src/math/floathmath.h
Examining data/speedcrunch-0.12.0/src/math/floatincgamma.c
Examining data/speedcrunch-0.12.0/src/math/floatincgamma.h
Examining data/speedcrunch-0.12.0/src/math/floatio.c
Examining data/speedcrunch-0.12.0/src/math/floatio.h
Examining data/speedcrunch-0.12.0/src/math/floatipower.c
Examining data/speedcrunch-0.12.0/src/math/floatipower.h
Examining data/speedcrunch-0.12.0/src/math/floatlog.c
Examining data/speedcrunch-0.12.0/src/math/floatlog.h
Examining data/speedcrunch-0.12.0/src/math/floatlogic.c
Examining data/speedcrunch-0.12.0/src/math/floatlogic.h
Examining data/speedcrunch-0.12.0/src/math/floatlong.c
Examining data/speedcrunch-0.12.0/src/math/floatlong.h
Examining data/speedcrunch-0.12.0/src/math/floatnum.c
Examining data/speedcrunch-0.12.0/src/math/floatnum.h
Examining data/speedcrunch-0.12.0/src/math/floatpower.c
Examining data/speedcrunch-0.12.0/src/math/floatpower.h
Examining data/speedcrunch-0.12.0/src/math/floatseries.c
Examining data/speedcrunch-0.12.0/src/math/floatseries.h
Examining data/speedcrunch-0.12.0/src/math/floattrig.c
Examining data/speedcrunch-0.12.0/src/math/floattrig.h
Examining data/speedcrunch-0.12.0/src/math/hmath.cpp
Examining data/speedcrunch-0.12.0/src/math/hmath.h
Examining data/speedcrunch-0.12.0/src/math/number.c
Examining data/speedcrunch-0.12.0/src/math/number.h
Examining data/speedcrunch-0.12.0/src/math/quantity.cpp
Examining data/speedcrunch-0.12.0/src/math/quantity.h
Examining data/speedcrunch-0.12.0/src/math/rational.cpp
Examining data/speedcrunch-0.12.0/src/math/rational.h
Examining data/speedcrunch-0.12.0/src/math/units.cpp
Examining data/speedcrunch-0.12.0/src/math/units.h
Examining data/speedcrunch-0.12.0/src/tests/testcmath.cpp
Examining data/speedcrunch-0.12.0/src/tests/testcommon.h
Examining data/speedcrunch-0.12.0/src/tests/testdmath.cpp
Examining data/speedcrunch-0.12.0/src/tests/testevaluator.cpp
Examining data/speedcrunch-0.12.0/src/tests/testfloatnum.c
Examining data/speedcrunch-0.12.0/src/tests/testhmath.cpp
Examining data/speedcrunch-0.12.0/src/tests/testser.cpp
FINAL RESULTS:
data/speedcrunch-0.12.0/src/math/floatio.c:85:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dest->buf, src);
data/speedcrunch-0.12.0/src/math/floatio.c:894:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, token);
data/speedcrunch-0.12.0/src/math/floatio.c:1038:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, expBuf.buf);
data/speedcrunch-0.12.0/src/core/evaluator.cpp:706:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char s_digitMap[DIGIT_MAP_COUNT] = {0};
data/speedcrunch-0.12.0/src/core/evaluator.cpp:1021:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
debugFile.open(QIODevice::WriteOnly);
data/speedcrunch-0.12.0/src/gui/mainwindow.cpp:1142:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QIODevice::WriteOnly)) {
data/speedcrunch-0.12.0/src/gui/mainwindow.cpp:1345:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QIODevice::ReadOnly)) {
data/speedcrunch-0.12.0/src/gui/mainwindow.cpp:1390:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QIODevice::WriteOnly)) {
data/speedcrunch-0.12.0/src/gui/mainwindow.cpp:1411:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QIODevice::ReadOnly)) {
data/speedcrunch-0.12.0/src/gui/mainwindow.cpp:1590:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QIODevice::WriteOnly)) {
data/speedcrunch-0.12.0/src/gui/mainwindow.cpp:1611:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QIODevice::WriteOnly)) {
data/speedcrunch-0.12.0/src/gui/mainwindow.cpp:2089:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QIODevice::ReadOnly))
data/speedcrunch-0.12.0/src/gui/syntaxhighlighter.cpp:124:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QIODevice::ReadOnly))
data/speedcrunch-0.12.0/src/math/floatcommon.c:206:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LOGMSB+1];
data/speedcrunch-0.12.0/src/math/floatconvert.c:282:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[DECPRECISION];
data/speedcrunch-0.12.0/src/math/floatio.c:546:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[BITS_IN_EXP + 3];
data/speedcrunch-0.12.0/src/math/floatio.c:915:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cbuf[2];
data/speedcrunch-0.12.0/src/math/floatio.c:926:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char exp[BITS_IN_BINEXP+2];
data/speedcrunch-0.12.0/src/math/floatnum.c:291:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(f->value, "NaN", 4);
data/speedcrunch-0.12.0/src/math/floatnum.c:611:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b[42]; /* supports exponents encoded in up to 128 bits */
data/speedcrunch-0.12.0/src/math/floatnum.c:619:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, "NaN\0", 4);
data/speedcrunch-0.12.0/src/math/floatnum.c:637:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(b, "%d", float_getexponent(f));
data/speedcrunch-0.12.0/src/math/floatnum.c:659:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf+mlg+1, b, explg);
data/speedcrunch-0.12.0/src/math/floatnum.c:949:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BITS_IN_UNSIGNED/3 + 3];
data/speedcrunch-0.12.0/src/math/floatnum.c:951:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d", value);
data/speedcrunch-0.12.0/src/math/floatnum.c:999:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mant->n_value, _valueof(source), scale+1);
data/speedcrunch-0.12.0/src/math/floatnum.h:56:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[110];
data/speedcrunch-0.12.0/src/math/hmath.cpp:739:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char intbuf[BINPRECISION+1];
data/speedcrunch-0.12.0/src/math/hmath.cpp:740:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fracbuf[BINPRECISION+1];
data/speedcrunch-0.12.0/src/math/number.c:931:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (result, num, size);
data/speedcrunch-0.12.0/src/math/number.c:983:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (qval->n_value, n1->n_value,
data/speedcrunch-0.12.0/src/math/number.c:1006:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (num1+1, n1->n_value, n1->n_len+n1->n_scale);
data/speedcrunch-0.12.0/src/math/number.c:1011:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (num2, n2->n_value, len2);
