Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/teckit-2.5.10+ds1/zlib-1.2.11/zconf.h Examining data/teckit-2.5.10+ds1/zlib-1.2.11/inffast.h Examining data/teckit-2.5.10+ds1/zlib-1.2.11/crc32.h Examining data/teckit-2.5.10+ds1/zlib-1.2.11/deflate.h Examining data/teckit-2.5.10+ds1/zlib-1.2.11/zlib.h Examining data/teckit-2.5.10+ds1/zlib-1.2.11/gzguts.h Examining data/teckit-2.5.10+ds1/zlib-1.2.11/inffixed.h Examining data/teckit-2.5.10+ds1/zlib-1.2.11/inflate.h Examining data/teckit-2.5.10+ds1/zlib-1.2.11/trees.h Examining data/teckit-2.5.10+ds1/zlib-1.2.11/zutil.h Examining data/teckit-2.5.10+ds1/zlib-1.2.11/inftrees.h Examining data/teckit-2.5.10+ds1/SFconv/UtfCodec.cpp Examining data/teckit-2.5.10+ds1/SFconv/UtfCodec.h Examining data/teckit-2.5.10+ds1/SFconv/Debug_Prefix.h Examining data/teckit-2.5.10+ds1/SFconv/Final_Prefix.h Examining data/teckit-2.5.10+ds1/SFconv/SFconv.cpp Examining data/teckit-2.5.10+ds1/SFconv/ushort_chartraits.h Examining data/teckit-2.5.10+ds1/SFconv/sfReader.h Examining data/teckit-2.5.10+ds1/source/TECkit_Format.h Examining data/teckit-2.5.10+ds1/source/ulong_chartraits.h Examining data/teckit-2.5.10+ds1/source/Sample-tools/TxtConv.cpp Examining data/teckit-2.5.10+ds1/source/Sample-tools/TECkit_Compile.cpp Examining data/teckit-2.5.10+ds1/source/NormalizationData.c Examining data/teckit-2.5.10+ds1/source/Engine.h Examining data/teckit-2.5.10+ds1/source/UnicodeNames.cpp Examining data/teckit-2.5.10+ds1/source/Public-headers/TECkit_Common.h Examining data/teckit-2.5.10+ds1/source/Public-headers/TECkit_Compiler.h Examining data/teckit-2.5.10+ds1/source/Public-headers/TECkit_Engine.h Examining data/teckit-2.5.10+ds1/source/Compiler.cpp Examining data/teckit-2.5.10+ds1/source/Compiler.h Examining data/teckit-2.5.10+ds1/source/Engine.cpp FINAL RESULTS: data/teckit-2.5.10+ds1/source/Sample-tools/TECkit_Compile.cpp:120:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tecFileName, mapFileName); data/teckit-2.5.10+ds1/source/Sample-tools/TECkit_Compile.cpp:129:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tecFileName, mapFileName); data/teckit-2.5.10+ds1/source/Sample-tools/TECkit_Compile.cpp:132:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(tecFileName, genXML ? ".xml" : ".tec"); data/teckit-2.5.10+ds1/source/Sample-tools/TECkit_Compile.cpp:149:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(mapFileName2, mapFileName); data/teckit-2.5.10+ds1/zlib-1.2.11/gzguts.h:86:18: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # if !defined(vsnprintf) && !defined(NO_vsnprintf) data/teckit-2.5.10+ds1/zlib-1.2.11/gzguts.h:88:18: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # define vsnprintf _vsnprintf data/teckit-2.5.10+ds1/zlib-1.2.11/gzguts.h:110:11: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # define snprintf _snprintf data/teckit-2.5.10+ds1/zlib-1.2.11/gzguts.h:110:20: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # define snprintf _snprintf data/teckit-2.5.10+ds1/zlib-1.2.11/zutil.h:242:39: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define Trace(x) {if (z_verbose>=0) fprintf x ;} data/teckit-2.5.10+ds1/zlib-1.2.11/zutil.h:243:39: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define Tracev(x) {if (z_verbose>0) fprintf x ;} data/teckit-2.5.10+ds1/zlib-1.2.11/zutil.h:244:40: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define Tracevv(x) {if (z_verbose>1) fprintf x ;} data/teckit-2.5.10+ds1/zlib-1.2.11/zutil.h:245:48: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define Tracec(c,x) {if (z_verbose>0 && (c)) fprintf x ;} data/teckit-2.5.10+ds1/zlib-1.2.11/zutil.h:246:49: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define Tracecv(c,x) {if (z_verbose>1 && (c)) fprintf x ;} data/teckit-2.5.10+ds1/SFconv/SFconv.cpp:306:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* mapFile = fopen(mapFileName.c_str(), "rb"); data/teckit-2.5.10+ds1/SFconv/SFconv.cpp:343:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* ctlFile = fopen(controlFile, "r"); data/teckit-2.5.10+ds1/SFconv/SFconv.cpp:349:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[BUFSIZ]; data/teckit-2.5.10+ds1/SFconv/SFconv.cpp:530:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* outFile = fopen(outputFile, "wb"); data/teckit-2.5.10+ds1/SFconv/SFconv.cpp:536:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* inFile = fopen(inputFile, "rb"); data/teckit-2.5.10+ds1/SFconv/sfReader.h:79:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char