Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/srecord-1.64/srec_cat/arglex3.cc
Examining data/srecord-1.64/srec_cat/arglex3.h
Examining data/srecord-1.64/srec_cat/main.cc
Examining data/srecord-1.64/srec_cmp/main.cc
Examining data/srecord-1.64/srec_info/main.cc
Examining data/srecord-1.64/srecord/adler16.cc
Examining data/srecord-1.64/srecord/adler16.h
Examining data/srecord-1.64/srecord/adler32.cc
Examining data/srecord-1.64/srecord/adler32.h
Examining data/srecord-1.64/srecord/arglex.cc
Examining data/srecord-1.64/srecord/arglex.h
Examining data/srecord-1.64/srecord/arglex/abbreviate.cc
Examining data/srecord-1.64/srecord/arglex/test_ambiguous.cc
Examining data/srecord-1.64/srecord/arglex/tool.cc
Examining data/srecord-1.64/srecord/arglex/tool.h
Examining data/srecord-1.64/srecord/arglex/tool/get_interval.cc
Examining data/srecord-1.64/srecord/arglex/tool/get_interval_small.cc
Examining data/srecord-1.64/srecord/arglex/tool/get_number.cc
Examining data/srecord-1.64/srecord/arglex/tool/get_string.cc
Examining data/srecord-1.64/srecord/arglex/tool/input.cc
Examining data/srecord-1.64/srecord/arglex/tool/output.cc
Examining data/srecord-1.64/srecord/bitrev.cc
Examining data/srecord-1.64/srecord/bitrev.h
Examining data/srecord-1.64/srecord/config.messy.h
Examining data/srecord-1.64/srecord/crc16.cc
Examining data/srecord-1.64/srecord/crc16.h
Examining data/srecord-1.64/srecord/crc32.cc
Examining data/srecord-1.64/srecord/crc32.h
Examining data/srecord-1.64/srecord/defcon.cc
Examining data/srecord-1.64/srecord/defcon.h
Examining data/srecord-1.64/srecord/endian.cc
Examining data/srecord-1.64/srecord/endian.h
Examining data/srecord-1.64/srecord/endian/decode_word.cc
Examining data/srecord-1.64/srecord/fletcher16.cc
Examining data/srecord-1.64/srecord/fletcher16.h
Examining data/srecord-1.64/srecord/fletcher32.cc
Examining data/srecord-1.64/srecord/fletcher32.h
Examining data/srecord-1.64/srecord/format_printf.h
Examining data/srecord-1.64/srecord/input.cc
Examining data/srecord-1.64/srecord/input.h
Examining data/srecord-1.64/srecord/input/catenate.cc
Examining data/srecord-1.64/srecord/input/catenate.h
Examining data/srecord-1.64/srecord/input/file.cc
Examining data/srecord-1.64/srecord/input/file.h
Examining data/srecord-1.64/srecord/input/file/aomf.cc
Examining data/srecord-1.64/srecord/input/file/aomf.h
Examining data/srecord-1.64/srecord/input/file/ascii_hex.cc
Examining data/srecord-1.64/srecord/input/file/ascii_hex.h
Examining data/srecord-1.64/srecord/input/file/atmel_generic.cc
Examining data/srecord-1.64/srecord/input/file/atmel_generic.h
Examining data/srecord-1.64/srecord/input/file/binary.cc
Examining data/srecord-1.64/srecord/input/file/binary.h
Examining data/srecord-1.64/srecord/input/file/brecord.cc
Examining data/srecord-1.64/srecord/input/file/brecord.h
Examining data/srecord-1.64/srecord/input/file/cosmac.cc
Examining data/srecord-1.64/srecord/input/file/cosmac.h
Examining data/srecord-1.64/srecord/input/file/dec_binary.cc
Examining data/srecord-1.64/srecord/input/file/dec_binary.h
Examining data/srecord-1.64/srecord/input/file/emon52.cc
Examining data/srecord-1.64/srecord/input/file/emon52.h
Examining data/srecord-1.64/srecord/input/file/fairchild.cc
Examining data/srecord-1.64/srecord/input/file/fairchild.h
Examining data/srecord-1.64/srecord/input/file/fastload.cc
Examining data/srecord-1.64/srecord/input/file/fastload.h
Examining data/srecord-1.64/srecord/input/file/formatted_binary.cc
Examining data/srecord-1.64/srecord/input/file/formatted_binary.h
Examining data/srecord-1.64/srecord/input/file/four_packed_code.cc
Examining data/srecord-1.64/srecord/input/file/four_packed_code.h
Examining data/srecord-1.64/srecord/input/file/guess.cc
Examining data/srecord-1.64/srecord/input/file/hexdump.cc
Examining data/srecord-1.64/srecord/input/file/hexdump.h
Examining data/srecord-1.64/srecord/input/file/idt.cc
Examining data/srecord-1.64/srecord/input/file/idt.h
Examining data/srecord-1.64/srecord/input/file/intel.cc
Examining data/srecord-1.64/srecord/input/file/intel.h
Examining data/srecord-1.64/srecord/input/file/intel16.cc
Examining data/srecord-1.64/srecord/input/file/intel16.h
Examining data/srecord-1.64/srecord/input/file/logisim.cc
Examining data/srecord-1.64/srecord/input/file/logisim.h
Examining data/srecord-1.64/srecord/input/file/mif.cc
Examining data/srecord-1.64/srecord/input/file/mif.h
Examining data/srecord-1.64/srecord/input/file/mips_flash.cc
Examining data/srecord-1.64/srecord/input/file/mips_flash.h
Examining data/srecord-1.64/srecord/input/file/mos_tech.cc
Examining data/srecord-1.64/srecord/input/file/mos_tech.h
Examining data/srecord-1.64/srecord/input/file/motorola.cc
Examining data/srecord-1.64/srecord/input/file/motorola.h
Examining data/srecord-1.64/srecord/input/file/msbin.cc
Examining data/srecord-1.64/srecord/input/file/msbin.h
Examining data/srecord-1.64/srecord/input/file/needham.cc
Examining data/srecord-1.64/srecord/input/file/needham.h
Examining data/srecord-1.64/srecord/input/file/os65v.cc
Examining data/srecord-1.64/srecord/input/file/os65v.h
Examining data/srecord-1.64/srecord/input/file/ppb.cc
Examining data/srecord-1.64/srecord/input/file/ppb.h
Examining data/srecord-1.64/srecord/input/file/ppx.cc
Examining data/srecord-1.64/srecord/input/file/ppx.h
Examining data/srecord-1.64/srecord/input/file/signetics.cc
Examining data/srecord-1.64/srecord/input/file/signetics.h
Examining data/srecord-1.64/srecord/input/file/spasm.cc
Examining data/srecord-1.64/srecord/input/file/spasm.h
Examining data/srecord-1.64/srecord/input/file/spectrum.cc
