Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/teem-1.12.0~20160122/include/teemQnanhibit.h
Examining data/teem-1.12.0~20160122/include/teemPng.h
Examining data/teem-1.12.0~20160122/include/teemDio.h
Examining data/teem-1.12.0~20160122/src/seek/privateSeek.h
Examining data/teem-1.12.0~20160122/src/seek/descend.c
Examining data/teem-1.12.0~20160122/src/seek/updateSeek.c
Examining data/teem-1.12.0~20160122/src/seek/methodsSeek.c
Examining data/teem-1.12.0~20160122/src/seek/tables.c
Examining data/teem-1.12.0~20160122/src/seek/setSeek.c
Examining data/teem-1.12.0~20160122/src/seek/extract.c
Examining data/teem-1.12.0~20160122/src/seek/test/tiso.c
Examining data/teem-1.12.0~20160122/src/seek/test/trv.c
Examining data/teem-1.12.0~20160122/src/seek/textract.c
Examining data/teem-1.12.0~20160122/src/seek/seek.h
Examining data/teem-1.12.0~20160122/src/seek/enumsSeek.c
Examining data/teem-1.12.0~20160122/src/bane/defaultsBane.c
Examining data/teem-1.12.0~20160122/src/bane/gkmsScat.c
Examining data/teem-1.12.0~20160122/src/bane/gkmsHvol.c
Examining data/teem-1.12.0~20160122/src/bane/hvol.c
Examining data/teem-1.12.0~20160122/src/bane/inc.c
Examining data/teem-1.12.0~20160122/src/bane/gkmsOpac.c
Examining data/teem-1.12.0~20160122/src/bane/scat.c
Examining data/teem-1.12.0~20160122/src/bane/trex.c
Examining data/teem-1.12.0~20160122/src/bane/clip.c
Examining data/teem-1.12.0~20160122/src/bane/gkmsFlotsam.c
Examining data/teem-1.12.0~20160122/src/bane/methodsBane.c
Examining data/teem-1.12.0~20160122/src/bane/gkmsPvg.c
Examining data/teem-1.12.0~20160122/src/bane/valid.c
Examining data/teem-1.12.0~20160122/src/bane/rangeBane.c
Examining data/teem-1.12.0~20160122/src/bane/privateBane.h
Examining data/teem-1.12.0~20160122/src/bane/gkmsMite.c
Examining data/teem-1.12.0~20160122/src/bane/gkmsInfo.c
Examining data/teem-1.12.0~20160122/src/bane/gkmsTxf.c
Examining data/teem-1.12.0~20160122/src/bane/bane.h
Examining data/teem-1.12.0~20160122/src/bane/trnsf.c
Examining data/teem-1.12.0~20160122/src/bane/test/pvg.c
Examining data/teem-1.12.0~20160122/src/bane/test/tinfo.c
Examining data/teem-1.12.0~20160122/src/bane/test/tblah.c
Examining data/teem-1.12.0~20160122/src/bane/test/pos.c
Examining data/teem-1.12.0~20160122/src/bane/test/sigma.c
Examining data/teem-1.12.0~20160122/src/bane/test/opac.c
Examining data/teem-1.12.0~20160122/src/bane/test/apply.c
Examining data/teem-1.12.0~20160122/src/bane/test/htrnsf.c
Examining data/teem-1.12.0~20160122/src/bane/measr.c
Examining data/teem-1.12.0~20160122/src/tijk/tijk.h
Examining data/teem-1.12.0~20160122/src/tijk/privateTijk.h
Examining data/teem-1.12.0~20160122/src/tijk/3dTijk.c
Examining data/teem-1.12.0~20160122/src/tijk/2dTijk.c
Examining data/teem-1.12.0~20160122/src/tijk/shTijk.c
Examining data/teem-1.12.0~20160122/src/tijk/shtables.h
Examining data/teem-1.12.0~20160122/src/tijk/enumsTijk.c
Examining data/teem-1.12.0~20160122/src/tijk/convertQuietPush.h
Examining data/teem-1.12.0~20160122/src/tijk/approxTijk.c
Examining data/teem-1.12.0~20160122/src/tijk/convertQuietPop.h
Examining data/teem-1.12.0~20160122/src/tijk/fsTijk.c
Examining data/teem-1.12.0~20160122/src/tijk/nrrdTijk.c
Examining data/teem-1.12.0~20160122/src/tijk/miscTijk.c
Examining data/teem-1.12.0~20160122/src/limn/lpuFlotsam.c
Examining data/teem-1.12.0~20160122/src/limn/privateLimn.h
Examining data/teem-1.12.0~20160122/src/limn/lpu_about.c
Examining data/teem-1.12.0~20160122/src/limn/enumsLimn.c
Examining data/teem-1.12.0~20160122/src/limn/obj.c
Examining data/teem-1.12.0~20160122/src/limn/polyshapes.c
Examining data/teem-1.12.0~20160122/src/limn/limn.h
Examining data/teem-1.12.0~20160122/src/limn/cam.c
Examining data/teem-1.12.0~20160122/src/limn/lpu_verts.c
Examining data/teem-1.12.0~20160122/src/limn/lpu_psel.c
Examining data/teem-1.12.0~20160122/src/limn/renderLimn.c
Examining data/teem-1.12.0~20160122/src/limn/splineMethods.c
Examining data/teem-1.12.0~20160122/src/limn/polymod.c
Examining data/teem-1.12.0~20160122/src/limn/lpu_meas.c
Examining data/teem-1.12.0~20160122/src/limn/light.c
Examining data/teem-1.12.0~20160122/src/limn/lpu_rast.c
Examining data/teem-1.12.0~20160122/src/limn/lpu_sort.c
Examining data/teem-1.12.0~20160122/src/limn/lpu_ccfind.c
Examining data/teem-1.12.0~20160122/src/limn/polydata.c
Examining data/teem-1.12.0~20160122/src/limn/io.c
Examining data/teem-1.12.0~20160122/src/limn/qn.c
Examining data/teem-1.12.0~20160122/src/limn/test/intx.c
Examining data/teem-1.12.0~20160122/src/limn/test/triimg.c
Examining data/teem-1.12.0~20160122/src/limn/test/tcam.c
Examining data/teem-1.12.0~20160122/src/limn/test/tio.c
Examining data/teem-1.12.0~20160122/src/limn/test/tspline.c
Examining data/teem-1.12.0~20160122/src/limn/test/tcamanim.c
Examining data/teem-1.12.0~20160122/src/limn/test/map.c
Examining data/teem-1.12.0~20160122/src/limn/test/off2eps.c
Examining data/teem-1.12.0~20160122/src/limn/test/clip.c
Examining data/teem-1.12.0~20160122/src/limn/test/tqn.c
Examining data/teem-1.12.0~20160122/src/limn/test/tbc.c
Examining data/teem-1.12.0~20160122/src/limn/test/light.c
Examining data/teem-1.12.0~20160122/src/limn/test/tps.c
Examining data/teem-1.12.0~20160122/src/limn/test/lpu.c
Examining data/teem-1.12.0~20160122/src/limn/test/soid.c
Examining data/teem-1.12.0~20160122/src/limn/test/plot.c
Examining data/teem-1.12.0~20160122/src/limn/polyfilter.c
Examining data/teem-1.12.0~20160122/src/limn/shapes.c
Examining data/teem-1.12.0~20160122/src/limn/hestLimn.c
Examining data/teem-1.12.0~20160122/src/limn/defaultsLimn.c
Examining data/teem-1.12.0~20160122/src/limn/splineEval.c
Examining data/teem-1.12.0~20160122/src/limn/methodsLimn.c
Examining data/teem-1.12.0~20160122/src/limn/transform.c
Examining data/teem-1.12.0~20160122/src/limn/envmap.c
Examining data/teem-1.12.0~20160122/src/limn/splineMisc.c
Examining data/teem-1.12.0~20160122/src/alan/test/tspot.c
Examining data/teem-1.12.0~20160122/src/alan/alan.h
Examining data/teem-1.12.0~20160122/src/alan/coreAlan.c
Examining data/teem-1.12.0~20160122/src/alan/enumsAlan.c
Examining data/teem-1.12.0~20160122/src/alan/methodsAlan.c
Examining data/teem-1.12.0~20160122/src/gage/shape.c
Examining data/teem-1.12.0~20160122/src/gage/multiGage.c
Examining data/teem-1.12.0~20160122/src/gage/miscGage.c
Examining data/teem-1.12.0~20160122/src/gage/ctx.c
Examining data/teem-1.12.0~20160122/src/gage/defaultsGage.c
Examining data/teem-1.12.0~20160122/src/gage/sclprint.c
Examining data/teem-1.12.0~20160122/src/gage/privateGage.h
Examining data/teem-1.12.0~20160122/src/gage/optimsig.c
Examining data/teem-1.12.0~20160122/src/gage/vecGage.c
Examining data/teem-1.12.0~20160122/src/gage/kind.c
Examining data/teem-1.12.0~20160122/src/gage/update.c
Examining data/teem-1.12.0~20160122/src/gage/deconvolve.c
Examining data/teem-1.12.0~20160122/src/gage/filter.c
Examining data/teem-1.12.0~20160122/src/gage/sclanswer.c
Examining data/teem-1.12.0~20160122/src/gage/st.c
Examining data/teem-1.12.0~20160122/src/gage/vecprint.c
Examining data/teem-1.12.0~20160122/src/gage/stack.c
Examining data/teem-1.12.0~20160122/src/gage/scl3pfilterbody.c
Examining data/teem-1.12.0~20160122/src/gage/stackBlur.c
Examining data/teem-1.12.0~20160122/src/gage/test/tplot.c
Examining data/teem-1.12.0~20160122/src/gage/test/ctfix.c
Examining data/teem-1.12.0~20160122/src/gage/test/aalias.c
Examining data/teem-1.12.0~20160122/src/gage/test/maxes.c
Examining data/teem-1.12.0~20160122/src/gage/test/ssc.c
Examining data/teem-1.12.0~20160122/src/gage/test/demo.c
Examining data/teem-1.12.0~20160122/src/gage/test/vh.c
Examining data/teem-1.12.0~20160122/src/gage/test/indx.c
Examining data/teem-1.12.0~20160122/src/gage/test/genoptsig.c
Examining data/teem-1.12.0~20160122/src/gage/scl.c
Examining data/teem-1.12.0~20160122/src/gage/print.c
Examining data/teem-1.12.0~20160122/src/gage/pvl.c
Examining data/teem-1.12.0~20160122/src/gage/gage.h
Examining data/teem-1.12.0~20160122/src/gage/sclfilter.c
Examining data/teem-1.12.0~20160122/src/gage/twovecGage.c
Examining data/teem-1.12.0~20160122/src/matlab/nrrdLoadOrientation.c
Examining data/teem-1.12.0~20160122/src/matlab/nrrdLoad.c
Examining data/teem-1.12.0~20160122/src/matlab/nrrdSave.c
Examining data/teem-1.12.0~20160122/src/echo/set.c
Examining data/teem-1.12.0~20160122/src/echo/intx.c
Examining data/teem-1.12.0~20160122/src/echo/model.c
Examining data/teem-1.12.0~20160122/src/echo/privateEcho.h
Examining data/teem-1.12.0~20160122/src/echo/color.c
Examining data/teem-1.12.0~20160122/src/echo/list.c
Examining data/teem-1.12.0~20160122/src/echo/objmethods.c
Examining data/teem-1.12.0~20160122/src/echo/sqd.c
Examining data/teem-1.12.0~20160122/src/echo/methodsEcho.c
Examining data/teem-1.12.0~20160122/src/echo/echo.h
Examining data/teem-1.12.0~20160122/src/echo/lightEcho.c
Examining data/teem-1.12.0~20160122/src/echo/test/trend.c
Examining data/teem-1.12.0~20160122/src/echo/test/glyph.c
Examining data/teem-1.12.0~20160122/src/echo/test/test.c
Examining data/teem-1.12.0~20160122/src/echo/renderEcho.c
Examining data/teem-1.12.0~20160122/src/echo/matter.c
Examining data/teem-1.12.0~20160122/src/echo/bounds.c
Examining data/teem-1.12.0~20160122/src/echo/enumsEcho.c
Examining data/teem-1.12.0~20160122/src/moss/xform.c
Examining data/teem-1.12.0~20160122/src/moss/privateMoss.h
Examining data/teem-1.12.0~20160122/src/moss/sampler.c
Examining data/teem-1.12.0~20160122/src/moss/methodsMoss.c
Examining data/teem-1.12.0~20160122/src/moss/moss.h
Examining data/teem-1.12.0~20160122/src/moss/hestMoss.c
Examining data/teem-1.12.0~20160122/src/moss/test/invert.c
Examining data/teem-1.12.0~20160122/src/moss/defaultsMoss.c
Examining data/teem-1.12.0~20160122/src/hex/enhex.c
Examining data/teem-1.12.0~20160122/src/hex/dehex.c
Examining data/teem-1.12.0~20160122/src/biff/biffmsg.c
Examining data/teem-1.12.0~20160122/src/biff/biff.h
Examining data/teem-1.12.0~20160122/src/biff/biffbiff.c
Examining data/teem-1.12.0~20160122/src/biff/privateBiff.h
Examining data/teem-1.12.0~20160122/src/biff/test/test.c
Examining data/teem-1.12.0~20160122/src/unrrdu/dnorm.c
Examining data/teem-1.12.0~20160122/src/unrrdu/acrop.c
Examining data/teem-1.12.0~20160122/src/unrrdu/unblock.c
Examining data/teem-1.12.0~20160122/src/unrrdu/ccfind.c
Examining data/teem-1.12.0~20160122/src/unrrdu/block.c
Examining data/teem-1.12.0~20160122/src/unrrdu/flotsam.c
Examining data/teem-1.12.0~20160122/src/unrrdu/basinfo.c
Examining data/teem-1.12.0~20160122/src/unrrdu/aabplot.c
Examining data/teem-1.12.0~20160122/src/unrrdu/untile.c
Examining data/teem-1.12.0~20160122/src/unrrdu/ccmerge.c
Examining data/teem-1.12.0~20160122/src/unrrdu/lut.c
Examining data/teem-1.12.0~20160122/src/unrrdu/save.c
Examining data/teem-1.12.0~20160122/src/unrrdu/mlut.c
Examining data/teem-1.12.0~20160122/src/unrrdu/privateUnrrdu.h
Examining data/teem-1.12.0~20160122/src/unrrdu/cksum.c
Examining data/teem-1.12.0~20160122/src/unrrdu/imap.c
Examining data/teem-1.12.0~20160122/src/unrrdu/join.c
Examining data/teem-1.12.0~20160122/src/unrrdu/axinfo.c
Examining data/teem-1.12.0~20160122/src/unrrdu/undos.c
Examining data/teem-1.12.0~20160122/src/unrrdu/gamma.c
Examining data/teem-1.12.0~20160122/src/unrrdu/slice.c
Examining data/teem-1.12.0~20160122/src/unrrdu/unorient.c
Examining data/teem-1.12.0~20160122/src/unrrdu/tile.c
Examining data/teem-1.12.0~20160122/src/unrrdu/unrrdu.h
Examining data/teem-1.12.0~20160122/src/unrrdu/1op.c
Examining data/teem-1.12.0~20160122/src/unrrdu/ccadj.c
Examining data/teem-1.12.0~20160122/src/unrrdu/hack.c
Examining data/teem-1.12.0~20160122/src/unrrdu/about.c
Examining data/teem-1.12.0~20160122/src/unrrdu/inset.c
Examining data/teem-1.12.0~20160122/src/unrrdu/data.c
Examining data/teem-1.12.0~20160122/src/unrrdu/quantize.c
Examining data/teem-1.12.0~20160122/src/unrrdu/make.c
Examining data/teem-1.12.0~20160122/src/unrrdu/minmax.c
Examining data/teem-1.12.0~20160122/src/unrrdu/shuffle.c
Examining data/teem-1.12.0~20160122/src/unrrdu/permute.c
Examining data/teem-1.12.0~20160122/src/unrrdu/histo.c
Examining data/teem-1.12.0~20160122/src/unrrdu/axsplit.c
Examining data/teem-1.12.0~20160122/src/unrrdu/subst.c
Examining data/teem-1.12.0~20160122/src/unrrdu/sselect.c
Examining data/teem-1.12.0~20160122/src/unrrdu/jhisto.c
Examining data/teem-1.12.0~20160122/src/unrrdu/swap.c
Examining data/teem-1.12.0~20160122/src/unrrdu/axmerge.c
Examining data/teem-1.12.0~20160122/src/unrrdu/cmedian.c
Examining data/teem-1.12.0~20160122/src/unrrdu/axinsert.c
Examining data/teem-1.12.0~20160122/src/unrrdu/splice.c
Examining data/teem-1.12.0~20160122/src/unrrdu/mrmap.c
Examining data/teem-1.12.0~20160122/src/unrrdu/resample.c
Examining data/teem-1.12.0~20160122/src/unrrdu/2op.c
Examining data/teem-1.12.0~20160122/src/unrrdu/histax.c
Examining data/teem-1.12.0~20160122/src/unrrdu/w2i.c
Examining data/teem-1.12.0~20160122/src/unrrdu/grid.c