data/speedcrunch-0.12.0/src/math/number.c:1464:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char digits[40];
data/speedcrunch-0.12.0/src/math/number.c:1468:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (digits, "%ld", val);
data/speedcrunch-0.12.0/src/math/number.c:1644:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[30];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:131:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[30];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:141:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, significand, lg);
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:142:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf + lg, "%d", float_getrange());
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:150:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, significand, lg);
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:151:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf+lg, "%d", -float_getrange()-1);
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:743:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[30];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:826:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[30];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:1178:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char r[30];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:1179:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[30];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:1201:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(r, result, lg+1);
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:1203:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(r + lg, "%d", exp);
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:1291:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char v[40];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:1292:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[30];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:1307:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(v+1, value, sz);
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:1383:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[30];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:1420:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:1421:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char r[50];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:1424:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(r, "%d", value);
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:1631:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[60];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:1715:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:1765:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:1931:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[30];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:1967:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nmb[30];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:1968:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nmb2[30];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:2057:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[30];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:2093:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nmb[30];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:2139:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[30];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:2175:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nmb[30];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:2176:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nmb2[30];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:2237:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[30];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:2274:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nmb[30];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:2275:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nmb2[30];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:2340:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[30];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:2373:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[30];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:2480:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nmb1[30];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:2481:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nmb2[30];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:2581:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:2651:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:2733:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:2814:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:2882:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:2950:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:3043:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:3165:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:3316:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:3378:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:3440:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:3536:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:3626:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:3694:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:3771:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:3847:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:3918:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:4099:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:4185:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:4251:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:4330:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:4400:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:4462:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:4532:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:4602:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:4686:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:4771:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:4841:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:4911:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:4981:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:5115:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:5277:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:5516:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:5573:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:5945:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char