Examining data/srecord-1.64/srecord/input/file/spectrum.h
Examining data/srecord-1.64/srecord/input/file/stewie.cc
Examining data/srecord-1.64/srecord/input/file/stewie.h
Examining data/srecord-1.64/srecord/input/file/tektronix.cc
Examining data/srecord-1.64/srecord/input/file/tektronix.h
Examining data/srecord-1.64/srecord/input/file/tektronix_extended.cc
Examining data/srecord-1.64/srecord/input/file/tektronix_extended.h
Examining data/srecord-1.64/srecord/input/file/ti_tagged.cc
Examining data/srecord-1.64/srecord/input/file/ti_tagged.h
Examining data/srecord-1.64/srecord/input/file/ti_tagged_16.cc
Examining data/srecord-1.64/srecord/input/file/ti_tagged_16.h
Examining data/srecord-1.64/srecord/input/file/ti_txt.cc
Examining data/srecord-1.64/srecord/input/file/ti_txt.h
Examining data/srecord-1.64/srecord/input/file/trs80.cc
Examining data/srecord-1.64/srecord/input/file/trs80.h
Examining data/srecord-1.64/srecord/input/file/vmem.cc
Examining data/srecord-1.64/srecord/input/file/vmem.h
Examining data/srecord-1.64/srecord/input/file/wilson.cc
Examining data/srecord-1.64/srecord/input/file/wilson.h
Examining data/srecord-1.64/srecord/input/filter.cc
Examining data/srecord-1.64/srecord/input/filter.h
Examining data/srecord-1.64/srecord/input/filter/and.cc
Examining data/srecord-1.64/srecord/input/filter/and.h
Examining data/srecord-1.64/srecord/input/filter/bitrev.cc
Examining data/srecord-1.64/srecord/input/filter/bitrev.h
Examining data/srecord-1.64/srecord/input/filter/byte_swap.cc
Examining data/srecord-1.64/srecord/input/filter/byte_swap.h
Examining data/srecord-1.64/srecord/input/filter/checksum.cc
Examining data/srecord-1.64/srecord/input/filter/checksum.h
Examining data/srecord-1.64/srecord/input/filter/checksum/bitnot.cc
Examining data/srecord-1.64/srecord/input/filter/checksum/bitnot.h
Examining data/srecord-1.64/srecord/input/filter/checksum/negative.cc
Examining data/srecord-1.64/srecord/input/filter/checksum/negative.h
Examining data/srecord-1.64/srecord/input/filter/checksum/positive.cc
Examining data/srecord-1.64/srecord/input/filter/checksum/positive.h
Examining data/srecord-1.64/srecord/input/filter/crop.cc
Examining data/srecord-1.64/srecord/input/filter/crop.h
Examining data/srecord-1.64/srecord/input/filter/fill.cc
Examining data/srecord-1.64/srecord/input/filter/fill.h
Examining data/srecord-1.64/srecord/input/filter/interval.cc
Examining data/srecord-1.64/srecord/input/filter/interval.h
Examining data/srecord-1.64/srecord/input/filter/interval/length.cc
Examining data/srecord-1.64/srecord/input/filter/interval/length.h
Examining data/srecord-1.64/srecord/input/filter/interval/maximum.cc
Examining data/srecord-1.64/srecord/input/filter/interval/maximum.h
Examining data/srecord-1.64/srecord/input/filter/interval/minimum.cc
Examining data/srecord-1.64/srecord/input/filter/interval/minimum.h
Examining data/srecord-1.64/srecord/input/filter/message.cc
Examining data/srecord-1.64/srecord/input/filter/message.h
Examining data/srecord-1.64/srecord/input/filter/message/adler16.cc
Examining data/srecord-1.64/srecord/input/filter/message/adler16.h
Examining data/srecord-1.64/srecord/input/filter/message/adler32.cc
Examining data/srecord-1.64/srecord/input/filter/message/adler32.h
Examining data/srecord-1.64/srecord/input/filter/message/crc16.cc
Examining data/srecord-1.64/srecord/input/filter/message/crc16.h
Examining data/srecord-1.64/srecord/input/filter/message/crc32.cc
Examining data/srecord-1.64/srecord/input/filter/message/crc32.h
Examining data/srecord-1.64/srecord/input/filter/message/fletcher16.cc
Examining data/srecord-1.64/srecord/input/filter/message/fletcher16.h
Examining data/srecord-1.64/srecord/input/filter/message/fletcher32.cc
Examining data/srecord-1.64/srecord/input/filter/message/fletcher32.h
Examining data/srecord-1.64/srecord/input/filter/message/gcrypt.cc
Examining data/srecord-1.64/srecord/input/filter/message/gcrypt.h
Examining data/srecord-1.64/srecord/input/filter/message/stm32.cc
Examining data/srecord-1.64/srecord/input/filter/message/stm32.h
Examining data/srecord-1.64/srecord/input/filter/not.cc
Examining data/srecord-1.64/srecord/input/filter/not.h
Examining data/srecord-1.64/srecord/input/filter/offset.cc
Examining data/srecord-1.64/srecord/input/filter/offset.h
Examining data/srecord-1.64/srecord/input/filter/or.cc
Examining data/srecord-1.64/srecord/input/filter/or.h
Examining data/srecord-1.64/srecord/input/filter/random_fill.cc
Examining data/srecord-1.64/srecord/input/filter/random_fill.h
Examining data/srecord-1.64/srecord/input/filter/sequence.cc
Examining data/srecord-1.64/srecord/input/filter/sequence.h
Examining data/srecord-1.64/srecord/input/filter/split.cc
Examining data/srecord-1.64/srecord/input/filter/split.h
Examining data/srecord-1.64/srecord/input/filter/unfill.cc
Examining data/srecord-1.64/srecord/input/filter/unfill.h
Examining data/srecord-1.64/srecord/input/filter/unsplit.cc
Examining data/srecord-1.64/srecord/input/filter/unsplit.h
Examining data/srecord-1.64/srecord/input/filter/xor.cc
Examining data/srecord-1.64/srecord/input/filter/xor.h
Examining data/srecord-1.64/srecord/input/generator.cc
Examining data/srecord-1.64/srecord/input/generator.h
Examining data/srecord-1.64/srecord/input/generator/constant.cc
Examining data/srecord-1.64/srecord/input/generator/constant.h
Examining data/srecord-1.64/srecord/input/generator/random.cc
Examining data/srecord-1.64/srecord/input/generator/random.h
Examining data/srecord-1.64/srecord/input/generator/repeat.cc
Examining data/srecord-1.64/srecord/input/generator/repeat.h