Examining data/teem-1.12.0~20160122/src/unrrdu/dice.c
Examining data/teem-1.12.0~20160122/src/unrrdu/reshape.c
Examining data/teem-1.12.0~20160122/src/unrrdu/unquantize.c
Examining data/teem-1.12.0~20160122/src/unrrdu/lut2.c
Examining data/teem-1.12.0~20160122/src/unrrdu/env.c
Examining data/teem-1.12.0~20160122/src/unrrdu/rmap.c
Examining data/teem-1.12.0~20160122/src/unrrdu/convert.c
Examining data/teem-1.12.0~20160122/src/unrrdu/3op.c
Examining data/teem-1.12.0~20160122/src/unrrdu/pad.c
Examining data/teem-1.12.0~20160122/src/unrrdu/affine.c
Examining data/teem-1.12.0~20160122/src/unrrdu/dist.c
Examining data/teem-1.12.0~20160122/src/unrrdu/i2w.c
Examining data/teem-1.12.0~20160122/src/unrrdu/axdelete.c
Examining data/teem-1.12.0~20160122/src/unrrdu/heq.c
Examining data/teem-1.12.0~20160122/src/unrrdu/flip.c
Examining data/teem-1.12.0~20160122/src/unrrdu/diff.c
Examining data/teem-1.12.0~20160122/src/unrrdu/head.c
Examining data/teem-1.12.0~20160122/src/unrrdu/ccsettle.c
Examining data/teem-1.12.0~20160122/src/unrrdu/dering.c
Examining data/teem-1.12.0~20160122/src/unrrdu/fft.c
Examining data/teem-1.12.0~20160122/src/unrrdu/project.c
Examining data/teem-1.12.0~20160122/src/unrrdu/dhisto.c
Examining data/teem-1.12.0~20160122/src/unrrdu/vidicon.c
Examining data/teem-1.12.0~20160122/src/unrrdu/crop.c
Examining data/teem-1.12.0~20160122/src/ell/ell.h
Examining data/teem-1.12.0~20160122/src/ell/genmat.c
Examining data/teem-1.12.0~20160122/src/ell/quat.c
Examining data/teem-1.12.0~20160122/src/ell/vecEll.c
Examining data/teem-1.12.0~20160122/src/ell/eigen.c
Examining data/teem-1.12.0~20160122/src/ell/ellMacros.h
Examining data/teem-1.12.0~20160122/src/ell/mat.c
Examining data/teem-1.12.0~20160122/src/ell/cubicEll.c
Examining data/teem-1.12.0~20160122/src/ell/test/tq.c
Examining data/teem-1.12.0~20160122/src/ell/test/sort3.c
Examining data/teem-1.12.0~20160122/src/ell/test/inter.c
Examining data/teem-1.12.0~20160122/src/ell/test/es6.c
Examining data/teem-1.12.0~20160122/src/ell/test/wheel.c
Examining data/teem-1.12.0~20160122/src/ell/test/rot2aa.c
Examining data/teem-1.12.0~20160122/src/ell/test/invert.c
Examining data/teem-1.12.0~20160122/src/ell/test/mmul.c
Examining data/teem-1.12.0~20160122/src/ell/miscEll.c
Examining data/teem-1.12.0~20160122/src/bin/unu.c
Examining data/teem-1.12.0~20160122/src/bin/puller.c
Examining data/teem-1.12.0~20160122/src/bin/cubic.c
Examining data/teem-1.12.0~20160122/src/bin/ungantry.c
Examining data/teem-1.12.0~20160122/src/bin/ilk.c
Examining data/teem-1.12.0~20160122/src/bin/qbert.c
Examining data/teem-1.12.0~20160122/src/bin/deconv.c
Examining data/teem-1.12.0~20160122/src/bin/tend.c
Examining data/teem-1.12.0~20160122/src/bin/spots.c
Examining data/teem-1.12.0~20160122/src/bin/miter.c
Examining data/teem-1.12.0~20160122/src/bin/mrender.c
Examining data/teem-1.12.0~20160122/src/bin/ninspect.c
Examining data/teem-1.12.0~20160122/src/bin/gprobe.c
Examining data/teem-1.12.0~20160122/src/bin/overrgb.c
Examining data/teem-1.12.0~20160122/src/bin/airSanity.c
Examining data/teem-1.12.0~20160122/src/bin/nrrdSanity.c
Examining data/teem-1.12.0~20160122/src/bin/pprobe.c
Examining data/teem-1.12.0~20160122/src/bin/gkms.c
Examining data/teem-1.12.0~20160122/src/bin/talkweb.c
Examining data/teem-1.12.0~20160122/src/bin/vprobe.c
Examining data/teem-1.12.0~20160122/src/bin/emap.c
Examining data/teem-1.12.0~20160122/src/mite/ray.c
Examining data/teem-1.12.0~20160122/src/mite/kindnot.c
Examining data/teem-1.12.0~20160122/src/mite/txf.c
Examining data/teem-1.12.0~20160122/src/mite/thread.c
Examining data/teem-1.12.0~20160122/src/mite/user.c
Examining data/teem-1.12.0~20160122/src/mite/mite.h
Examining data/teem-1.12.0~20160122/src/mite/shade.c
Examining data/teem-1.12.0~20160122/src/mite/defaultsMite.c
Examining data/teem-1.12.0~20160122/src/mite/renderMite.c
Examining data/teem-1.12.0~20160122/src/mite/privateMite.h
Examining data/teem-1.12.0~20160122/src/elf/elf.h
Examining data/teem-1.12.0~20160122/src/elf/ballStickElf.c
Examining data/teem-1.12.0~20160122/src/elf/glyphElf.c
Examining data/teem-1.12.0~20160122/src/elf/maximaElf.c
Examining data/teem-1.12.0~20160122/src/elf/ESHEstimElf.c
Examining data/teem-1.12.0~20160122/src/nrrd/endianNrrd.c
Examining data/teem-1.12.0~20160122/src/nrrd/write.c
Examining data/teem-1.12.0~20160122/src/nrrd/measure.c
Examining data/teem-1.12.0~20160122/src/nrrd/formatText.c
Examining data/teem-1.12.0~20160122/src/nrrd/cc.c
Examining data/teem-1.12.0~20160122/src/nrrd/histogram.c
Examining data/teem-1.12.0~20160122/src/nrrd/encodingGzip.c
Examining data/teem-1.12.0~20160122/src/nrrd/ccmethods.c
Examining data/teem-1.12.0~20160122/src/nrrd/nrrdMacros.h
Examining data/teem-1.12.0~20160122/src/nrrd/hestNrrd.c
Examining data/teem-1.12.0~20160122/src/nrrd/formatEPS.c
Examining data/teem-1.12.0~20160122/src/nrrd/defaultsNrrd.c
Examining data/teem-1.12.0~20160122/src/nrrd/keyvalue.c
Examining data/teem-1.12.0~20160122/src/nrrd/resampleContext.c
Examining data/teem-1.12.0~20160122/src/nrrd/kernel.c
Examining data/teem-1.12.0~20160122/src/nrrd/deringNrrd.c
Examining data/teem-1.12.0~20160122/src/nrrd/arraysNrrd.c
Examining data/teem-1.12.0~20160122/src/nrrd/nrrdEnums.h
Examining data/teem-1.12.0~20160122/src/nrrd/formatNRRD.c
Examining data/teem-1.12.0~20160122/src/nrrd/encodingHex.c
Examining data/teem-1.12.0~20160122/src/nrrd/formatPNM.c
Examining data/teem-1.12.0~20160122/src/nrrd/map.c
Examining data/teem-1.12.0~20160122/src/nrrd/apply2D.c
Examining data/teem-1.12.0~20160122/src/nrrd/resampleNrrd.c
Examining data/teem-1.12.0~20160122/src/nrrd/formatPNG.c
Examining data/teem-1.12.0~20160122/src/nrrd/axis.c
Examining data/teem-1.12.0~20160122/src/nrrd/range.c
Examining data/teem-1.12.0~20160122/src/nrrd/simple.c
Examining data/teem-1.12.0~20160122/src/nrrd/reorder.c
Examining data/teem-1.12.0~20160122/src/nrrd/tmf/tmFilters_raw.c
Examining data/teem-1.12.0~20160122/src/nrrd/nrrd.h
Examining data/teem-1.12.0~20160122/src/nrrd/encodingAscii.c
Examining data/teem-1.12.0~20160122/src/nrrd/methodsNrrd.c
Examining data/teem-1.12.0~20160122/src/nrrd/comment.c
Examining data/teem-1.12.0~20160122/src/nrrd/encodingZRL.c
Examining data/teem-1.12.0~20160122/src/nrrd/convertNrrd.c
Examining data/teem-1.12.0~20160122/src/nrrd/tmfKernel.c
Examining data/teem-1.12.0~20160122/src/nrrd/accessors.c
Examining data/teem-1.12.0~20160122/src/nrrd/enumsNrrd.c
Examining data/teem-1.12.0~20160122/src/nrrd/arith.c
Examining data/teem-1.12.0~20160122/src/nrrd/subset.c
Examining data/teem-1.12.0~20160122/src/nrrd/winKernel.c
Examining data/teem-1.12.0~20160122/src/nrrd/iter.c
Examining data/teem-1.12.0~20160122/src/nrrd/fftNrrd.c
Examining data/teem-1.12.0~20160122/src/nrrd/test/dnorm.c
Examining data/teem-1.12.0~20160122/src/nrrd/test/genvol.c
Examining data/teem-1.12.0~20160122/src/nrrd/test/texp.c
Examining data/teem-1.12.0~20160122/src/nrrd/test/typestest.c
Examining data/teem-1.12.0~20160122/src/nrrd/test/tline.c
Examining data/teem-1.12.0~20160122/src/nrrd/test/minmax.c
Examining data/teem-1.12.0~20160122/src/nrrd/test/reuse.c
Examining data/teem-1.12.0~20160122/src/nrrd/test/ax.c
Examining data/teem-1.12.0~20160122/src/nrrd/test/kv.c
Examining data/teem-1.12.0~20160122/src/nrrd/test/tkernel.c
Examining data/teem-1.12.0~20160122/src/nrrd/test/tread.c
Examining data/teem-1.12.0~20160122/src/nrrd/test/io.c
Examining data/teem-1.12.0~20160122/src/nrrd/test/histrad.c
Examining data/teem-1.12.0~20160122/src/nrrd/test/morph.c
Examining data/teem-1.12.0~20160122/src/nrrd/test/convo.c
Examining data/teem-1.12.0~20160122/src/nrrd/test/trand.c
Examining data/teem-1.12.0~20160122/src/nrrd/test/quadvol.c
Examining data/teem-1.12.0~20160122/src/nrrd/test/strio.c
Examining data/teem-1.12.0~20160122/src/nrrd/test/otsu.c
Examining data/teem-1.12.0~20160122/src/nrrd/encodingBzip2.c
Examining data/teem-1.12.0~20160122/src/nrrd/privateNrrd.h
Examining data/teem-1.12.0~20160122/src/nrrd/encodingRaw.c
Examining data/teem-1.12.0~20160122/src/nrrd/format.c
Examining data/teem-1.12.0~20160122/src/nrrd/formatVTK.c
Examining data/teem-1.12.0~20160122/src/nrrd/bsplKernel.c
Examining data/teem-1.12.0~20160122/src/nrrd/apply1D.c
Examining data/teem-1.12.0~20160122/src/nrrd/gzio.c
Examining data/teem-1.12.0~20160122/src/nrrd/filt.c
Examining data/teem-1.12.0~20160122/src/nrrd/superset.c
Examining data/teem-1.12.0~20160122/src/nrrd/parseNrrd.c
Examining data/teem-1.12.0~20160122/src/nrrd/nrrdDefines.h
Examining data/teem-1.12.0~20160122/src/nrrd/read.c
Examining data/teem-1.12.0~20160122/src/nrrd/encoding.c
Examining data/teem-1.12.0~20160122/src/meet/enumall.c
Examining data/teem-1.12.0~20160122/src/meet/meet.h
Examining data/teem-1.12.0~20160122/src/meet/meetPull.c
Examining data/teem-1.12.0~20160122/src/meet/meetNrrd.c
Examining data/teem-1.12.0~20160122/src/meet/meetGage.c
Examining data/teem-1.12.0~20160122/src/meet/test/tenums.c
Examining data/teem-1.12.0~20160122/src/meet/test/strace.c
Examining data/teem-1.12.0~20160122/src/preamble.c
Examining data/teem-1.12.0~20160122/src/air/array.c
Examining data/teem-1.12.0~20160122/src/air/dio.c
Examining data/teem-1.12.0~20160122/src/air/parseAir.c
Examining data/teem-1.12.0~20160122/src/air/miscAir.c
Examining data/teem-1.12.0~20160122/src/air/mop.c
Examining data/teem-1.12.0~20160122/src/air/754.c
Examining data/teem-1.12.0~20160122/src/air/enum.c
Examining data/teem-1.12.0~20160122/src/air/sane.c
Examining data/teem-1.12.0~20160122/src/air/heap.c
Examining data/teem-1.12.0~20160122/src/air/randMT.c
Examining data/teem-1.12.0~20160122/src/air/threadAir.c
Examining data/teem-1.12.0~20160122/src/air/endianAir.c
Examining data/teem-1.12.0~20160122/src/air/privateAir.h
Examining data/teem-1.12.0~20160122/src/air/string.c
Examining data/teem-1.12.0~20160122/src/air/test/tmop.c
Examining data/teem-1.12.0~20160122/src/air/test/tarr.c
Examining data/teem-1.12.0~20160122/src/air/test/tdio.c
Examining data/teem-1.12.0~20160122/src/air/test/tprint.c
Examining data/teem-1.12.0~20160122/src/air/test/bessy.c
Examining data/teem-1.12.0~20160122/src/air/test/texp.c
Examining data/teem-1.12.0~20160122/src/air/test/fp.c
Examining data/teem-1.12.0~20160122/src/air/test/tline.c
Examining data/teem-1.12.0~20160122/src/air/test/doubleprint.c
Examining data/teem-1.12.0~20160122/src/air/test/floatprint.c
Examining data/teem-1.12.0~20160122/src/air/test/logrice.c
Examining data/teem-1.12.0~20160122/src/air/test/trand.c
Examining data/teem-1.12.0~20160122/src/air/test/tok.c
Examining data/teem-1.12.0~20160122/src/air/air.h
Examining data/teem-1.12.0~20160122/src/air/math.c
Examining data/teem-1.12.0~20160122/src/pull/binningPull.c
Examining data/teem-1.12.0~20160122/src/pull/privatePull.h
Examining data/teem-1.12.0~20160122/src/pull/corePull.c
Examining data/teem-1.12.0~20160122/src/pull/actionPull.c
Examining data/teem-1.12.0~20160122/src/pull/pull.h
Examining data/teem-1.12.0~20160122/src/pull/initPull.c
Examining data/teem-1.12.0~20160122/src/pull/defaultsPull.c
Examining data/teem-1.12.0~20160122/src/pull/contextPull.c
Examining data/teem-1.12.0~20160122/src/pull/volumePull.c
Examining data/teem-1.12.0~20160122/src/pull/enumsPull.c
Examining data/teem-1.12.0~20160122/src/pull/ccPull.c
Examining data/teem-1.12.0~20160122/src/pull/energy.c
Examining data/teem-1.12.0~20160122/src/pull/trace.c
Examining data/teem-1.12.0~20160122/src/pull/popcntl.c
Examining data/teem-1.12.0~20160122/src/pull/pointPull.c
Examining data/teem-1.12.0~20160122/src/pull/constraints.c
Examining data/teem-1.12.0~20160122/src/pull/test/circ.c
Examining data/teem-1.12.0~20160122/src/pull/test/eparse.c
Examining data/teem-1.12.0~20160122/src/pull/infoPull.c
Examining data/teem-1.12.0~20160122/src/pull/taskPull.c
Examining data/teem-1.12.0~20160122/src/pull/parmPull.c
Examining data/teem-1.12.0~20160122/src/coil/defaultsCoil.c
Examining data/teem-1.12.0~20160122/src/coil/scalarCoil.c
Examining data/teem-1.12.0~20160122/src/coil/realmethods.c
Examining data/teem-1.12.0~20160122/src/coil/enumsCoil.c
Examining data/teem-1.12.0~20160122/src/coil/coil.h
Examining data/teem-1.12.0~20160122/src/coil/coreCoil.c
Examining data/teem-1.12.0~20160122/src/coil/test/coiler.c
Examining data/teem-1.12.0~20160122/src/coil/methodsCoil.c
Examining data/teem-1.12.0~20160122/src/coil/tensorCoil.c
Examining data/teem-1.12.0~20160122/src/hoover/rays.c
Examining data/teem-1.12.0~20160122/src/hoover/stub.c
Examining data/teem-1.12.0~20160122/src/hoover/defaultsHoover.c
Examining data/teem-1.12.0~20160122/src/hoover/methodsHoover.c
Examining data/teem-1.12.0~20160122/src/hoover/hoover.h
Examining data/teem-1.12.0~20160122/src/ten/modelBall.c
Examining data/teem-1.12.0~20160122/src/ten/tendExp.c
Examining data/teem-1.12.0~20160122/src/ten/tendTconv.c
Examining data/teem-1.12.0~20160122/src/ten/tendEvec.c