bytesFromUTF8[256] = { data/teckit-2.5.10+ds1/SFconv/ushort_chartraits.h:71:40: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. { return static_cast<char_type*>(memcpy(__s1, __s2, __n * sizeof(char_type))); } data/teckit-2.5.10+ds1/source/Compiler.cpp:209:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buffer[256]; data/teckit-2.5.10+ds1/source/Compiler.cpp:212:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer, "U+%04X", usv); data/teckit-2.5.10+ds1/source/Compiler.cpp:348:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char str[16]; data/teckit-2.5.10+ds1/source/Compiler.cpp:349:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, "%0*X", digits, val); data/teckit-2.5.10+ds1/source/Compiler.cpp:356:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char str[16]; data/teckit-2.5.10+ds1/source/Compiler.cpp:357:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, "%d", val); data/teckit-2.5.10+ds1/source/Compiler.cpp:1346:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(compiledTable, header.data(), header.length()); data/teckit-2.5.10+ds1/source/Compiler.cpp:1347:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(compiledTable + header.length(), xmlRepresentation.data(), xmlRepresentation.length()); data/teckit-2.5.10+ds1/source/Compiler.cpp:1348:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(compiledTable + header.length() + xmlRepresentation.length(), trailer.data(), trailer.length()); data/teckit-2.5.10+ds1/source/Compiler.cpp:1423:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cp, &fh, sizeof(fh)); data/teckit-2.5.10+ds1/source/Compiler.cpp:1425:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cp, offsets.data(), offsets.length()); data/teckit-2.5.10+ds1/source/Compiler.cpp:1427:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cp, namesData.data(), namesData.length()); data/teckit-2.5.10+ds1/source/Compiler.cpp:1430:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cp, t->data(), t->length()); data/teckit-2.5.10+ds1/source/Compiler.cpp:1435:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cp, t->data(), t->length()); data/teckit-2.5.10+ds1/source/Compiler.h:119:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char idBuffer[256]; data/teckit-2.5.10+ds1/source/Engine.cpp:862:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[20]; data/teckit-2.5.10+ds1/source/Engine.cpp:868:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "[%d]", m.value.cls.index); data/teckit-2.5.10+ds1/source/Engine.cpp:894:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "'%c'", (char)v); data/teckit-2.5.10+ds1/source/Engine.cpp:898:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "0x%04X", (UInt32)v); data/teckit-2.5.10+ds1/source/Engine.cpp:916:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "{%d,%d}", m.flags.repeat >> 4, m.flags.repeat & 0x0F); data/teckit-2.5.10+ds1/source/Engine.cpp:955:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[20]; data/teckit-2.5.10+ds1/source/Engine.cpp:958:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "'%c'", v); data/teckit-2.5.10+ds1/source/Engine.cpp:962:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "0x%04X", v); data/teckit-2.5.10+ds1/source/Engine.cpp:1320:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(table, inTable, inTableSize); data/teckit-2.5.10+ds1/source/Engine.cpp:1985:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(nameBuffer, namePtr, copyBytes); data/teckit-2.5.10+ds1/source/Engine.cpp:2174:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(nameBuffer, namePtr, copyBytes); data/teckit-2.5.10+ds1/source/Sample-tools/TECkit_Compile.cpp:137:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* inFile = fopen(mapFileName, "rb"); data/teckit-2.5.10+ds1/source/Sample-tools/TECkit_Compile.cpp:150:4: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(mapFileName2, ".map"); data/teckit-2.5.10+ds1/source/Sample-tools/TECkit_Compile.cpp:151:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). inFile = fopen(mapFileName2, "rb"); data/teckit-2.5.10+ds1/source/Sample-tools/TECkit_Compile.cpp:186:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). outFile = fopen(tecFileName, "wb"); data/teckit-2.5.10+ds1/source/Sample-tools/TxtConv.cpp:52:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char inBuffer[kInBufLen]; data/teckit-2.5.10+ds1/source/Sample-tools/TxtConv.cpp:53:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char outBuffer[kOutBufLen]; data/teckit-2.5.10+ds1/source/Sample-tools/TxtConv.cpp:88:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(inBuffer, inBuffer + inAvail - savedLen, savedLen); data/teckit-2.5.10+ds1/source/Sample-tools/TxtConv.cpp:332:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). tecFile = fopen(tecFileName, "rb"); data/teckit-2.5.10+ds1/source/Sample-tools/TxtConv.cpp:366:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). inFile = fopen(inFileName, "rb"); data/teckit-2.5.10+ds1/source/Sample-tools/TxtConv.cpp:375:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char sig[4]; data/teckit-2.5.10+ds1/source/Sample-tools/TxtConv.cpp:457:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). outFile = fopen(outFileName, "wb"); data/teckit-2.5.10+ds1/source/ulong_chartraits.h:78:40: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. { return static_cast<char_type*>(memcpy(__s1, __s2, __n * sizeof(char_type))); } data/teckit-2.5.10+ds1/zlib-1.2.11/gzguts.h:47:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). # define open _open data/teckit-2.5.10+ds1/zlib-1.2.11/zutil.h:49:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern z_const char * const z_errmsg[10]; /* indexed by 2-zlib_error */ data/teckit-2.5.10+ds1/zlib-1.2.11/zutil.h:109:6: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fopen((name), (mode), "mbc=60", "ctx=stm", "rfm=fix", "mrs=512") data/teckit-2.5.10+ds1/zlib-1.2.11/zutil.h:202:30: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). # define F_OPEN(name, mode) fopen((name), (mode)) data/teckit-2.5.10+ds1/zlib-1.2.11/zutil.h:226:21: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define zmemcpy memcpy data/teckit-2.5.10+ds1/SFconv/SFconv.cpp:98:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int len = strlen(s); data/teckit-2.5.10+ds1/SFconv/SFconv.cpp:764:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(arg + 1) == 1) { data/teckit-2.5.10+ds1/SFconv/sfReader.h:73:10: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rval = getc(inFile); data/teckit-2.5.10+ds1/SFconv/sfReader.h:113:12: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). long c1 = getc(inFile); data/teckit-2.5.10+ds1/SFconv/sfReader.h:123:18: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). case 5: c2 = getc(inFile); if (c2 == -1) return -1; ch <<= 6; ch += c2; data/teckit-2.5.10+ds1/SFconv/sfReader.h:124:18: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). case 4: c2 = getc(inFile); if (c2 == -1) return -1; ch <<= 6; ch += c2; data/teckit-2.5.10+ds1/SFconv/sfReader.h:125:18: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). case 3: c2 = getc(inFile); if (c2 == -1) return -1; ch <<= 6; ch += c2; data/teckit-2.5.10+ds1/SFconv/sfReader.h:126:18: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). case 2: c2 = getc(inFile); if (c2 == -1) return -1; ch <<= 6; ch += c2; data/teckit-2.5.10+ds1/SFconv/sfReader.h:127:18: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). case 1: c2 = getc(inFile); if (c2 == -1) return -1; ch <<= 6; ch += c2; data/teckit-2.5.10+ds1/SFconv/sfReader.h:144:14: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). long c2 = getc(inFile); data/teckit-2.5.10+ds1/source/Compiler.cpp:255:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen(name); data/teckit-2.5.10+ds1/source/Sample-tools/TECkit_Compile.cpp:64:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (arg[0] == '-' && strlen(arg + 1) == 1 && argc > 0) { data/teckit-2.5.10+ds1/source/Sample-tools/TECkit_Compile.cpp:116:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int x = strlen(mapFileName); data/teckit-2.5.10+ds1/source/Sample-tools/TECkit_Compile.cpp:146:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char* mapFileName2 = static_cast<char*>(malloc(strlen(mapFileName) + 5)); data/teckit-2.5.10+ds1/source/Sample-tools/TxtConv.cpp:192:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(arg + 1) == 1) { data/teckit-2.5.10+ds1/source/Sample-tools/TxtConv.cpp:288:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(unmappedOption) != 1 || *unmappedOption < '0' || *unmappedOption > '2') { data/teckit-2.5.10+ds1/zlib-1.2.11/gzguts.h:48:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). # define read _read ANALYSIS SUMMARY: Hits = 80 Lines analyzed = 49933 in approximately 2.59 seconds (19256 lines/second) Physical Source Lines of Code (SLOC) = 46176 Hits@level = [0] 87 [1] 17 [2] 50 [3] 0 [4] 13 [5] 0 Hits@level+ = [0+] 167 [1+] 80 [2+] 63 [3+] 13 [4+] 13 [5+] 0 Hits/KSLOC@level+ = [0+] 3.6166 [1+] 1.7325 [2+] 1.36435 [3+] 0.281532 [4+] 0.281532 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.