Examining data/srecord-1.64/srecord/input/interval.cc
Examining data/srecord-1.64/srecord/input/interval.h
Examining data/srecord-1.64/srecord/interval.cc
Examining data/srecord-1.64/srecord/interval.h
Examining data/srecord-1.64/srecord/interval/coverage.cc
Examining data/srecord-1.64/srecord/interval/flatten.cc
Examining data/srecord-1.64/srecord/memory.cc
Examining data/srecord-1.64/srecord/memory.h
Examining data/srecord-1.64/srecord/memory/chunk.cc
Examining data/srecord-1.64/srecord/memory/chunk.h
Examining data/srecord-1.64/srecord/memory/walker.cc
Examining data/srecord-1.64/srecord/memory/walker.h
Examining data/srecord-1.64/srecord/memory/walker/adler16.cc
Examining data/srecord-1.64/srecord/memory/walker/adler16.h
Examining data/srecord-1.64/srecord/memory/walker/adler32.cc
Examining data/srecord-1.64/srecord/memory/walker/adler32.h
Examining data/srecord-1.64/srecord/memory/walker/alignment.cc
Examining data/srecord-1.64/srecord/memory/walker/alignment.h
Examining data/srecord-1.64/srecord/memory/walker/compare.cc
Examining data/srecord-1.64/srecord/memory/walker/compare.h
Examining data/srecord-1.64/srecord/memory/walker/continuity.cc
Examining data/srecord-1.64/srecord/memory/walker/continuity.h
Examining data/srecord-1.64/srecord/memory/walker/crc16.cc
Examining data/srecord-1.64/srecord/memory/walker/crc16.h
Examining data/srecord-1.64/srecord/memory/walker/crc32.cc
Examining data/srecord-1.64/srecord/memory/walker/crc32.h
Examining data/srecord-1.64/srecord/memory/walker/fletcher16.cc
Examining data/srecord-1.64/srecord/memory/walker/fletcher16.h
Examining data/srecord-1.64/srecord/memory/walker/fletcher32.cc
Examining data/srecord-1.64/srecord/memory/walker/fletcher32.h
Examining data/srecord-1.64/srecord/memory/walker/gcrypt.cc
Examining data/srecord-1.64/srecord/memory/walker/gcrypt.h
Examining data/srecord-1.64/srecord/memory/walker/stm32.cc
Examining data/srecord-1.64/srecord/memory/walker/stm32.h
Examining data/srecord-1.64/srecord/memory/walker/writer.cc
Examining data/srecord-1.64/srecord/memory/walker/writer.h
Examining data/srecord-1.64/srecord/output.cc
Examining data/srecord-1.64/srecord/output.h
Examining data/srecord-1.64/srecord/output/file.cc
Examining data/srecord-1.64/srecord/output/file.h
Examining data/srecord-1.64/srecord/output/file/aomf.cc
Examining data/srecord-1.64/srecord/output/file/aomf.h
Examining data/srecord-1.64/srecord/output/file/ascii_hex.cc
Examining data/srecord-1.64/srecord/output/file/ascii_hex.h
Examining data/srecord-1.64/srecord/output/file/asm.cc
Examining data/srecord-1.64/srecord/output/file/asm.h
Examining data/srecord-1.64/srecord/output/file/atmel_generic.cc
Examining data/srecord-1.64/srecord/output/file/atmel_generic.h
Examining data/srecord-1.64/srecord/output/file/basic.cc
Examining data/srecord-1.64/srecord/output/file/basic.h
Examining data/srecord-1.64/srecord/output/file/binary.cc
Examining data/srecord-1.64/srecord/output/file/binary.h
Examining data/srecord-1.64/srecord/output/file/brecord.cc
Examining data/srecord-1.64/srecord/output/file/brecord.h
Examining data/srecord-1.64/srecord/output/file/c.cc
Examining data/srecord-1.64/srecord/output/file/c.h
Examining data/srecord-1.64/srecord/output/file/coe.cc
Examining data/srecord-1.64/srecord/output/file/coe.h
Examining data/srecord-1.64/srecord/output/file/cosmac.cc
Examining data/srecord-1.64/srecord/output/file/cosmac.h
Examining data/srecord-1.64/srecord/output/file/dec_binary.cc
Examining data/srecord-1.64/srecord/output/file/dec_binary.h
Examining data/srecord-1.64/srecord/output/file/emon52.cc
Examining data/srecord-1.64/srecord/output/file/emon52.h
Examining data/srecord-1.64/srecord/output/file/fairchild.cc
Examining data/srecord-1.64/srecord/output/file/fairchild.h
Examining data/srecord-1.64/srecord/output/file/fastload.cc
Examining data/srecord-1.64/srecord/output/file/fastload.h
Examining data/srecord-1.64/srecord/output/file/formatted_binary.cc
Examining data/srecord-1.64/srecord/output/file/formatted_binary.h
Examining data/srecord-1.64/srecord/output/file/forth.cc
Examining data/srecord-1.64/srecord/output/file/forth.h
Examining data/srecord-1.64/srecord/output/file/four_packed_code.cc
Examining data/srecord-1.64/srecord/output/file/four_packed_code.h
Examining data/srecord-1.64/srecord/output/file/hexdump.cc
Examining data/srecord-1.64/srecord/output/file/hexdump.h
Examining data/srecord-1.64/srecord/output/file/idt.cc
Examining data/srecord-1.64/srecord/output/file/idt.h
Examining data/srecord-1.64/srecord/output/file/intel.cc
Examining data/srecord-1.64/srecord/output/file/intel.h
Examining data/srecord-1.64/srecord/output/file/intel16.cc
Examining data/srecord-1.64/srecord/output/file/intel16.h
Examining data/srecord-1.64/srecord/output/file/line_termination.cc
Examining data/srecord-1.64/srecord/output/file/logisim.cc
Examining data/srecord-1.64/srecord/output/file/logisim.h
Examining data/srecord-1.64/srecord/output/file/mem.cc
Examining data/srecord-1.64/srecord/output/file/mem.h
Examining data/srecord-1.64/srecord/output/file/mif.cc
Examining data/srecord-1.64/srecord/output/file/mif.h
Examining data/srecord-1.64/srecord/output/file/mips_flash.cc
Examining data/srecord-1.64/srecord/output/file/mips_flash.h
Examining data/srecord-1.64/srecord/output/file/mos_tech.cc
Examining data/srecord-1.64/srecord/output/file/mos_tech.h
Examining data/srecord-1.64/srecord/output/file/motorola.cc
Examining data/srecord-1.64/srecord/output/file/motorola.h
Examining data/srecord-1.64/srecord/output/file/msbin.cc
Examining data/srecord-1.64/srecord/output/file/msbin.h