Examining data/teem-1.12.0~20160122/src/ten/tendLog.c
Examining data/teem-1.12.0~20160122/src/ten/fiber.c
Examining data/teem-1.12.0~20160122/src/ten/tendEllipse.c
Examining data/teem-1.12.0~20160122/src/ten/chan.c
Examining data/teem-1.12.0~20160122/src/ten/tendExpand.c
Examining data/teem-1.12.0~20160122/src/ten/tendTriple.c
Examining data/teem-1.12.0~20160122/src/ten/tendSim.c
Examining data/teem-1.12.0~20160122/src/ten/tendSatin.c
Examining data/teem-1.12.0~20160122/src/ten/tendAnplot.c
Examining data/teem-1.12.0~20160122/src/ten/modelBall1StickEMD.c
Examining data/teem-1.12.0~20160122/src/ten/tendAnvol.c
Examining data/teem-1.12.0~20160122/src/ten/tendMake.c
Examining data/teem-1.12.0~20160122/src/ten/tendAvg.c
Examining data/teem-1.12.0~20160122/src/ten/model1Cylinder.c
Examining data/teem-1.12.0~20160122/src/ten/tendBmat.c
Examining data/teem-1.12.0~20160122/src/ten/modelBall1Cylinder.c
Examining data/teem-1.12.0~20160122/src/ten/privateTen.h
Examining data/teem-1.12.0~20160122/src/ten/tendSlice.c
Examining data/teem-1.12.0~20160122/src/ten/tendEvalpow.c
Examining data/teem-1.12.0~20160122/src/ten/tendEvecrgb.c
Examining data/teem-1.12.0~20160122/src/ten/bimod.c
Examining data/teem-1.12.0~20160122/src/ten/tendShrink.c
Examining data/teem-1.12.0~20160122/src/ten/tendEvq.c
Examining data/teem-1.12.0~20160122/src/ten/fiberMethods.c
Examining data/teem-1.12.0~20160122/src/ten/grads.c
Examining data/teem-1.12.0~20160122/src/ten/qseg.c
Examining data/teem-1.12.0~20160122/src/ten/estimate.c
Examining data/teem-1.12.0~20160122/src/ten/tenGage.c
Examining data/teem-1.12.0~20160122/src/ten/tendSten.c
Examining data/teem-1.12.0~20160122/src/ten/tendGrads.c
Examining data/teem-1.12.0~20160122/src/ten/tendEvalclamp.c
Examining data/teem-1.12.0~20160122/src/ten/bvec.c
Examining data/teem-1.12.0~20160122/src/ten/tenDwiGage.c
Examining data/teem-1.12.0~20160122/src/ten/tendMfit.c
Examining data/teem-1.12.0~20160122/src/ten/tendFiber.c
Examining data/teem-1.12.0~20160122/src/ten/modelB0.c
Examining data/teem-1.12.0~20160122/src/ten/tenModel.c
Examining data/teem-1.12.0~20160122/src/ten/model1Unit2D.c
Examining data/teem-1.12.0~20160122/src/ten/tendBfit.c
Examining data/teem-1.12.0~20160122/src/ten/tendAnhist.c
Examining data/teem-1.12.0~20160122/src/ten/tenMacros.h
Examining data/teem-1.12.0~20160122/src/ten/tendEval.c
Examining data/teem-1.12.0~20160122/src/ten/modelBall1Stick.c
Examining data/teem-1.12.0~20160122/src/ten/tendAbout.c
Examining data/teem-1.12.0~20160122/src/ten/glyph.c
Examining data/teem-1.12.0~20160122/src/ten/experSpec.c
Examining data/teem-1.12.0~20160122/src/ten/tendAnscale.c
Examining data/teem-1.12.0~20160122/src/ten/aniso.c
Examining data/teem-1.12.0~20160122/src/ten/tendUnmf.c
Examining data/teem-1.12.0~20160122/src/ten/tendEstim.c
Examining data/teem-1.12.0~20160122/src/ten/model1Vector2D.c
Examining data/teem-1.12.0~20160122/src/ten/model1Tensor2.c
Examining data/teem-1.12.0~20160122/src/ten/tendMsim.c
Examining data/teem-1.12.0~20160122/src/ten/tendEpireg.c
Examining data/teem-1.12.0~20160122/src/ten/tensor.c
Examining data/teem-1.12.0~20160122/src/ten/test/cntr.c
Examining data/teem-1.12.0~20160122/src/ten/test/teigen.c
Examining data/teem-1.12.0~20160122/src/ten/test/odf-hist.c
Examining data/teem-1.12.0~20160122/src/ten/test/tsoid.c
Examining data/teem-1.12.0~20160122/src/ten/test/tt.c
Examining data/teem-1.12.0~20160122/src/ten/test/tqgl.c
Examining data/teem-1.12.0~20160122/src/ten/test/tg.c
Examining data/teem-1.12.0~20160122/src/ten/test/teigen-evals-A.c
Examining data/teem-1.12.0~20160122/src/ten/test/rotedge.c
Examining data/teem-1.12.0~20160122/src/ten/test/geode.c
Examining data/teem-1.12.0~20160122/src/ten/test/taniso.c
Examining data/teem-1.12.0~20160122/src/ten/test/to.c
Examining data/teem-1.12.0~20160122/src/ten/test/tensorDotDat.c
Examining data/teem-1.12.0~20160122/src/ten/test/igrt.c
Examining data/teem-1.12.0~20160122/src/ten/test/roistat.c
Examining data/teem-1.12.0~20160122/src/ten/test/csim.c
Examining data/teem-1.12.0~20160122/src/ten/test/teigen-evals-B.c
Examining data/teem-1.12.0~20160122/src/ten/test/tem.c
Examining data/teem-1.12.0~20160122/src/ten/test/ttriple.c
Examining data/teem-1.12.0~20160122/src/ten/test/rgbprobe.c
Examining data/teem-1.12.0~20160122/src/ten/tendEvaladd.c
Examining data/teem-1.12.0~20160122/src/ten/tendHelix.c
Examining data/teem-1.12.0~20160122/src/ten/qglox.c
Examining data/teem-1.12.0~20160122/src/ten/enumsTen.c
Examining data/teem-1.12.0~20160122/src/ten/tendMconv.c
Examining data/teem-1.12.0~20160122/src/ten/tendNorm.c
Examining data/teem-1.12.0~20160122/src/ten/model2Unit2D.c
Examining data/teem-1.12.0~20160122/src/ten/modelZero.c
Examining data/teem-1.12.0~20160122/src/ten/ten.h
Examining data/teem-1.12.0~20160122/src/ten/model1Stick.c
Examining data/teem-1.12.0~20160122/src/ten/tendGlyph.c
Examining data/teem-1.12.0~20160122/src/ten/epireg.c
Examining data/teem-1.12.0~20160122/src/ten/miscTen.c
Examining data/teem-1.12.0~20160122/src/ten/mod.c
Examining data/teem-1.12.0~20160122/src/ten/path.c
Examining data/teem-1.12.0~20160122/src/ten/tendEvalmult.c
Examining data/teem-1.12.0~20160122/src/ten/tendFlotsam.c
Examining data/teem-1.12.0~20160122/src/ten/triple.c
Examining data/teem-1.12.0~20160122/src/ten/defaultsTen.c
Examining data/teem-1.12.0~20160122/src/ten/tendPoint.c
Examining data/teem-1.12.0~20160122/src/hest/parseHest.c
Examining data/teem-1.12.0~20160122/src/hest/usage.c
Examining data/teem-1.12.0~20160122/src/hest/hest.h
Examining data/teem-1.12.0~20160122/src/hest/test/tmpl.c
Examining data/teem-1.12.0~20160122/src/hest/test/strings.c
Examining data/teem-1.12.0~20160122/src/hest/test/ex0.c
Examining data/teem-1.12.0~20160122/src/hest/test/ex3.c
Examining data/teem-1.12.0~20160122/src/hest/test/ex1.c
Examining data/teem-1.12.0~20160122/src/hest/test/ex4.c
Examining data/teem-1.12.0~20160122/src/hest/test/ex2.c
Examining data/teem-1.12.0~20160122/src/hest/test/bday.c
Examining data/teem-1.12.0~20160122/src/hest/test/ex5.c
Examining data/teem-1.12.0~20160122/src/hest/privateHest.h
Examining data/teem-1.12.0~20160122/src/hest/defaultsHest.c
Examining data/teem-1.12.0~20160122/src/hest/methodsHest.c
Examining data/teem-1.12.0~20160122/src/push/corePush.c
Examining data/teem-1.12.0~20160122/src/push/binning.c
Examining data/teem-1.12.0~20160122/src/push/push.h
Examining data/teem-1.12.0~20160122/src/push/forces.c
Examining data/teem-1.12.0~20160122/src/push/setup.c
Examining data/teem-1.12.0~20160122/src/push/action.c
Examining data/teem-1.12.0~20160122/src/push/defaultsPush.c
Examining data/teem-1.12.0~20160122/src/push/test/pusher.c
Examining data/teem-1.12.0~20160122/src/push/test/eparse.c
Examining data/teem-1.12.0~20160122/src/push/privatePush.h
Examining data/teem-1.12.0~20160122/src/push/methodsPush.c
Examining data/teem-1.12.0~20160122/src/dye/dye.h
Examining data/teem-1.12.0~20160122/src/dye/convertDye.c
Examining data/teem-1.12.0~20160122/src/dye/test/iconv.c
Examining data/teem-1.12.0~20160122/src/dye/test/bow.c
Examining data/teem-1.12.0~20160122/src/dye/test/mchist.c
Examining data/teem-1.12.0~20160122/src/dye/test/conv.c
Examining data/teem-1.12.0~20160122/src/dye/methodsDye.c
Examining data/teem-1.12.0~20160122/Testing/gage/probeScl.c
Examining data/teem-1.12.0~20160122/Testing/gage/probeMulti.c
Examining data/teem-1.12.0~20160122/Testing/gage/tsbp.c
Examining data/teem-1.12.0~20160122/Testing/gage/probePolynomial.c
Examining data/teem-1.12.0~20160122/Testing/biff/test.c
Examining data/teem-1.12.0~20160122/Testing/unrrdu/unulist.c
Examining data/teem-1.12.0~20160122/Testing/nrrd/macros.c
Examining data/teem-1.12.0~20160122/Testing/nrrd/sanity.c
Examining data/teem-1.12.0~20160122/Testing/nrrd/tload.c
Examining data/teem-1.12.0~20160122/Testing/nrrd/tskip.c
Examining data/teem-1.12.0~20160122/Testing/nrrd/trand.c
Examining data/teem-1.12.0~20160122/Testing/nrrd/tbspec.c
Examining data/teem-1.12.0~20160122/Testing/meet/probeSS.c
Examining data/teem-1.12.0~20160122/Testing/meet/buildinfo.c
Examining data/teem-1.12.0~20160122/Testing/meet/enmall.c
Examining data/teem-1.12.0~20160122/Testing/meet/kernall.c
Examining data/teem-1.12.0~20160122/Testing/air/mtrand.c
Examining data/teem-1.12.0~20160122/Testing/air/miscAir.c
Examining data/teem-1.12.0~20160122/Testing/air/string.c
Examining data/teem-1.12.0~20160122/Testing/air/strtok.c
Examining data/teem-1.12.0~20160122/Testing/air/amath.c
Examining data/teem-1.12.0~20160122/Testing/air/pptest.c
Examining data/teem-1.12.0~20160122/Testing/ten/glyphBqd.c
Examining data/teem-1.12.0~20160122/Testing/ten/tendlist.c
Examining data/teem-1.12.0~20160122/Examples/sanity/sanity.c
Examining data/teem-1.12.0~20160122/CMake/testAirExists.cxx
Examining data/teem-1.12.0~20160122/CMake/airExistsConf.h
Examining data/teem-1.12.0~20160122/CMake/TestQnanhibit.c
Examining data/teem-1.12.0~20160122/CMake/TestNO_ICC_IDYNAMIC_NEEDED.cxx
Examining data/teem-1.12.0~20160122/UseTeemCMakeDemo/sanity.c
FINAL RESULTS:
data/teem-1.12.0~20160122/Testing/air/string.c:103:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ab, "%s %s", STR_A, STR_B);
data/teem-1.12.0~20160122/Testing/air/strtok.c:78:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(wordsp, "%s%c", word[wi], sep[AIR_MOD(wi, sepLen)]);
data/teem-1.12.0~20160122/Testing/air/strtok.c:80:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(line, wordsp);
data/teem-1.12.0~20160122/Testing/gage/probeMulti.c:40:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dst, "%s[%s][%u] #%u pp %u: (%g,%g,%g)->(%u,%u,%u): ",
data/teem-1.12.0~20160122/src/air/enum.c:31:11: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
# define snprintf _snprintf
data/teem-1.12.0~20160122/src/air/enum.c:31:20: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
# define snprintf _snprintf
data/teem-1.12.0~20160122/src/air/enum.c:198:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buff, fmt, ident, desc);
data/teem-1.12.0~20160122/src/air/enum.c:333:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bb1, enm->str[ii]);
data/teem-1.12.0~20160122/src/air/enum.c:335:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bb2, enm->str[jj]);
data/teem-1.12.0~20160122/src/air/enum.c:453:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bb1, enm->strEqv[ii]);
data/teem-1.12.0~20160122/src/air/enum.c:455:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bb2, enm->strEqv[jj]);
data/teem-1.12.0~20160122/src/air/miscAir.c:58:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "Teem version %s, %s%s%s",
data/teem-1.12.0~20160122/src/air/miscAir.c:222:34: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define PRINT(F, S, C, V) ((F) ? fprintf((F),(C),(V)) : sprintf((S),(C),(V)))
data/teem-1.12.0~20160122/src/air/miscAir.c:222:57: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
#define PRINT(F, S, C, V) ((F) ? fprintf((F),(C),(V)) : sprintf((S),(C),(V)))
data/teem-1.12.0~20160122/src/air/miscAir.c:255:18: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
ret = file ? vfprintf(file, fmt, ap) : vsprintf(str, fmt, ap);
data/teem-1.12.0~20160122/src/air/miscAir.c:255:44: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
ret = file ? vfprintf(file, fmt, ap) : vsprintf(str, fmt, ap);
data/teem-1.12.0~20160122/src/air/miscAir.c:283:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(_str, str + si);
data/teem-1.12.0~20160122/src/air/miscAir.c:314:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(_str, str + si);
data/teem-1.12.0~20160122/src/air/miscAir.c:343:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(dst, stmp);
data/teem-1.12.0~20160122/src/air/miscAir.c:375:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%g %s", dval, suff[suffIdx]);
data/teem-1.12.0~20160122/src/air/parseAir.c:116:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
ret = sscanf(str, fmt, ptr);
data/teem-1.12.0~20160122/src/air/parseAir.c:150:12: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
return sscanf(str, fmt, ptr);
data/teem-1.12.0~20160122/src/air/string.c:46:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ret, s);
data/teem-1.12.0~20160122/src/alan/coreAlan.c:205:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(fname, (2 == actx->dim ? "%06d.png" : "%06d.nrrd"),
data/teem-1.12.0~20160122/src/bane/gkmsFlotsam.c:44:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: got NULL pointer", me);
data/teem-1.12.0~20160122/src/bane/gkmsFlotsam.c:80:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: \"%s\" not recognized", me, str);
data/teem-1.12.0~20160122/src/bane/gkmsFlotsam.c:106:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: got NULL pointer", me);
data/teem-1.12.0~20160122/src/bane/gkmsFlotsam.c:145:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mesg, "%s: couldn't parse \"%s\" as four-parameter BEF or "