intbuf[150];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:5946:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fracbuf[150];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:5947:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[350];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:6280:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:6348:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:6436:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/speedcrunch-0.12.0/src/math/floatio.c:82:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (dest->sz < (int)strlen(src) + 1)
data/speedcrunch-0.12.0/src/math/floatio.c:101:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lg = strlen(pattern);
data/speedcrunch-0.12.0/src/math/floatio.c:935:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fraclg = strlen(tokens->fracpart.buf) - 1;
data/speedcrunch-0.12.0/src/math/floatio.c:995:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sz += strlen(basetag);
data/speedcrunch-0.12.0/src/math/floatio.c:997:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sz += strlen(cmpltag);
data/speedcrunch-0.12.0/src/math/floatio.c:1001:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sz += strlen(tokens->intpart.buf);
data/speedcrunch-0.12.0/src/math/floatio.c:1013:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sz += strlen(expbasetag);
data/speedcrunch-0.12.0/src/math/floatio.c:1014:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sz += strlen(expBuf.buf);
data/speedcrunch-0.12.0/src/math/floatio.c:1030:7: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(buf, tokens->fracpart.buf, fraclg);
data/speedcrunch-0.12.0/src/math/floatnum.c:638:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
explg = strlen(b);
data/speedcrunch-0.12.0/src/math/floatnum.c:694:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bufsz = strlen(buf);
data/speedcrunch-0.12.0/src/math/floatnum.c:817:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bufsz = strlen(buf);
data/speedcrunch-0.12.0/src/math/number.c:1469:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (digits);
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:116:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lg = strlen(s);
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:140:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lg = strlen(significand);
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:149:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lg = strlen(significand);
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:759:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lg = strlen(result);
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:771:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lg = strlen(result);
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:1131:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lg = strlen(value);
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:1189:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lg = strlen(result);
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:1204:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lg = strlen(r);
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:1305:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sz = strlen(value);
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:1398:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
++buf[strlen(buf)-1];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:1411:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
++buf[strlen(buf)-1];
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:1947:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lg = strlen(result);
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:1950:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& lg == strlen(buf)
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:2073:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lg = strlen(result);
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:2076:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& lg == strlen(buf)
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:2155:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lg = strlen(result);
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:2158:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& lg == strlen(buf)
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:2254:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lg = strlen(result);
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:2257:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& lg == strlen(buf)
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:2349:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lg = strlen(result);
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:2350:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(buf) == lg && memcmp(buf, result, lg) == 0? TRUE : FALSE;
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:2380:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lg = strlen(result);
data/speedcrunch-0.12.0/src/tests/testfloatnum.c:2382:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (lg == strlen(buf) && memcmp(buf, result, lg) == 0);
ANALYSIS SUMMARY:
Hits = 148
Lines analyzed = 43304 in approximately 1.18 seconds (36736 lines/second)
Physical Source Lines of Code (SLOC) = 32322
Hits@level = [0] 488 [1] 36 [2] 109 [3] 0 [4] 3 [5] 0
Hits@level+ = [0+] 636 [1+] 148 [2+] 112 [3+] 3 [4+] 3 [5+] 0
Hits/KSLOC@level+ = [0+] 19.677 [1+] 4.57892 [2+] 3.46513 [3+] 0.092816 [4+] 0.092816 [5+] 0
Dot directories skipped = 4 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.