Examining data/srecord-1.64/srecord/output/file/needham.cc
Examining data/srecord-1.64/srecord/output/file/needham.h
Examining data/srecord-1.64/srecord/output/file/os65v.cc
Examining data/srecord-1.64/srecord/output/file/os65v.h
Examining data/srecord-1.64/srecord/output/file/ppb.cc
Examining data/srecord-1.64/srecord/output/file/ppb.h
Examining data/srecord-1.64/srecord/output/file/ppx.cc
Examining data/srecord-1.64/srecord/output/file/ppx.h
Examining data/srecord-1.64/srecord/output/file/signetics.cc
Examining data/srecord-1.64/srecord/output/file/signetics.h
Examining data/srecord-1.64/srecord/output/file/spasm.cc
Examining data/srecord-1.64/srecord/output/file/spasm.h
Examining data/srecord-1.64/srecord/output/file/spectrum.cc
Examining data/srecord-1.64/srecord/output/file/spectrum.h
Examining data/srecord-1.64/srecord/output/file/stewie.cc
Examining data/srecord-1.64/srecord/output/file/stewie.h
Examining data/srecord-1.64/srecord/output/file/tektronix.cc
Examining data/srecord-1.64/srecord/output/file/tektronix.h
Examining data/srecord-1.64/srecord/output/file/tektronix_extended.cc
Examining data/srecord-1.64/srecord/output/file/tektronix_extended.h
Examining data/srecord-1.64/srecord/output/file/ti_tagged.cc
Examining data/srecord-1.64/srecord/output/file/ti_tagged.h
Examining data/srecord-1.64/srecord/output/file/ti_tagged_16.cc
Examining data/srecord-1.64/srecord/output/file/ti_tagged_16.h
Examining data/srecord-1.64/srecord/output/file/ti_txt.cc
Examining data/srecord-1.64/srecord/output/file/ti_txt.h
Examining data/srecord-1.64/srecord/output/file/trs80.cc
Examining data/srecord-1.64/srecord/output/file/trs80.h
Examining data/srecord-1.64/srecord/output/file/vhdl.cc
Examining data/srecord-1.64/srecord/output/file/vhdl.h
Examining data/srecord-1.64/srecord/output/file/vmem.cc
Examining data/srecord-1.64/srecord/output/file/vmem.h
Examining data/srecord-1.64/srecord/output/file/wilson.cc
Examining data/srecord-1.64/srecord/output/file/wilson.h
Examining data/srecord-1.64/srecord/output/filter.cc
Examining data/srecord-1.64/srecord/output/filter.h
Examining data/srecord-1.64/srecord/output/filter/reblock.cc
Examining data/srecord-1.64/srecord/output/filter/reblock.h
Examining data/srecord-1.64/srecord/patchlevel.h
Examining data/srecord-1.64/srecord/pretty_size.cc
Examining data/srecord-1.64/srecord/pretty_size.h
Examining data/srecord-1.64/srecord/progname.cc
Examining data/srecord-1.64/srecord/progname.h
Examining data/srecord-1.64/srecord/quit.cc
Examining data/srecord-1.64/srecord/quit.h
Examining data/srecord-1.64/srecord/quit/exception.cc
Examining data/srecord-1.64/srecord/quit/exception.h
Examining data/srecord-1.64/srecord/quit/normal.cc
Examining data/srecord-1.64/srecord/quit/normal.h
Examining data/srecord-1.64/srecord/quit/prefix.cc
Examining data/srecord-1.64/srecord/quit/prefix.h
Examining data/srecord-1.64/srecord/r250.cc
Examining data/srecord-1.64/srecord/r250.h
Examining data/srecord-1.64/srecord/record.cc
Examining data/srecord-1.64/srecord/record.h
Examining data/srecord-1.64/srecord/sizeof.h
Examining data/srecord-1.64/srecord/srecord.h
Examining data/srecord-1.64/srecord/stm32.cc
Examining data/srecord-1.64/srecord/stm32.h
Examining data/srecord-1.64/srecord/string.h
Examining data/srecord-1.64/srecord/string/quote_c.cc
Examining data/srecord-1.64/srecord/string/url_decode.cc
Examining data/srecord-1.64/srecord/string/url_encode.cc
Examining data/srecord-1.64/srecord/versn_stamp.cc
Examining data/srecord-1.64/srecord/versn_stamp.h
Examining data/srecord-1.64/srecord/vsnprintf.cc
Examining data/srecord-1.64/test/arglex_ambiguous/main.cc
Examining data/srecord-1.64/test/crc16/main.cc
Examining data/srecord-1.64/test/fletcher16/main.cc
Examining data/srecord-1.64/test/gecos/main.cc
Examining data/srecord-1.64/test/hyphen/main.cc
Examining data/srecord-1.64/test/url_decode/main.cc
FINAL RESULTS:
data/srecord-1.64/srecord/arglex.cc:670:5: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(cmd[0], (char *const *)cmd);
data/srecord-1.64/srecord/config.messy.h:57:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/srecord-1.64/srecord/config.messy.h:57:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/srecord-1.64/srecord/config.messy.h:58:9: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define vsnprintf _vsnprintf
data/srecord-1.64/srecord/format_printf.h:24:55: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define FORMAT_PRINTF(x, y) __attribute__((__format__(printf, x, y)))
data/srecord-1.64/srecord/output.cc:55:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buf, sizeof(buf), fmt, ap);
data/srecord-1.64/srecord/output.cc:77:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buf, sizeof(buf), fmt, ap);
data/srecord-1.64/srecord/output.cc:105:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buf, sizeof(buf), fmt, ap);
data/srecord-1.64/srecord/output/file.cc:357:5: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(buffer, fmt, ap);
data/srecord-1.64/srecord/quit.cc:82:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buf, sizeof(buf), fmt, ap);
data/srecord-1.64/srecord/quit.cc:101:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buf, sizeof(buf), fmt, ap);
data/srecord-1.64/srecord/quit/normal.cc:52:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buf + len, sizeof(buf) - len, fmt, ap);
data/srecord-1.64/srecord/quit/prefix.cc:57:9: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buf, sizeof(buf), fmt, ap);
data/srecord-1.64/srecord/vsnprintf.cc:27:1: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(char *str, size_t size, const char *format, ...)