data/teem-1.12.0~20160122/src/bane/gkmsFlotsam.c:147:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(err, mesg);
data/teem-1.12.0~20160122/src/bane/gkmsFlotsam.c:184:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: got NULL pointer", me);
data/teem-1.12.0~20160122/src/bane/gkmsFlotsam.c:191:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: can't parse \"%s\" as x<float>", me, str);
data/teem-1.12.0~20160122/src/bane/gkmsFlotsam.c:197:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: can't parse \"%s\" as float", me, str);
data/teem-1.12.0~20160122/src/bane/gkmsFlotsam.c:250:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, fmt, buff);
data/teem-1.12.0~20160122/src/bane/gkmsFlotsam.c:257:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buff, me);
data/teem-1.12.0~20160122/src/bane/gkmsFlotsam.c:259:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buff, baneGkmsCmdList[ci]->name);
data/teem-1.12.0~20160122/src/bane/measr.c:58:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(measr->name, "%s, positive", airEnumStr(gageScl, item));
data/teem-1.12.0~20160122/src/bane/measr.c:67:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(measr->name, "%s, zero-centered", airEnumStr(gageScl, item));
data/teem-1.12.0~20160122/src/bane/measr.c:76:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(measr->name, "%s, anywhere", airEnumStr(gageScl, item));
data/teem-1.12.0~20160122/src/bane/measr.c:85:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(measr->name, "%s", airEnumStr(gageScl, item));
data/teem-1.12.0~20160122/src/bane/measr.c:94:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(measr->name, "%s", airEnumStr(gageScl, item));
data/teem-1.12.0~20160122/src/bane/measr.c:103:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(measr->name, "%s", airEnumStr(gageScl, item));
data/teem-1.12.0~20160122/src/bane/measr.c:112:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(measr->name, "%s", airEnumStr(gageScl, item));
data/teem-1.12.0~20160122/src/bane/measr.c:121:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(measr->name, "%s", airEnumStr(gageScl, item));
data/teem-1.12.0~20160122/src/biff/biff.h:80:24: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format(printf,2,3)))
data/teem-1.12.0~20160122/src/biff/biff.h:86:24: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format(printf,3,4)))
data/teem-1.12.0~20160122/src/biff/biff.h:103:26: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format(printf,2,3)))
data/teem-1.12.0~20160122/src/biff/biff.h:110:24: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format(printf,3,4)))
data/teem-1.12.0~20160122/src/biff/biff.h:123:24: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format(printf,3,4)))
data/teem-1.12.0~20160122/src/biff/biffbiff.c:32:11: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
# define snprintf _snprintf
data/teem-1.12.0~20160122/src/biff/biffbiff.c:32:20: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
# define snprintf _snprintf
data/teem-1.12.0~20160122/src/biff/biffbiff.c:286:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(ret, errlen, err, key);
data/teem-1.12.0~20160122/src/biff/biffmsg.c:117:3: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(errstr, errfmt, args);
data/teem-1.12.0~20160122/src/biff/biffmsg.c:194:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "[%s] %s", src->key, src->err[ii]);
data/teem-1.12.0~20160122/src/biff/biffmsg.c:210:3: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(errstr, errfmt, args);
data/teem-1.12.0~20160122/src/biff/biffmsg.c:311:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "[%s] %s\n", msg->key, msg->err[ii-1]);
data/teem-1.12.0~20160122/src/biff/biffmsg.c:312:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ret, buff);
data/teem-1.12.0~20160122/src/bin/cubic.c:49:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s %s %s", argv[1], argv[2], argv[3]);
data/teem-1.12.0~20160122/src/bin/gkms.c:88:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(argv0, "%s %s", GKMS, argv[1]);
data/teem-1.12.0~20160122/src/bin/mrender.c:448:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ret, prefix);
data/teem-1.12.0~20160122/src/bin/mrender.c:453:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ret, line);
data/teem-1.12.0~20160122/src/bin/pprobe.c:243:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fnform, "%s/blur-%%02u.nrrd", stackSavePath);
data/teem-1.12.0~20160122/src/bin/puller.c:1097:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Deft::homeDir, envS);
data/teem-1.12.0~20160122/src/bin/puller.c:1720:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fname[0], "%s-strn.nrrd", extraOutBaseS);
data/teem-1.12.0~20160122/src/bin/puller.c:1721:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fname[1], "%s-stab.nrrd", extraOutBaseS);
data/teem-1.12.0~20160122/src/bin/puller.c:1722:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fname[2], "%s-intern.nrrd", extraOutBaseS);
data/teem-1.12.0~20160122/src/bin/talkweb.c:114:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(all[lineIdx], "%s\n", line);
data/teem-1.12.0~20160122/src/bin/talkweb.c:125:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(*strP, all[lineIdx]);
data/teem-1.12.0~20160122/src/bin/talkweb.c:247:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(image, "<img width=%d height=%d src=\"%s\">",
data/teem-1.12.0~20160122/src/bin/talkweb.c:288:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(n + (p - *sP) + strlen(r), p + strlen(f));
data/teem-1.12.0~20160122/src/bin/talkweb.c:330:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmp, "<li> <a href=\"slide%03d.html\">%s</a>\n",
data/teem-1.12.0~20160122/src/bin/talkweb.c:332:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(repl, tmp);
data/teem-1.12.0~20160122/src/bin/talkweb.c:358:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(frst, "<a href=\"slide001.html\">%s</a>", link[0]);
data/teem-1.12.0~20160122/src/bin/talkweb.c:359:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(last, "<a href=\"slide%03d.html\">%s</a>", numSlides, link[3]);
data/teem-1.12.0~20160122/src/bin/talkweb.c:367:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(prev, "<a href=\"slide%03d.html\">%s</a>", si, link[1]);
data/teem-1.12.0~20160122/src/bin/talkweb.c:372:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(next, "<a href=\"slide%03d.html\">%s</a>", si+2, link[2]);
data/teem-1.12.0~20160122/src/bin/talkweb.c:502:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tag[ti], "<!--%s-->", pretag[ti]);
data/teem-1.12.0~20160122/src/bin/tend.c:86:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(argv0, "%s %s", TEND, argv[1]);
data/teem-1.12.0~20160122/src/bin/unu.c:112:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(argv0, "%s %s", UNU, argv[1]);
data/teem-1.12.0~20160122/src/dye/methodsDye.c:222:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s:%g,%g,%g", dyeSpaceToStr[col->spc[col->ii]],
data/teem-1.12.0~20160122/src/echo/test/glyph.c:198:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: got NULL pointer", me);
data/teem-1.12.0~20160122/src/echo/test/glyph.c:209:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(err, nerr);
data/teem-1.12.0~20160122/src/echo/test/glyph.c:215:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: \"%s\" isn't a valid tensor volume", me, str);
data/teem-1.12.0~20160122/src/echo/test/glyph.c:220:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(err, nerr);
data/teem-1.12.0~20160122/src/echo/test/glyph.c:227:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: need existent spacings on x,y,z axes", me);
data/teem-1.12.0~20160122/src/ell/test/inter.c:164:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(filename, "%s%03d.eps", outS, fidx);
data/teem-1.12.0~20160122/src/gage/ctx.c:893:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ctx->errStr, "%s: search failure for ss = %g", me, ss);
data/teem-1.12.0~20160122/src/gage/ctx.c:895:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctx->errStr, _GAGE_NON_ERR_STR);
data/teem-1.12.0~20160122/src/gage/filter.c:273:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ctx->errStr, "%s: position (%g,%g,%g) outside (%s-centered) "
data/teem-1.12.0~20160122/src/gage/filter.c:279:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctx->errStr, _GAGE_NON_ERR_STR);
data/teem-1.12.0~20160122/src/gage/filter.c:287:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ctx->errStr, "%s: stack position %g outside (%s-centered) "
data/teem-1.12.0~20160122/src/gage/filter.c:291:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctx->errStr, _GAGE_NON_ERR_STR);
data/teem-1.12.0~20160122/src/gage/filter.c:420:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ctx->errStr, "%s: integral of stackFw[] is zero; "
data/teem-1.12.0~20160122/src/gage/filter.c:423:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctx->errStr, _GAGE_NON_ERR_STR);
data/teem-1.12.0~20160122/src/gage/filter.c:443:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ctx->errStr, "%s: all stackFw[] weights are zero; "
data/teem-1.12.0~20160122/src/gage/filter.c:446:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctx->errStr, _GAGE_NON_ERR_STR);
data/teem-1.12.0~20160122/src/gage/stack.c:360:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ctx->errStr, "%s: can't probe stack without parm.stackUse", me);
data/teem-1.12.0~20160122/src/gage/stack.c:362:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctx->errStr, _GAGE_NON_ERR_STR);
data/teem-1.12.0~20160122/src/gage/stack.c:381:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ctx->errStr, "%s: can't probe stack without parm.stackUse", me);
data/teem-1.12.0~20160122/src/gage/stack.c:383:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctx->errStr, _GAGE_NON_ERR_STR);
data/teem-1.12.0~20160122/src/gage/stackBlur.c:167:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(explain, "%s->" #VAR "=" #FMT " != %s->" #VAR "=" #FMT, \
data/teem-1.12.0~20160122/src/gage/stackBlur.c:187:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(explain, "%s->sigmaSampling=%s != %s->sigmaSampling=%s",
data/teem-1.12.0~20160122/src/gage/stackBlur.c:196:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(explain, "%s->sigma[%u]=%.17g != %s->sigma[%u]=%.17g",
data/teem-1.12.0~20160122/src/gage/stackBlur.c:209:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(explain, "kernel specs different: %s", subexplain);
data/teem-1.12.0~20160122/src/gage/stackBlur.c:220:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(explain, "boundary specs different: %s", subexplain);
data/teem-1.12.0~20160122/src/gage/stackBlur.c:730:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(eps, stok);
data/teem-1.12.0~20160122/src/gage/stackBlur.c:842:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(out, stmp);
data/teem-1.12.0~20160122/src/gage/stackBlur.c:854:24: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(out, "k="); strcat(out, stmp);
data/teem-1.12.0~20160122/src/gage/stackBlur.c:863:24: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(out, "b="); strcat(out, stmp);
data/teem-1.12.0~20160122/src/gage/stackBlur.c:868:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(out, airEnumStr(gageSigmaSampling, sbp->sigmaSampling));
data/teem-1.12.0~20160122/src/gage/stackBlur.c:873:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(out, stmp);
data/teem-1.12.0~20160122/src/gage/stackBlur.c:880:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(out, stmp);
data/teem-1.12.0~20160122/src/gage/stackBlur.c:885:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(out, extraParm);
data/teem-1.12.0~20160122/src/gage/stackBlur.c:897:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: got NULL pointer", me);
data/teem-1.12.0~20160122/src/gage/stackBlur.c:1000:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(blurVal[blIdx].val[4], "%s", sbp->renormalize ? "true" : "false");
data/teem-1.12.0~20160122/src/gage/stackBlur.c:1002:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(blurVal[blIdx].val[6], "%s",
data/teem-1.12.0~20160122/src/gage/stackBlur.c:1004:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(blurVal[blIdx].val[7], "%s",
data/teem-1.12.0~20160122/src/gage/stackBlur.c:1632:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(fname, format, 0);
data/teem-1.12.0~20160122/src/hest/methodsHest.c:237:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(copy, opt->flag);
data/teem-1.12.0~20160122/src/hest/methodsHest.c:241:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ident, "-%s%c--%s option", copy, parm->multiFlagSep, sep+1);
data/teem-1.12.0~20160122/src/hest/methodsHest.c:243:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ident, "-%s option", copy);