data/srecord-1.64/srecord/vsnprintf.cc:30:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(str, size, format, ap);
data/srecord-1.64/srecord/vsnprintf.cc:40:1: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(char *str, size_t size, const char *format, va_list ap)
data/srecord-1.64/srecord/vsnprintf.cc:43:5: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(str, format, ap);
data/srecord-1.64/srecord/r250.cc:68:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(now + getpid());
data/srecord-1.64/test/crc16/main.cc:66:17: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
int c = getopt_long(argc, argv, "abchp:rtVx", options, 0);
data/srecord-1.64/test/hyphen/main.cc:157:17: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
int c = getopt_long(argc, argv, "V", options, 0);
data/srecord-1.64/test/url_decode/main.cc:94:17: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
int c = getopt_long(argc, argv, "deV", options, NULL);
data/srecord-1.64/srec_info/main.cc:107:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/srecord-1.64/srec_info/main.cc:140:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/srecord-1.64/srecord/arglex.cc:77:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "r");
data/srecord-1.64/srecord/arglex.cc:106:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1000];
data/srecord-1.64/srecord/arglex.cc:669:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *cmd[3] = { "man", name, 0 };
data/srecord-1.64/srecord/bitrev.cc:22:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char table[256] =
data/srecord-1.64/srecord/input/file.cc:89:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
vfp = fopen(file_name.c_str(), the_mode);
data/srecord-1.64/srecord/input/file.cc:119:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20];
data/srecord-1.64/srecord/input/file.cc:121:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, ": %d", line_number);
data/srecord-1.64/srecord/input/file.cc:123:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, ": 0x%04X", line_number);
data/srecord-1.64/srecord/input/file/atmel_generic.cc:64:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[2];
data/srecord-1.64/srecord/input/file/binary.cc:64:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[srecord::record::max_data_length];
data/srecord-1.64/srecord/input/file/brecord.cc:56:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[32];
data/srecord-1.64/srecord/input/file/dec_binary.cc:131:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[srecord::record::max_data_length];
data/srecord-1.64/srecord/input/file/emon52.cc:78:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[256];
data/srecord-1.64/srecord/input/file/fairchild.cc:112:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[8];
data/srecord-1.64/srecord/input/file/fastload.cc:169:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[srecord::record::max_data_length];
data/srecord-1.64/srecord/input/file/formatted_binary.cc:150:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[record::max_data_length];
data/srecord-1.64/srecord/input/file/four_packed_code.cc:234:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[256];
data/srecord-1.64/srecord/input/file/hexdump.cc:144:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[16];
data/srecord-1.64/srecord/input/file/intel.cc:110:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[255+5];
data/srecord-1.64/srecord/input/file/intel16.cc:111:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[255*2+5];
data/srecord-1.64/srecord/input/file/logisim.cc:57:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2] = { static_cast<char>(c), '\0' };
data/srecord-1.64/srecord/input/file/logisim.cc:65:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[512];
data/srecord-1.64/srecord/input/file/logisim.cc:133:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/srecord-1.64/srecord/input/file/logisim.cc:294:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/srecord-1.64/srecord/input/file/mif.cc:293:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[srecord::record::max_data_length];
data/srecord-1.64/srecord/input/file/mips_flash.cc:159:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[4];
data/srecord-1.64/srecord/input/file/mips_flash.cc:168:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[4];
data/srecord-1.64/srecord/input/file/mos_tech.cc:122:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[256];
data/srecord-1.64/srecord/input/file/motorola.cc:131:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[256];
data/srecord-1.64/srecord/input/file/msbin.cc:83:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char c[sizeof(uint32_t)];
data/srecord-1.64/srecord/input/file/msbin.cc:103:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char Magic[7] =
data/srecord-1.64/srecord/input/file/msbin.cc:107:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buff[sizeof(Magic) + 1];
data/srecord-1.64/srecord/input/file/msbin.cc:252:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[record::max_data_length];
data/srecord-1.64/srecord/input/file/os65v.cc:103:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[1];
data/srecord-1.64/srecord/input/file/ppb.cc:57:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hdr[8];
data/srecord-1.64/srecord/input/file/signetics.cc:104:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[256];
data/srecord-1.64/srecord/input/file/spasm.cc:66:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[2];
data/srecord-1.64/srecord/input/file/stewie.cc:92:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[256];
data/srecord-1.64/srecord/input/file/tektronix.cc:105:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[255+5];
data/srecord-1.64/srecord/input/file/tektronix_extended.cc:137:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[125];
data/srecord-1.64/srecord/input/file/ti_tagged.cc:81:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/srecord-1.64/srecord/input/file/ti_tagged.cc:135:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[2];
data/srecord-1.64/srecord/input/file/ti_tagged_16.cc:81:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/srecord-1.64/srecord/input/file/ti_tagged_16.cc:135:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[2];
data/srecord-1.64/srecord/input/file/ti_txt.cc:159:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[record::max_data_length];
data/srecord-1.64/srecord/input/file/trs80.cc:92:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char payload[258];
data/srecord-1.64/srecord/input/file/vmem.cc:120:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char value[5];
data/srecord-1.64/srecord/input/file/wilson.cc:105:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[256];
data/srecord-1.64/srecord/input/filter/checksum.cc:60:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char chunk[sizeof(sum_t)];
data/srecord-1.64/srecord/input/filter/interval.cc:52:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char chunk[8];
data/srecord-1.64/srecord/input/filter/message.cc:126:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[64];
data/srecord-1.64/srecord/input/filter/message/adler16.cc:71:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char chunk[2];
data/srecord-1.64/srecord/input/filter/message/adler32.cc:72:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char chunk[4];
data/srecord-1.64/srecord/input/filter/message/crc16.cc:158:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char chunk[2];
data/srecord-1.64/srecord/input/filter/message/crc32.cc:96:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char chunk[4];
data/srecord-1.64/srecord/input/filter/message/fletcher16.cc:90:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char chunk[2];
data/srecord-1.64/srecord/input/filter/message/fletcher32.cc:72:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char chunk[4];
data/srecord-1.64/srecord/input/filter/message/stm32.cc:84:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char chunk[4];
data/srecord-1.64/srecord/input/filter/random_fill.cc:52:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[srecord::record::max_data_length];
data/srecord-1.64/srecord/input/generator.cc:122:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[4];
data/srecord-1.64/srecord/input/generator.cc:162:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[4];
data/srecord-1.64/srecord/input/generator.cc:215:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_data, data, length);
data/srecord-1.64/srecord/input/generator/constant.cc:57:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20];
data/srecord-1.64/srecord/interval.cc:783:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20];
data/srecord-1.64/srecord/memory/chunk.cc:101:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_data, data + j, nbytes);
data/srecord-1.64/srecord/memory/chunk.h:142:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[size];
data/srecord-1.64/srecord/memory/chunk.h:148:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mask[(size + 7) / 8];
data/srecord-1.64/srecord/output.cc:54:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/srecord-1.64/srecord/output.cc:76:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/srecord-1.64/srecord/output.cc:104:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/srecord-1.64/srecord/output/file.cc:110:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
vfp = fopen(file_name.c_str(), "w");
data/srecord-1.64/srecord/output/file.cc:118:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
vfp = fopen(file_name.c_str(), "wb");
data/srecord-1.64/srecord/output/file.cc:132:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20];