data/teem-1.12.0~20160122/src/hest/methodsHest.c:246:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ident, "%s%s%s option",
data/teem-1.12.0~20160122/src/hest/methodsHest.c:331:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(copy, opt[op].flag);
data/teem-1.12.0~20160122/src/hest/methodsHest.c:335:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "-%s", copy);
data/teem-1.12.0~20160122/src/hest/methodsHest.c:339:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "--%s", sep+1);
data/teem-1.12.0~20160122/src/hest/methodsHest.c:345:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "-%s", opt[op].flag);
data/teem-1.12.0~20160122/src/hest/methodsHest.c:425:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ret, argv[base+pidx]);
data/teem-1.12.0~20160122/src/hest/parseHest.c:67:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%scouldn't open \"%s\" for reading as response file",
data/teem-1.12.0~20160122/src/hest/parseHest.c:175:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s!!!!!! opt[%d].type (%d) not in valid range [%d,%d]",
data/teem-1.12.0~20160122/src/hest/parseHest.c:183:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s!!!!!! opt[%d]'s valueP is NULL!", ME, op);
data/teem-1.12.0~20160122/src/hest/parseHest.c:190:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s!!!!!! opt[%d]'s min (%d) and max (%d) incompatible",
data/teem-1.12.0~20160122/src/hest/parseHest.c:198:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s!!!!!! have multiple variable parameters, "
data/teem-1.12.0~20160122/src/hest/parseHest.c:207:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s!!!!!! opt[%d] (%s) is type \"enum\", but no "
data/teem-1.12.0~20160122/src/hest/parseHest.c:219:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s!!!!!! opt[%d] (%s) is type \"other\", but no "
data/teem-1.12.0~20160122/src/hest/parseHest.c:229:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s!!!!!! opt[%d]'s \"size\" (%d) invalid",
data/teem-1.12.0~20160122/src/hest/parseHest.c:237:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s!!!!!! opt[%d]'s \"type\" is NULL",
data/teem-1.12.0~20160122/src/hest/parseHest.c:246:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s!!!!!! opt[%d]'s \"parse\" callback NULL", ME, op);
data/teem-1.12.0~20160122/src/hest/parseHest.c:253:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s!!!!!! opt[%d] has a \"destroy\", but size isn't "
data/teem-1.12.0~20160122/src/hest/parseHest.c:261:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tbuff, opt[op].flag);
data/teem-1.12.0~20160122/src/hest/parseHest.c:266:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s!!!!!! either short (\"%s\") or long (\"%s\") flag"
data/teem-1.12.0~20160122/src/hest/parseHest.c:276:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s!!!!!! opt[%d].flag is zero length",
data/teem-1.12.0~20160122/src/hest/parseHest.c:286:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s!!!!!! flagged single variable parameter must "
data/teem-1.12.0~20160122/src/hest/parseHest.c:294:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s!!!!!! flagged single variable parameter default "
data/teem-1.12.0~20160122/src/hest/parseHest.c:314:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s!!!!!! flags must have flags", ME);
data/teem-1.12.0~20160122/src/hest/parseHest.c:323:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s!!!!!! opt[%d] isn't a flag: must have \"name\"",
data/teem-1.12.0~20160122/src/hest/parseHest.c:332:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s!!!!!! opt[%d] is single variable parameter, but "
data/teem-1.12.0~20160122/src/hest/parseHest.c:342:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s!!!!!! can't have %d unflagged min<max opts, only one",
data/teem-1.12.0~20160122/src/hest/parseHest.c:437:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%shit end of line before getting %d parameter%s "
data/teem-1.12.0~20160122/src/hest/parseHest.c:443:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%shit %s before getting %d parameter%s for %s (got %d)",
data/teem-1.12.0~20160122/src/hest/parseHest.c:482:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%sdidn't get required %s",
data/teem-1.12.0~20160122/src/hest/parseHest.c:532:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%sdon't have %d parameter%s %s%s%sfor %s",
data/teem-1.12.0~20160122/src/hest/parseHest.c:560:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%sdon't have %d parameter%s for %s",
data/teem-1.12.0~20160122/src/hest/parseHest.c:586:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%sdidn't get minimum of %d arg%s for %s (got %d)",
data/teem-1.12.0~20160122/src/hest/parseHest.c:670:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s# parameters (in default) for %s is %d, "
data/teem-1.12.0~20160122/src/hest/parseHest.c:770:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%scouldn\'t parse %s\"%s\" as %s for %s",
data/teem-1.12.0~20160122/src/hest/parseHest.c:781:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%serror parsing \"%s\" as %s for %s:\n%s",
data/teem-1.12.0~20160122/src/hest/parseHest.c:784:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%serror parsing \"%s\" as %s for %s: returned %d",
data/teem-1.12.0~20160122/src/hest/parseHest.c:799:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%scouldn't parse %s\"%s\" as %s for %s",
data/teem-1.12.0~20160122/src/hest/parseHest.c:812:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%scouldn't parse %s\"%s\" as %s for %s",
data/teem-1.12.0~20160122/src/hest/parseHest.c:828:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%scouldn't parse %s\"%s\" as %d %s%s for %s",
data/teem-1.12.0~20160122/src/hest/parseHest.c:843:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%serror parsing \"%s\" (in \"%s\") as %s "
data/teem-1.12.0~20160122/src/hest/parseHest.c:847:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%serror parsing \"%s\" (in \"%s\") as %s "
data/teem-1.12.0~20160122/src/hest/parseHest.c:869:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%scouldn't parse %s\"%s\" as %d %s%s for %s",
data/teem-1.12.0~20160122/src/hest/parseHest.c:885:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%scouldn't parse %s\"%s\" as %d %s%s for %s",
data/teem-1.12.0~20160122/src/hest/parseHest.c:901:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%scouldn't parse %s\"%s\" as %s for %s",
data/teem-1.12.0~20160122/src/hest/parseHest.c:919:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%serror parsing \"%s\" as %s for %s:\n%s",
data/teem-1.12.0~20160122/src/hest/parseHest.c:922:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%serror parsing \"%s\" as %s for %s: returned %d",
data/teem-1.12.0~20160122/src/hest/parseHest.c:936:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%scouldn't parse %s\"%s\" as %s for %s",
data/teem-1.12.0~20160122/src/hest/parseHest.c:953:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%scouldn't parse %s\"%s\" as %s for %s",
data/teem-1.12.0~20160122/src/hest/parseHest.c:996:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%scouldn't parse %s\"%s\" as %u %s%s for %s",
data/teem-1.12.0~20160122/src/hest/parseHest.c:1017:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err,"%serror parsing \"%s\" (in \"%s\") as %s "
data/teem-1.12.0~20160122/src/hest/parseHest.c:1022:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%serror parsing \"%s\" (in \"%s\") as %s "
data/teem-1.12.0~20160122/src/hest/parseHest.c:1046:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%scouldn't parse %s\"%s\" as %d %s%s for %s",
data/teem-1.12.0~20160122/src/hest/parseHest.c:1065:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%scouldn't parse %s\"%s\" as %d %s%s for %s",
data/teem-1.12.0~20160122/src/hest/parseHest.c:1207:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%sunexpected arg%s: \"%s\"", ME,
data/teem-1.12.0~20160122/src/hest/parseHest.c:1240:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(param,param_copy);
data/teem-1.12.0~20160122/src/hest/usage.c:38:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(copy, O->flag);
data/teem-1.12.0~20160122/src/hest/usage.c:43:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(B, copy);
data/teem-1.12.0~20160122/src/hest/usage.c:52:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(B, sep+1);
data/teem-1.12.0~20160122/src/hest/usage.c:56:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(B, O->flag);
data/teem-1.12.0~20160122/src/hest/usage.c:67:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(B, O->name);
data/teem-1.12.0~20160122/src/hest/usage.c:80:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(B, O.flag ? "-" : ""), \
data/teem-1.12.0~20160122/src/hest/usage.c:81:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(B, O.flag ? O.flag : ""), \
data/teem-1.12.0~20160122/src/hest/usage.c:82:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(B, O.flag && (O.min || _hestMax(O.max)) ? "\t" : ""), \
data/teem-1.12.0~20160122/src/hest/usage.c:83:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(B, !O.min && _hestMax(O.max) ? "[" : ""), \
data/teem-1.12.0~20160122/src/hest/usage.c:84:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(B, O.min || _hestMax(O.max) ? "<" : ""), \
data/teem-1.12.0~20160122/src/hest/usage.c:85:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(B, O.min || _hestMax(O.max) ? O.name : ""), \
data/teem-1.12.0~20160122/src/hest/usage.c:86:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(B, (O.min < _hestMax(O.max) && (_hestMax(O.max) > 1)) ? " ...": ""), \
data/teem-1.12.0~20160122/src/hest/usage.c:87:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(B, O.min || _hestMax(O.max) ? ">" : ""), \
data/teem-1.12.0~20160122/src/hest/usage.c:88:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(B, !O.min && _hestMax(O.max) ? "]" : "");
data/teem-1.12.0~20160122/src/hest/usage.c:249:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buff, argv0 ? argv0 : "");
data/teem-1.12.0~20160122/src/hest/usage.c:252:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buff, tmpS);
data/teem-1.12.0~20160122/src/hest/usage.c:332:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buff, opt[i].info);
data/teem-1.12.0~20160122/src/hest/usage.c:357:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buff, tmpS);
data/teem-1.12.0~20160122/src/hest/usage.c:366:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buff, tmpS);
data/teem-1.12.0~20160122/src/hest/usage.c:369:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmpS, "%s%s",
data/teem-1.12.0~20160122/src/hest/usage.c:382:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buff, tmpS);
data/teem-1.12.0~20160122/src/hest/usage.c:420:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpS, opt[i].dflt);
data/teem-1.12.0~20160122/src/hest/usage.c:423:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buff, tmpS);
data/teem-1.12.0~20160122/src/limn/io.c:493:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(infoS, airEnumStr(limnPolyDataInfo, bit));
data/teem-1.12.0~20160122/src/limn/io.c:896:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: got NULL pointer", me);
data/teem-1.12.0~20160122/src/limn/io.c:909:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: couldn't fopen(\"%s\",\"rb\"): %s",
data/teem-1.12.0~20160122/src/limn/io.c:946:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: got NULL pointer", me);
data/teem-1.12.0~20160122/src/limn/io.c:959:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: couldn't fopen(\"%s\",\"rb\"): %s",
data/teem-1.12.0~20160122/src/limn/lpuFlotsam.c:57:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, fmt, buff);
data/teem-1.12.0~20160122/src/limn/lpuFlotsam.c:64:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buff, me);
data/teem-1.12.0~20160122/src/limn/lpuFlotsam.c:66:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buff, limnpuCmdList[i]->name);
data/teem-1.12.0~20160122/src/limn/lpu_about.c:45:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, fmt, buff);
data/teem-1.12.0~20160122/src/limn/lpu_about.c:49:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, fmt, buff);
data/teem-1.12.0~20160122/src/limn/splineMisc.c:367:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: got NULL pointer", me);
data/teem-1.12.0~20160122/src/limn/splineMisc.c:374:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: couldn't parse \"%s\":\n", me, str);
data/teem-1.12.0~20160122/src/limn/splineMisc.c:405:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: got NULL pointer", me);
data/teem-1.12.0~20160122/src/limn/splineMisc.c:418:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: couldn't parse \"%s\":\n", me, str);
data/teem-1.12.0~20160122/src/limn/test/lpu.c:96:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(argv0, "%s %s", LPU, argv[1]);