data/srecord-1.64/srecord/output/file.cc:133:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, ": %d", line_number);
data/srecord-1.64/srecord/output/file.cc:356:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1000];
data/srecord-1.64/srecord/output/file/aomf.cc:70:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[1 + 255 + 2];
data/srecord-1.64/srecord/output/file/aomf.cc:75:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer + 1, name, len);
data/srecord-1.64/srecord/output/file/aomf.cc:89:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[maxlen + 3];
data/srecord-1.64/srecord/output/file/aomf.cc:94:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer + 3, data, nbytes);
data/srecord-1.64/srecord/output/file/aomf.cc:106:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[1 + 255 + 4];
data/srecord-1.64/srecord/output/file/aomf.cc:111:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer + 1, name, len);
data/srecord-1.64/srecord/output/file/asm.cc:64:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20];
data/srecord-1.64/srecord/output/file/asm.cc:132:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[30];
data/srecord-1.64/srecord/output/file/asm.cc:288:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[8];
data/srecord-1.64/srecord/output/file/asm.cc:290:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "0x%2.2X", (unsigned char)n);
data/srecord-1.64/srecord/output/file/asm.cc:292:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%u", (unsigned char)n);
data/srecord-1.64/srecord/output/file/asm.cc:326:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[16];
data/srecord-1.64/srecord/output/file/basic.cc:68:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[8];
data/srecord-1.64/srecord/output/file/basic.cc:69:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%d", (unsigned char)n);
data/srecord-1.64/srecord/output/file/c.cc:320:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(include_file_name.c_str(), "w");
data/srecord-1.64/srecord/output/file/c.cc:588:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[30];
data/srecord-1.64/srecord/output/file/c.cc:615:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[30];
data/srecord-1.64/srecord/output/file/c.cc:642:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[30];
data/srecord-1.64/srecord/output/file/fastload.cc:66:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[20];
data/srecord-1.64/srecord/output/file/four_packed_code.cc:178:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[256];
data/srecord-1.64/srecord/output/file/four_packed_code.cc:186:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer + 8, data, data_nbytes);
data/srecord-1.64/srecord/output/file/intel.cc:66:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[2];
data/srecord-1.64/srecord/output/file/intel.cc:82:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[4];
data/srecord-1.64/srecord/output/file/intel16.cc:67:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[2];
data/srecord-1.64/srecord/output/file/intel16.cc:86:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[4];
data/srecord-1.64/srecord/output/file/logisim.cc:57:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/srecord-1.64/srecord/output/file/mips_flash.h:128:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[256];
data/srecord-1.64/srecord/output/file/motorola.cc:118:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[256];
data/srecord-1.64/srecord/output/file/motorola.cc:123:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer + 1 + address_nbytes, data, data_nbytes);
data/srecord-1.64/srecord/output/file/msbin.cc:72:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char c[sizeof(uint32_t)];
data/srecord-1.64/srecord/output/file/msbin.cc:97:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char Magic[7] =
data/srecord-1.64/srecord/output/file/ppb.h:91:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[8192];
data/srecord-1.64/srecord/output/file/stewie.cc:87:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[256];
data/srecord-1.64/srecord/output/file/stewie.cc:92:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer + 1 + address_nbytes, data, data_nbytes);
data/srecord-1.64/srecord/output/file/tektronix.cc:78:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[2];
data/srecord-1.64/srecord/output/file/tektronix_extended.cc:53:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[260];
data/srecord-1.64/srecord/output/file/wilson.cc:52:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *table[256] =
data/srecord-1.64/srecord/output/file/wilson.cc:105:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[256];
data/srecord-1.64/srecord/output/file/wilson.cc:110:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer + 5, data, data_nbytes);
data/srecord-1.64/srecord/output/filter/reblock.cc:133:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer + buffer_pos, r.get_data(), r.get_length());
data/srecord-1.64/srecord/pretty_size.cc:49:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20];
data/srecord-1.64/srecord/quit.cc:81:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/srecord-1.64/srecord/quit.cc:100:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/srecord-1.64/srecord/quit/normal.cc:49:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2000];
data/srecord-1.64/srecord/quit/prefix.cc:56:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/srecord-1.64/srecord/record.cc:40:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, arg.data, arg.length);
data/srecord-1.64/srecord/record.cc:67:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, a3, length);
data/srecord-1.64/srecord/record.cc:80:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, arg.data, arg.length);
data/srecord-1.64/srecord/stm32.h:109:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[wordsize];
data/srecord-1.64/test/crc16/main.cc:128:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/srecord-1.64/test/fletcher16/main.cc:64:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/srecord-1.64/test/hyphen/main.cc:56:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "r");
data/srecord-1.64/test/url_decode/main.cc:49:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1000];
data/srecord-1.64/test/url_decode/main.cc:66:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1000];
data/srecord-1.64/srec_info/main.cc:76:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (ifp->read(record))
data/srecord-1.64/srecord/arglex.cc:82:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int sc = getc(fp);
data/srecord-1.64/srecord/arglex.cc:100:22: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
sc = getc(fp);
data/srecord-1.64/srecord/arglex.cc:112:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
sc = getc(fp);
data/srecord-1.64/srecord/arglex.cc:514:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
std::string(tp->name + 1, strlen(tp->name) - 12);
data/srecord-1.64/srecord/arglex.cc:528:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
std::string(tp->name + 1, strlen(tp->name) - 15);
data/srecord-1.64/srecord/input.h:64:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual bool read(class record &rec) = 0;
data/srecord-1.64/srecord/input/catenate.cc:45:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_catenate::read(srecord::record &record)
data/srecord-1.64/srecord/input/catenate.cc:49:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool ok = in1->read(record);
data/srecord-1.64/srecord/input/catenate.cc:67:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool ok = in2->read(record);
data/srecord-1.64/srecord/input/catenate.h:66:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/file.cc:134:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int c = getc(fp);
data/srecord-1.64/srecord/input/file.cc:152:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(fp);
data/srecord-1.64/srecord/input/file.cc:190:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int c = getc(fp);
data/srecord-1.64/srecord/input/file/aomf.cc:185:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_file_aomf::read(srecord::record &record)
data/srecord-1.64/srecord/input/file/aomf.h:64:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/file/ascii_hex.cc:169:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_file_ascii_hex::read(record &result)
data/srecord-1.64/srecord/input/file/ascii_hex.h:52:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/file/atmel_generic.cc:84:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_file_atmel_generic::read(srecord::record &record)
data/srecord-1.64/srecord/input/file/atmel_generic.h:67:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/file/binary.cc:44:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_file_binary::read(srecord::record &record)
data/srecord-1.64/srecord/input/file/binary.h:52:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/file/brecord.cc:75:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_file_brecord::read(record &result)
data/srecord-1.64/srecord/input/file/brecord.h:52:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/file/cosmac.cc:46:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_file_cosmac::read(record &result)
data/srecord-1.64/srecord/input/file/cosmac.h:52:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/file/dec_binary.cc:73:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_file_dec_binary::read(srecord::record &record)
data/srecord-1.64/srecord/input/file/dec_binary.h:53:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/file/emon52.cc:57:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_file_emon52::read(srecord::record &record)