data/teem-1.12.0~20160122/src/limn/test/tcamanim.c:41:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: couldn't read first line or it wasn't \"%s\"",
data/teem-1.12.0~20160122/src/limn/test/tcamanim.c:48:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: couldn't read second line or it wasn't "
data/teem-1.12.0~20160122/src/limn/test/tcamanim.c:69:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: trouble parsing line %d: \"%s\"", me, ki, line);
data/teem-1.12.0~20160122/src/matlab/nrrdLoad.c:84:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errBuff, "%s: requires one string argument (the name of the file)", me);
data/teem-1.12.0~20160122/src/matlab/nrrdLoad.c:103:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errBuff, "%s: trouble reading NRRD header:\n%s", me, errPtr);
data/teem-1.12.0~20160122/src/matlab/nrrdLoad.c:109:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errBuff, "%s: sorry, can't handle type %s (%d)", me,
data/teem-1.12.0~20160122/src/matlab/nrrdLoad.c:128:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errBuff, "%s: trouble reading NRRD:\n%s", me, errPtr);
data/teem-1.12.0~20160122/src/matlab/nrrdLoadOrientation.c:45:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errBuff, "%s: requires one string argument (the name of the file)",
data/teem-1.12.0~20160122/src/matlab/nrrdLoadOrientation.c:65:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errBuff, "%s: trouble reading NRRD header:\n%s", me, errPtr);
data/teem-1.12.0~20160122/src/matlab/nrrdLoadOrientation.c:97:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errBuff, "%s: error interpreting axis %u spacing "
data/teem-1.12.0~20160122/src/matlab/nrrdLoadOrientation.c:103:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errBuff, "%s: error interpreting axis %u spacing "
data/teem-1.12.0~20160122/src/matlab/nrrdSave.c:82:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errBuff, "%s: requires two args: one string, one array", me);
data/teem-1.12.0~20160122/src/matlab/nrrdSave.c:89:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errBuff, "%s: sorry, array must be real", me);
data/teem-1.12.0~20160122/src/matlab/nrrdSave.c:94:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errBuff, "%s: sorry, can't handle type %s",
data/teem-1.12.0~20160122/src/matlab/nrrdSave.c:100:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errBuff, "%s: number of array dimensions %d outside range [1,%d]",
data/teem-1.12.0~20160122/src/matlab/nrrdSave.c:119:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errBuff, "%s: error saving NRRD:\n%s", me, errPtr);
data/teem-1.12.0~20160122/src/meet/meetGage.c:78:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: got NULL pointer", me);
data/teem-1.12.0~20160122/src/meet/meetGage.c:86:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: \"%s\" not \"%s\", \"%s\", \"%s\", or \"%s\"", me, str,
data/teem-1.12.0~20160122/src/meet/meetGage.c:101:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: got NULL pointer", me);
data/teem-1.12.0~20160122/src/meet/meetGage.c:107:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: \"%s\" not \"%s\", \"%s\", \"%s\", \"%s\", or \"%s\"", me,
data/teem-1.12.0~20160122/src/meet/meetPull.c:166:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(sbps, ctok);
data/teem-1.12.0~20160122/src/meet/meetPull.c:234:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: got NULL pointer", me);
data/teem-1.12.0~20160122/src/meet/meetPull.c:328:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(explain, "not from same file (\"%s\" vs \"%s\")\n",
data/teem-1.12.0~20160122/src/meet/meetPull.c:337:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(explain, "not same kind (%s vs %s)\n",
data/teem-1.12.0~20160122/src/meet/meetPull.c:346:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(explain, "not agreeing on use of scale-space (%s vs %s)\n",
data/teem-1.12.0~20160122/src/meet/meetPull.c:361:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(explain, "different uses of scale-space: %s", subexplain);
data/teem-1.12.0~20160122/src/meet/meetPull.c:522:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(formatSS, "%s/%s-%%03u-%03u.nrrd",
data/teem-1.12.0~20160122/src/meet/meetPull.c:743:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: got NULL pointer", me);
data/teem-1.12.0~20160122/src/mite/ray.c:331:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(muu->ndebug->axis[0].label, mtt->stage[stageIdx].label);
data/teem-1.12.0~20160122/src/mite/shade.c:182:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "phong:%s", var[0]);
data/teem-1.12.0~20160122/src/mite/shade.c:189:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "litten:%s,%s,%s,%s", var[0], var[1], var[2], var[3]);
data/teem-1.12.0~20160122/src/mite/shade.c:192:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s: unknown shade method!", me);
data/teem-1.12.0~20160122/src/mite/txf.c:213:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "gage(%s:%s)", isp->kind->name,
data/teem-1.12.0~20160122/src/mite/txf.c:216:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s(%s)", isp->kind->name,
data/teem-1.12.0~20160122/src/mite/txf.c:219:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "(%s: unknown gageKind!)", me);
data/teem-1.12.0~20160122/src/moss/hestMoss.c:34:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: got NULL pointer", me);
data/teem-1.12.0~20160122/src/moss/hestMoss.c:73:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: couldn't parse \"%s\" as a transform", me, _str);
data/teem-1.12.0~20160122/src/moss/hestMoss.c:116:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: couldn't parse \"%s\" as origin", me, str);
data/teem-1.12.0~20160122/src/nrrd/accessors.c:224:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
return sprintf(s, AIR_LLONG_FMT, *v);
data/teem-1.12.0~20160122/src/nrrd/accessors.c:227:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
return sprintf(s, AIR_ULLONG_FMT, *v);
data/teem-1.12.0~20160122/src/nrrd/accessors.c:266:10: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
return fprintf(f, AIR_LLONG_FMT, *v);
data/teem-1.12.0~20160122/src/nrrd/accessors.c:269:10: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
return fprintf(f, AIR_ULLONG_FMT, *v);
data/teem-1.12.0~20160122/src/nrrd/accessors.c:575:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(explain, "valA[%s]=%.17g %s valB[%s]=%.17g "
data/teem-1.12.0~20160122/src/nrrd/accessors.c:580:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(explain, "valA[%s]=%.17g %s valB[%s]=%.17g "
data/teem-1.12.0~20160122/src/nrrd/axis.c:967:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(explain, "axisA->size=%s %s axisB->size=%s",
data/teem-1.12.0~20160122/src/nrrd/axis.c:979:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(explain, "axisA->%s %.17g %s axisB->%s %.17g", \
data/teem-1.12.0~20160122/src/nrrd/axis.c:1000:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(explain, "axisA->center %s %s axisB->center %s",
data/teem-1.12.0~20160122/src/nrrd/axis.c:1010:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(explain, "axisA->kind %s %s axisB->kind %s",
data/teem-1.12.0~20160122/src/nrrd/axis.c:1021:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(explain, "axisA->label %s axisB->label",
data/teem-1.12.0~20160122/src/nrrd/axis.c:1027:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(explain, "axisA->label \"%s\" %s axisB->label \"%s\"",
data/teem-1.12.0~20160122/src/nrrd/axis.c:1039:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(explain, "axisA->units %s axisB->units",
data/teem-1.12.0~20160122/src/nrrd/encodingAscii.c:67:14: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (1 != fscanf(file, "%s", numbStr)) {
data/teem-1.12.0~20160122/src/nrrd/formatNRRD.c:250:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname, nio->path);
data/teem-1.12.0~20160122/src/nrrd/formatNRRD.c:252:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(fname + strlen(nio->path) + strlen("/"), nio->dataFNFormat, ii);
data/teem-1.12.0~20160122/src/nrrd/formatNRRD.c:254:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(fname, nio->dataFNFormat, ii);
data/teem-1.12.0~20160122/src/nrrd/formatNRRD.c:261:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fname, "%s/%s", nio->path, nio->dataFN[nio->dataFNIndex]);
data/teem-1.12.0~20160122/src/nrrd/formatNRRD.c:263:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname, nio->dataFN[nio->dataFNIndex]);
data/teem-1.12.0~20160122/src/nrrd/formatNRRD.c:670:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmp, "%s.%s", nio->base, nio->encoding->suffix);
data/teem-1.12.0~20160122/src/nrrd/formatNRRD.c:683:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(nio->headerStringWrite, "%s%04d\n",
data/teem-1.12.0~20160122/src/nrrd/formatNRRD.c:695:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(strbuf, "# %s\n", _nrrdFormatURLLine0);
data/teem-1.12.0~20160122/src/nrrd/formatNRRD.c:696:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(nio->headerStringWrite, strbuf);
data/teem-1.12.0~20160122/src/nrrd/formatNRRD.c:697:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(strbuf, "# %s\n", _nrrdFormatURLLine1);
data/teem-1.12.0~20160122/src/nrrd/formatNRRD.c:698:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(nio->headerStringWrite, strbuf);
data/teem-1.12.0~20160122/src/nrrd/formatNRRD.c:700:28: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
nio->headerStrlen += sprintf(strbuf, "# %s\n", _nrrdFormatURLLine0);
data/teem-1.12.0~20160122/src/nrrd/formatNRRD.c:701:28: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
nio->headerStrlen += sprintf(strbuf, "# %s\n", _nrrdFormatURLLine1);
data/teem-1.12.0~20160122/src/nrrd/formatNRRD.c:713:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(nio->headerStringWrite, strptr);
data/teem-1.12.0~20160122/src/nrrd/formatNRRD.c:739:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(strptr, "%c %s\n", NRRD_COMMENT_CHAR, strtmp);
data/teem-1.12.0~20160122/src/nrrd/formatNRRD.c:740:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(nio->headerStringWrite, strptr);
data/teem-1.12.0~20160122/src/nrrd/formatNRRD.c:758:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(nio->headerStringWrite, strptr);
data/teem-1.12.0~20160122/src/nrrd/formatPNG.c:541:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(txt[txtidx].text, nrrd->cmt[jj]);
data/teem-1.12.0~20160122/src/nrrd/formatVTK.c:369:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(file, NRRD_UNKNOWN "\n");
data/teem-1.12.0~20160122/src/nrrd/hestNrrd.c:44:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: got NULL pointer", me);
data/teem-1.12.0~20160122/src/nrrd/hestNrrd.c:86:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: got NULL pointer", me);
data/teem-1.12.0~20160122/src/nrrd/hestNrrd.c:119:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: got NULL pointer", me);
data/teem-1.12.0~20160122/src/nrrd/hestNrrd.c:201:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: got NULL pointer", me);
data/teem-1.12.0~20160122/src/nrrd/histogram.c:304:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmt, "max hits: %g, in bin %s, around value %g\n", maxhits,
data/teem-1.12.0~20160122/src/nrrd/histogram.c:402:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(nout->axis[hax].label, "histax(%s)", nin->axis[hax].label);
data/teem-1.12.0~20160122/src/nrrd/histogram.c:577:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(nout->axis[ai].label, "histo(%s,%s)", nin[ai]->content,
data/teem-1.12.0~20160122/src/nrrd/histogram.c:641:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(nout->content, "%s(", func);
data/teem-1.12.0~20160122/src/nrrd/histogram.c:644:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(nout->content + len,
data/teem-1.12.0~20160122/src/nrrd/kernel.c:3004:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(kstr, str);
data/teem-1.12.0~20160122/src/nrrd/kernel.c:3202:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, stmp);
data/teem-1.12.0~20160122/src/nrrd/kernel.c:3205:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, ksp->kernel->name);
data/teem-1.12.0~20160122/src/nrrd/kernel.c:3214:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, stmp);
data/teem-1.12.0~20160122/src/nrrd/kernel.c:3256:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(explain, "kernA %s kernB", *differ < 0 ? "<" : ">");
data/teem-1.12.0~20160122/src/nrrd/kernel.c:3275:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(explain, "parmA[%u]=%f %s parmB[%u]=%f", pidx, parmA[pidx],
data/teem-1.12.0~20160122/src/nrrd/kernel.c:3303:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(explain, "different NULL-ities of kspec itself %s != %s",
data/teem-1.12.0~20160122/src/nrrd/kernel.c:3315:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(explain, "different NULL-ities of kspec->kernel %s != %s",
data/teem-1.12.0~20160122/src/nrrd/kernel.c:3333:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(explain, "kern/parm pairs differ: %s", subexplain);
data/teem-1.12.0~20160122/src/nrrd/keyvalue.c:303:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(*stringP, prefix);
data/teem-1.12.0~20160122/src/nrrd/map.c:207:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(typeS, "(%s)", airEnumStr(nrrdType, nout->type));
data/teem-1.12.0~20160122/src/nrrd/methodsNrrd.c:192:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(out, "%s", airEnumStr(nrrdBoundary, bspec->boundary));
data/teem-1.12.0~20160122/src/nrrd/methodsNrrd.c:212:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(explain, "NULL-ities differ: %s != %s",
data/teem-1.12.0~20160122/src/nrrd/methodsNrrd.c:224:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(explain, "boundaries differ: %s != %s",
data/teem-1.12.0~20160122/src/nrrd/methodsNrrd.c:1225:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(explain, "nin{A,B}->dim %u %s %u",
data/teem-1.12.0~20160122/src/nrrd/methodsNrrd.c:1234:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(explain, "nin{A,B}->type %s %s %s",
data/teem-1.12.0~20160122/src/nrrd/methodsNrrd.c:1245:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(explain, "element # {A,B} %s %s %s",
data/teem-1.12.0~20160122/src/nrrd/methodsNrrd.c:1275:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmpexplain, "(axis %u) %s", axi, explain);
data/teem-1.12.0~20160122/src/nrrd/methodsNrrd.c:1286:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(explain, "ninA->%s %s ninB->%s", \
data/teem-1.12.0~20160122/src/nrrd/methodsNrrd.c:1297:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(explain, "ninA->space %s %s ninB->space %s",
data/teem-1.12.0~20160122/src/nrrd/methodsNrrd.c:1307:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(explain, "ninA->spaceDim %u %s ninB->spaceDim %u",
data/teem-1.12.0~20160122/src/nrrd/methodsNrrd.c:1316:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(explain, "ninA->blockSize %s %s ninB->blockSize %s",
data/teem-1.12.0~20160122/src/nrrd/methodsNrrd.c:1328:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(explain, "ninA->%s %.17g %s ninB->%s %.17g", \
data/teem-1.12.0~20160122/src/nrrd/methodsNrrd.c:1354:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(explain, "ninA # comments %u %s ninB # comments %u",
data/teem-1.12.0~20160122/src/nrrd/methodsNrrd.c:1369:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(explain, "ninA # key/values %u %s ninB # key/values %u",
data/teem-1.12.0~20160122/src/nrrd/read.c:169:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(nio->line, line[lineIdx]);
data/teem-1.12.0~20160122/src/nrrd/read.c:696:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(fname, fnameFormat, num);
data/teem-1.12.0~20160122/src/nrrd/reorder.c:261:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff2, "%s%d", (ai ? "," : ""), axes[ai]);
data/teem-1.12.0~20160122/src/nrrd/reorder.c:262:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buff1, buff2);
data/teem-1.12.0~20160122/src/nrrd/reorder.c:416:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff2, "%s%s", (ai ? "," : ""), airSprintSize_t(stmp, perm[ai]));
data/teem-1.12.0~20160122/src/nrrd/reorder.c:417:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buff1, buff2);
data/teem-1.12.0~20160122/src/nrrd/reorder.c:1034:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff2, "%s%s", (ai ? "x" : ""),
data/teem-1.12.0~20160122/src/nrrd/reorder.c:1036:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buff1, buff2);
data/teem-1.12.0~20160122/src/nrrd/simple.c:440:3: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(buff, format, arg);
data/teem-1.12.0~20160122/src/nrrd/simple.c:454:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(nout->content, "%s(%s%s%s)", func, content,
data/teem-1.12.0~20160122/src/nrrd/subset.c:331:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff2, "%s[%s,%s]", (ai ? "x" : ""),
data/teem-1.12.0~20160122/src/nrrd/subset.c:334:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buff1, buff2);
data/teem-1.12.0~20160122/src/nrrd/superset.c:264:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff2, "%s%s", (ai ? "," : ""),
data/teem-1.12.0~20160122/src/nrrd/superset.c:266:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buff1, buff2);
data/teem-1.12.0~20160122/src/nrrd/superset.c:486:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff2, "%s[%s,%s]", (ai ? "x" : ""),
data/teem-1.12.0~20160122/src/nrrd/superset.c:489:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buff1, buff2);
data/teem-1.12.0~20160122/src/nrrd/superset.c:492:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff2, "%s(%g)", airEnumStr(nrrdBoundary, nrrdBoundaryPad),
data/teem-1.12.0~20160122/src/nrrd/superset.c:495:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buff2, airEnumStr(nrrdBoundary, boundary));
data/teem-1.12.0~20160122/src/nrrd/test/convo.c:83:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: set-up problem", me);
data/teem-1.12.0~20160122/src/nrrd/test/convo.c:151:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: final crop/copy problem", me);
data/teem-1.12.0~20160122/src/nrrd/write.c:226:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, buff);
data/teem-1.12.0~20160122/src/nrrd/write.c:227:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s", dd+1 < spaceDim ? "," : ")");
data/teem-1.12.0~20160122/src/nrrd/write.c:228:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, buff);
data/teem-1.12.0~20160122/src/nrrd/write.c:231:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, _nrrdNoSpaceVector);
data/teem-1.12.0~20160122/src/nrrd/write.c:454:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*strP, "%s%s: %s", prefix, fs, strtmp);
data/teem-1.12.0~20160122/src/nrrd/write.c:459:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*strP, "%s%s: %s", prefix, fs,
data/teem-1.12.0~20160122/src/nrrd/write.c:464:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*strP, "%s%s: %s", prefix, fs, airEnumStr(nrrdType, nrrd->type));
data/teem-1.12.0~20160122/src/nrrd/write.c:468:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*strP, "%s%s: %s", prefix, fs,
data/teem-1.12.0~20160122/src/nrrd/write.c:473:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*strP, "%s%s: %d", prefix, fs, nrrd->dim);
data/teem-1.12.0~20160122/src/nrrd/write.c:478:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*strP, "%s%s: %s", prefix, fs, airEnumStr(nrrdSpace, nrrd->space));
data/teem-1.12.0~20160122/src/nrrd/write.c:482:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*strP, "%s%s: %d", prefix, fs, nrrd->spaceDim);
data/teem-1.12.0~20160122/src/nrrd/write.c:487:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*strP, "%s%s:", prefix, fs);
data/teem-1.12.0~20160122/src/nrrd/write.c:489:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, " %s", airSprintSize_t(stmp, nrrd->axis[ii].size));
data/teem-1.12.0~20160122/src/nrrd/write.c:490:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(*strP, buff);
data/teem-1.12.0~20160122/src/nrrd/write.c:495:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*strP, "%s%s:", prefix, fs);
data/teem-1.12.0~20160122/src/nrrd/write.c:498:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(*strP, buff);
data/teem-1.12.0~20160122/src/nrrd/write.c:503:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*strP, "%s%s:", prefix, fs);
data/teem-1.12.0~20160122/src/nrrd/write.c:506:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(*strP, buff);
data/teem-1.12.0~20160122/src/nrrd/write.c:511:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*strP, "%s%s:", prefix, fs);
data/teem-1.12.0~20160122/src/nrrd/write.c:514:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(*strP, buff);
data/teem-1.12.0~20160122/src/nrrd/write.c:519:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*strP, "%s%s:", prefix, fs);
data/teem-1.12.0~20160122/src/nrrd/write.c:522:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(*strP, buff);
data/teem-1.12.0~20160122/src/nrrd/write.c:529:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*strP, "%s%s: ", prefix, fs);
data/teem-1.12.0~20160122/src/nrrd/write.c:546:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*strP, "%s%s:", prefix, fs);
data/teem-1.12.0~20160122/src/nrrd/write.c:548:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, " %s",
data/teem-1.12.0~20160122/src/nrrd/write.c:552:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(*strP, buff);
data/teem-1.12.0~20160122/src/nrrd/write.c:563:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*strP, "%s%s:", prefix, fs);
data/teem-1.12.0~20160122/src/nrrd/write.c:565:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, " %s",
data/teem-1.12.0~20160122/src/nrrd/write.c:569:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(*strP, buff);
data/teem-1.12.0~20160122/src/nrrd/write.c:585:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*strP, "%s%s:", prefix, fs);
data/teem-1.12.0~20160122/src/nrrd/write.c:601:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*strP, "%s%s: 0.0", prefix, fs);
data/teem-1.12.0~20160122/src/nrrd/write.c:602:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(*strP, buff);
data/teem-1.12.0~20160122/src/nrrd/write.c:606:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*strP, "%s%s: ", prefix, fs);
data/teem-1.12.0~20160122/src/nrrd/write.c:608:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(*strP, buff);
data/teem-1.12.0~20160122/src/nrrd/write.c:612:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*strP, "%s%s: ", prefix, fs);
data/teem-1.12.0~20160122/src/nrrd/write.c:614:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(*strP, buff);
data/teem-1.12.0~20160122/src/nrrd/write.c:628:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*strP, "%s%s: %s", prefix, fs, airEnumStr(airEndian, endi));
data/teem-1.12.0~20160122/src/nrrd/write.c:632:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*strP, "%s%s: %s", prefix, fs, nio->encoding->name);
data/teem-1.12.0~20160122/src/nrrd/write.c:636:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*strP, "%s%s: %d", prefix, fs, nio->lineSkip);
data/teem-1.12.0~20160122/src/nrrd/write.c:640:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*strP, "%s%s: %ld", prefix, fs, nio->byteSkip);
data/teem-1.12.0~20160122/src/nrrd/write.c:645:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*strP, "%s%s: \"%s\"", prefix, fs, strtmp);
data/teem-1.12.0~20160122/src/nrrd/write.c:660:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*strP, "%s%s:", prefix, fs);
data/teem-1.12.0~20160122/src/nrrd/write.c:673:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*strP, "%s%s: ", prefix, fs);
data/teem-1.12.0~20160122/src/nrrd/write.c:680:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*strP, "%s%s: ", prefix, fs);
data/teem-1.12.0~20160122/src/nrrd/write.c:701:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*strP, "%s%s: %s %d %d %d", prefix, fs, nio->dataFNFormat,
data/teem-1.12.0~20160122/src/nrrd/write.c:704:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*strP, "%s%s: %s %d %d %d %u", prefix, fs, nio->dataFNFormat,
data/teem-1.12.0~20160122/src/nrrd/write.c:719:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*strP, "%s%s: LIST\n", prefix, fs);
data/teem-1.12.0~20160122/src/nrrd/write.c:721:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*strP, "%s%s: LIST %u\n", prefix, fs, nio->dataFileDim);
data/teem-1.12.0~20160122/src/nrrd/write.c:724:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fnb, "%s%s", nio->dataFN[ii],
data/teem-1.12.0~20160122/src/nrrd/write.c:726:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(*strP, fnb);
data/teem-1.12.0~20160122/src/nrrd/write.c:734:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*strP, "%s%s: %s%s", prefix, fs,
data/teem-1.12.0~20160122/src/nrrd/write.c:833:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mesg, "can not use %s format: %s", nio->format->name,
data/teem-1.12.0~20160122/src/nrrd/write.c:1083:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(fname, fnameFormat, num);
data/teem-1.12.0~20160122/src/pull/energy.c:815:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: got NULL pointer", me);
data/teem-1.12.0~20160122/src/pull/infoPull.c:451:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, airEnumStr(pullInfo, ispec->info));
data/teem-1.12.0~20160122/src/pull/infoPull.c:462:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, ispec->volName);
data/teem-1.12.0~20160122/src/pull/infoPull.c:465:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, airEnumStr(pvol->kind->enm, ispec->item));