data/srecord-1.64/srecord/input/file/emon52.h:52:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/file/fairchild.cc:68:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_file_fairchild::read(record &result)
data/srecord-1.64/srecord/input/file/fairchild.h:52:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/file/fastload.cc:298:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_file_fastload::read(srecord::record &record)
data/srecord-1.64/srecord/input/file/fastload.h:51:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/file/formatted_binary.cc:50:39: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_file_formatted_binary::read(record &result)
data/srecord-1.64/srecord/input/file/formatted_binary.h:52:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read (record &record);
data/srecord-1.64/srecord/input/file/four_packed_code.cc:252:39: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_file_four_packed_code::read(srecord::record &record)
data/srecord-1.64/srecord/input/file/four_packed_code.h:53:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/file/guess.cc:142:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (ifp->read(record))
data/srecord-1.64/srecord/input/file/hexdump.cc:106:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_file_hexdump::read(record &result)
data/srecord-1.64/srecord/input/file/hexdump.h:50:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(class record &rec);
data/srecord-1.64/srecord/input/file/idt.cc:177:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_file_idt::read(record &record)
data/srecord-1.64/srecord/input/file/idt.h:52:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/file/intel.cc:339:28: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_file_intel::read(srecord::record &record)
data/srecord-1.64/srecord/input/file/intel.h:52:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/file/intel16.cc:304:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_file_intel16::read(record &result)
data/srecord-1.64/srecord/input/file/intel16.h:53:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/file/logisim.cc:236:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_file_logisim::read(class record &rec)
data/srecord-1.64/srecord/input/file/logisim.h:100:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(srecord::record &rec);
data/srecord-1.64/srecord/input/file/mif.cc:291:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_file_mif::read(srecord::record &record)
data/srecord-1.64/srecord/input/file/mif.h:52:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/file/mips_flash.cc:194:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_file_mips_flash::read(record &result)
data/srecord-1.64/srecord/input/file/mips_flash.h:65:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/file/mos_tech.cc:140:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_file_mos_tech::read(srecord::record &record)
data/srecord-1.64/srecord/input/file/mos_tech.h:51:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/file/motorola.cc:236:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_file_motorola::read(record &record)
data/srecord-1.64/srecord/input/file/motorola.h:52:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/file/msbin.cc:167:28: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_file_msbin::read(record &result)
data/srecord-1.64/srecord/input/file/msbin.cc:264:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (read < to_read)
data/srecord-1.64/srecord/input/file/msbin.cc:268:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read >= to_read)
data/srecord-1.64/srecord/input/file/msbin.cc:278:55: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
result = record(record::type_data, address, data, read);
data/srecord-1.64/srecord/input/file/msbin.cc:279:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
address += read;
data/srecord-1.64/srecord/input/file/msbin.cc:280:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
assert(remaining >= read);
data/srecord-1.64/srecord/input/file/msbin.cc:281:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
remaining -= read;
data/srecord-1.64/srecord/input/file/msbin.cc:282:40: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
running_checksum += checksum(data, read);
data/srecord-1.64/srecord/input/file/msbin.h:61:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/file/needham.cc:49:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_file_needham::read(srecord::record &record)
data/srecord-1.64/srecord/input/file/needham.h:52:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/file/os65v.cc:157:28: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_file_os65v::read(srecord::record &record)
data/srecord-1.64/srecord/input/file/os65v.h:53:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/file/ppb.cc:118:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_file_ppb::read(record &result)
data/srecord-1.64/srecord/input/file/ppb.h:51:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(class record &rec);
data/srecord-1.64/srecord/input/file/ppx.cc:139:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_file_ppx::read(record &result)
data/srecord-1.64/srecord/input/file/ppx.h:51:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(class record &rec);
data/srecord-1.64/srecord/input/file/signetics.cc:130:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_file_signetics::read(srecord::record &record)
data/srecord-1.64/srecord/input/file/signetics.h:52:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/file/spasm.cc:93:28: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_file_spasm::read(record &result)
data/srecord-1.64/srecord/input/file/spasm.h:67:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/file/spectrum.cc:125:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_file_spectrum::read(srecord::record &record)
data/srecord-1.64/srecord/input/file/spectrum.h:52:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/file/stewie.cc:170:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_file_stewie::read(record &result)
data/srecord-1.64/srecord/input/file/stewie.h:53:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/file/tektronix.cc:160:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_file_tektronix::read(srecord::record &record)
data/srecord-1.64/srecord/input/file/tektronix.h:52:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/file/tektronix_extended.cc:183:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_file_tektronix_extended::read(srecord::record &record)
data/srecord-1.64/srecord/input/file/tektronix_extended.h:55:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/file/ti_tagged.cc:61:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_file_ti_tagged::read(record &result)
data/srecord-1.64/srecord/input/file/ti_tagged.h:52:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/file/ti_tagged_16.cc:61:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_file_ti_tagged_16::read(record &result)
data/srecord-1.64/srecord/input/file/ti_tagged_16.h:52:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/file/ti_txt.cc:122:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_file_ti_txt::read(record &result)
data/srecord-1.64/srecord/input/file/ti_txt.h:52:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/file/trs80.cc:64:28: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_file_trs80::read(srecord::record &result)
data/srecord-1.64/srecord/input/file/trs80.h:56:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &result);
data/srecord-1.64/srecord/input/file/vmem.cc:47:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_file_vmem::read(srecord::record &record)
data/srecord-1.64/srecord/input/file/vmem.h:52:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/file/wilson.cc:155:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_file_wilson::read(record &record)
data/srecord-1.64/srecord/input/file/wilson.h:54:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/filter.cc:51:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_filter::read(srecord::record &record)
data/srecord-1.64/srecord/input/filter.cc:53:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return ifp->read(record);
data/srecord-1.64/srecord/input/filter.h:45:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(class record &record);
data/srecord-1.64/srecord/input/filter/and.cc:45:28: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_filter_and::read(record &result)
data/srecord-1.64/srecord/input/filter/and.cc:47:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!input_filter::read(result))
data/srecord-1.64/srecord/input/filter/and.h:66:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/filter/bitrev.cc:45:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_filter_bitrev::read(srecord::record &record)
data/srecord-1.64/srecord/input/filter/bitrev.cc:47:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!srecord::input_filter::read(record))
data/srecord-1.64/srecord/input/filter/bitrev.h:60:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/filter/byte_swap.cc:48:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_filter_byte_swap::read(srecord::record &record)
data/srecord-1.64/srecord/input/filter/byte_swap.cc:59:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!srecord::input_filter::read(buffer))
data/srecord-1.64/srecord/input/filter/byte_swap.h:62:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/filter/checksum.cc:70:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_filter_checksum::read(record &record)
data/srecord-1.64/srecord/input/filter/checksum.cc:72:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!input_filter::read(record))
data/srecord-1.64/srecord/input/filter/checksum.h:46:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/filter/crop.cc:49:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_filter_crop::read(srecord::record &record)
data/srecord-1.64/srecord/input/filter/crop.cc:62:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!srecord::input_filter::read(data))
data/srecord-1.64/srecord/input/filter/crop.h:69:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/filter/fill.cc:77:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_filter_fill::read(record &result)
data/srecord-1.64/srecord/input/filter/fill.cc:79:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!input_filter::read(result))
data/srecord-1.64/srecord/input/filter/fill.h:73:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/filter/interval.cc:61:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_filter_interval::read(record &record)
data/srecord-1.64/srecord/input/filter/interval.cc:63:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!input_filter::read(record))
data/srecord-1.64/srecord/input/filter/interval.h:74:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/filter/message.cc:51:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_filter_message::read(record &result)
data/srecord-1.64/srecord/input/filter/message.h:60:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/filter/not.cc:44:28: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_filter_not::read(srecord::record &record)
data/srecord-1.64/srecord/input/filter/not.cc:46:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!srecord::input_filter::read(record))
data/srecord-1.64/srecord/input/filter/not.h:62:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/filter/offset.cc:46:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_filter_offset::read(srecord::record &record)
data/srecord-1.64/srecord/input/filter/offset.cc:48:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!srecord::input_filter::read(record))
data/srecord-1.64/srecord/input/filter/offset.h:69:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/filter/or.cc:45:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_filter_or::read(srecord::record &record)
data/srecord-1.64/srecord/input/filter/or.cc:47:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!srecord::input_filter::read(record))
data/srecord-1.64/srecord/input/filter/or.h:67:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/filter/random_fill.cc:73:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_filter_random_fill::read(srecord::record &record)
data/srecord-1.64/srecord/input/filter/random_fill.cc:75:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!srecord::input_filter::read(record))
data/srecord-1.64/srecord/input/filter/random_fill.h:69:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/filter/sequence.cc:46:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_filter_sequence::read(srecord::record &record)
data/srecord-1.64/srecord/input/filter/sequence.cc:48:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!srecord::input_filter::read(record))
data/srecord-1.64/srecord/input/filter/sequence.h:57:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/filter/split.cc:55:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_filter_split::read(srecord::record &record)
data/srecord-1.64/srecord/input/filter/split.cc:66:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!srecord::input_filter::read(buffer))
data/srecord-1.64/srecord/input/filter/split.h:103:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/filter/unfill.cc:49:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_filter_unfill::read(srecord::record &record)
data/srecord-1.64/srecord/input/filter/unfill.cc:60:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!srecord::input_filter::read(buffer))
data/srecord-1.64/srecord/input/filter/unfill.h:79:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/filter/unsplit.cc:50:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_filter_unsplit::read(srecord::record &record)
data/srecord-1.64/srecord/input/filter/unsplit.cc:61:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!srecord::input_filter::read(buffer))
data/srecord-1.64/srecord/input/filter/unsplit.h:83:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/filter/xor.cc:45:28: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_filter_xor::read(srecord::record &record)
data/srecord-1.64/srecord/input/filter/xor.cc:47:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!srecord::input_filter::read(record))
data/srecord-1.64/srecord/input/filter/xor.h:67:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/generator.cc:43:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
srecord::input_generator::read(srecord::record &result)
data/srecord-1.64/srecord/input/generator.h:61:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(record &record);
data/srecord-1.64/srecord/input/interval.cc:31:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (ifp->read(record))
data/srecord-1.64/srecord/interval.cc:725:20: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
srecord::interval::equal(const interval &lhs, const interval &rhs)
data/srecord-1.64/srecord/interval.h:107:17: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
static bool equal(const interval &, const interval &);
data/srecord-1.64/srecord/interval.h:267:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
return interval::equal(lhs, rhs);
data/srecord-1.64/srecord/interval.h:277:23: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
return !interval::equal(lhs, rhs);
data/srecord-1.64/srecord/memory.cc:212:18: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
srecord::memory::equal(const srecord::memory &lhs, const srecord::memory &rhs)
data/srecord-1.64/srecord/memory.cc:281:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (ifp->read(record))
data/srecord-1.64/srecord/memory.cc:387:29: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
return srecord::memory::equal(lhs, rhs);
data/srecord-1.64/srecord/memory.cc:394:30: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
return !srecord::memory::equal(lhs, rhs);
data/srecord-1.64/srecord/memory.h:131:17: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
static bool equal(const memory &, const memory &);
data/srecord-1.64/srecord/memory/chunk.cc:125:24: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
srecord::memory_chunk::equal(const srecord::memory_chunk &lhs,
data/srecord-1.64/srecord/memory/chunk.cc:171:35: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
return srecord::memory_chunk::equal(lhs, rhs);
data/srecord-1.64/srecord/memory/chunk.cc:179:36: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
return !srecord::memory_chunk::equal(lhs, rhs);
data/srecord-1.64/srecord/memory/chunk.h:109:17: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
static bool equal(const memory_chunk &, const memory_chunk &);
data/srecord-1.64/srecord/output.cc:132:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(hdr)
data/srecord-1.64/srecord/output/file/aomf.cc:71:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(name);
data/srecord-1.64/srecord/output/file/aomf.cc:107:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(name);
data/srecord-1.64/srecord/output/file/asm.cc:72:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
long len = strlen(buffer);
data/srecord-1.64/srecord/output/file/asm.cc:137:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
long len = strlen(buffer);
data/srecord-1.64/srecord/output/file/asm.cc:293:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(buffer);
data/srecord-1.64/srecord/output/file/asm.cc:331:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(buffer);
data/srecord-1.64/srecord/output/file/basic.cc:70:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(buffer);
data/srecord-1.64/srecord/output/file/c.cc:426:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
colon = fn + strlen(fn);
data/srecord-1.64/srecord/output/file/c.cc:593:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(buffer);
data/srecord-1.64/srecord/output/file/c.cc:620:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(buffer);
data/srecord-1.64/srecord/output/file/logisim.cc:62:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int buffer_length = strlen(buffer);
data/srecord-1.64/srecord/progname.cc:66:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(progname);
data/srecord-1.64/srecord/quit/normal.cc:51:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(buf);
data/srecord-1.64/test/crc16/main.cc:129:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int n = read(0, buffer, sizeof(buffer));
data/srecord-1.64/test/fletcher16/main.cc:65:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int n = read(0, buffer, sizeof(buffer));
data/srecord-1.64/test/hyphen/main.cc:37:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int c = getc(fp);
data/srecord-1.64/test/url_decode/main.cc:52:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(buf);
data/srecord-1.64/test/url_decode/main.cc:69:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(buf);
ANALYSIS SUMMARY:
Hits = 338
Lines analyzed = 56988 in approximately 1.15 seconds (49590 lines/second)
Physical Source Lines of Code (SLOC) = 29491
Hits@level = [0] 93 [1] 186 [2] 131 [3] 4 [4] 17 [5] 0
Hits@level+ = [0+] 431 [1+] 338 [2+] 152 [3+] 21 [4+] 17 [5+] 0
Hits/KSLOC@level+ = [0+] 14.6146 [1+] 11.4611 [2+] 5.15411 [3+] 0.712082 [4+] 0.576447 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.