data/teem-1.12.0~20160122/src/pull/infoPull.c:467:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, airEnumStr(pullProp, ispec->prop));
data/teem-1.12.0~20160122/src/pull/infoPull.c:478:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, stmp);
data/teem-1.12.0~20160122/src/pull/infoPull.c:481:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, stmp);
data/teem-1.12.0~20160122/src/pull/pointPull.c:1293:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(stmp1, "%s: seeded 0 points", me);
data/teem-1.12.0~20160122/src/pull/pointPull.c:1298:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(stmp1, stmp2);
data/teem-1.12.0~20160122/src/pull/pointPull.c:1303:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(stmp1, stmp2);
data/teem-1.12.0~20160122/src/pull/pointPull.c:1307:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(stmp1, stmp2);
data/teem-1.12.0~20160122/src/pull/trace.c:705:12: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (1 != sscanf(line, DEMARK_STR " %u", &ti)) {
data/teem-1.12.0~20160122/src/push/forces.c:448:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: got NULL pointer", me);
data/teem-1.12.0~20160122/src/seek/test/trv.c:33:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: got NULL pointer", me);
data/teem-1.12.0~20160122/src/seek/test/trv.c:43:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: not \"%s\" or \"%s\"", me,
data/teem-1.12.0~20160122/src/ten/chan.c:141:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(tmpKey, tenDWMRIGradKeyFmt, 0);
data/teem-1.12.0~20160122/src/ten/chan.c:147:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(key, tenDWMRIBmatKeyFmt, 0);
data/teem-1.12.0~20160122/src/ten/chan.c:188:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(key, keyFmt, dwiIdx);
data/teem-1.12.0~20160122/src/ten/chan.c:206:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(key, tenDWMRINexKeyFmt, dwiIdx);
data/teem-1.12.0~20160122/src/ten/chan.c:223:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(key, tenDWMRINexKeyFmt, dwiIdx);
data/teem-1.12.0~20160122/src/ten/chan.c:246:11: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(key, keyFmt, dwiIdx+nexIdx);
data/teem-1.12.0~20160122/src/ten/chan.c:267:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(key, keyFmt, dwiIdx);
data/teem-1.12.0~20160122/src/ten/chan.c:279:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(key, tenDWMRISkipKeyFmt, dwiIdx);
data/teem-1.12.0~20160122/src/ten/chan.c:1089:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmt, "%s: using thresh = %g, slope = %g, b = %g\n",
data/teem-1.12.0~20160122/src/ten/estimate.c:1178:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(keystr, tenDWMRIGradKeyFmt, allIdx);
data/teem-1.12.0~20160122/src/ten/estimate.c:1188:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(keystr, tenDWMRIBmatKeyFmt, allIdx);
data/teem-1.12.0~20160122/src/ten/experSpec.c:344:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(keystr, tenDWMRIGradKeyFmt, ii);
data/teem-1.12.0~20160122/src/ten/tenDwiGage.c:660:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ctx->errStr, "%s: dlevmar_bc_dif() failed!", me);
data/teem-1.12.0~20160122/src/ten/tenModel.c:677:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(nparm->axis[0].label, "%s%s%s",
data/teem-1.12.0~20160122/src/ten/tenModel.c:815:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(nparmDst->axis[0].label, "%s%s%s",
data/teem-1.12.0~20160122/src/ten/tendAbout.c:73:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "--- %s ---", tendTitle);
data/teem-1.12.0~20160122/src/ten/tendAbout.c:76:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stdout, fmt, buff);
data/teem-1.12.0~20160122/src/ten/tendAbout.c:80:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stdout, fmt, buff);
data/teem-1.12.0~20160122/src/ten/tendEpireg.c:193:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s%05d.nrrd", outS, ni+baseNum);
data/teem-1.12.0~20160122/src/ten/tendEpireg.c:195:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s%02d.nrrd", outS, ni+baseNum);
data/teem-1.12.0~20160122/src/ten/tendEpireg.c:197:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s%d.nrrd", outS, ni+baseNum);
data/teem-1.12.0~20160122/src/ten/tendFlotsam.c:59:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: got NULL pointer", me);
data/teem-1.12.0~20160122/src/ten/tendFlotsam.c:70:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: didn't see a colon in \"%s\"", me, str);
data/teem-1.12.0~20160122/src/ten/tendFlotsam.c:77:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: didn't recognize \"%s\" as %s",
data/teem-1.12.0~20160122/src/ten/tendFlotsam.c:86:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: didn't see comma between aniso and level in \"%s\"",
data/teem-1.12.0~20160122/src/ten/tendFlotsam.c:94:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: didn't recognize \"%s\" as %s",
data/teem-1.12.0~20160122/src/ten/tendFlotsam.c:99:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: couldn't parse aniso level \"%s\" as double",
data/teem-1.12.0~20160122/src/ten/tendFlotsam.c:115:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: couldn't parse %s \"%s\" as double", me,
data/teem-1.12.0~20160122/src/ten/tendFlotsam.c:129:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: couldn't parse \"%s\" as int", me, opt);
data/teem-1.12.0~20160122/src/ten/tendFlotsam.c:139:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: stop method %d not supported", me,
data/teem-1.12.0~20160122/src/ten/test/tensorDotDat.c:128:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(logFilename, "%s/000-%04u-log.nrrd", outStr, tgparm->expo);
data/teem-1.12.0~20160122/src/ten/test/tensorDotDat.c:233:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(gradFilename, "%s/%03u-%04u.nrrd", outStr, ii, tgparm->expo);
data/teem-1.12.0~20160122/src/tijk/nrrdTijk.c:52:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(axinfo->label, "tijk_%s%s", masked?"mask_":"", type->name);
data/teem-1.12.0~20160122/src/tijk/nrrdTijk.c:82:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(axinfo->label, "tijk_%sesh_%02u", masked?"mask_":"", order);
data/teem-1.12.0~20160122/src/tijk/nrrdTijk.c:112:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(axinfo->label, "tijk_%sefs_%02u", masked?"mask_":"", order);
data/teem-1.12.0~20160122/src/unrrdu/about.c:103:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stdout, fmt, buff);
data/teem-1.12.0~20160122/src/unrrdu/about.c:107:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stdout, fmt, buff);
data/teem-1.12.0~20160122/src/unrrdu/cksum.c:51:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ends, "(%s)", airEnumStr(airEndian, endian));
data/teem-1.12.0~20160122/src/unrrdu/dice.c:104:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fffname, "%%s%s", ftmpl);
data/teem-1.12.0~20160122/src/unrrdu/dice.c:114:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fffname, "%%s%%0%uu.nrrd", dignum);
data/teem-1.12.0~20160122/src/unrrdu/dice.c:142:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(fnout, fffname, base, pos+start);
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:130:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buff, tdash, title);
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:135:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fusage, fmt, buff);
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:146:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buff, cmd);
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:148:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buff, cmdList[ii]->name);
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:183:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(argv0, "%s %s", cmd, argv[1]);
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:218:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stdout, fmt, buff);
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:234:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buff, me);
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:236:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buff, unrrduCmdList[cmdi]->name);
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:245:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(infop, "%s)", unrrduCmdList[cmdi]->info);
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:280:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "--- %s ---", title);
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:285:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stdout, fmt, buff);
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:291:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buff, me);
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:293:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buff, cmdList[cmdi]->name);
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:334:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: got NULL pointer", me);
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:345:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: \'M\' can be followed only by \'+\' or \'-\'", me);
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:350:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: can't parse \"%s\" as M+<int> or M-<int>", me, str);
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:357:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: \'m\' can only be followed by \'+\'", me);
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:362:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: can't parse \"%s\" as m+<int>", me, str);
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:366:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: int in m+<int> must be non-negative (not %ld)",
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:375:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: can't parse \"%s\" as int", me, str);
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:415:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: got NULL pointer", me);
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:426:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: can't parse \"%s\" as type", me, str);
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:456:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: got NULL pointer", me);
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:461:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: can't parse \"%s\" as int", me, str);
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:465:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: bits (%d) not 8, 16, or 32", me, *bitsP);
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:504:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: got NULL pointer", me);
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:518:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: can't parse \"%s\" as x=<float> or /=<float>",
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:528:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: can't parse \"%s\" as x<float> or /<float>",
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:539:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: can't parse \"%s\" as +=<uint> or -=<uint>",
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:549:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: can't parse \"%s\" as uint", me, str);
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:593:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: got NULL pointer", me);
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:598:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: fopen(\"%s\",\"rb\") failed: %s",
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:631:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: got NULL pointer", me);
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:650:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: didn't recognize \"%s\" as an encoding", me, str);
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:657:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: didn't recognize \"%s\" as an encoding", me, str);
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:661:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: only compression encodings have parameters", me);
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:675:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "%s: parameter char \"%c\" not a digit or 'd','h','f'",
data/teem-1.12.0~20160122/src/unrrdu/make.c:338:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(parseBuf, dataFileNames[ii]);
data/teem-1.12.0~20160122/src/unrrdu/make.c:425:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(parseBuf, kinds[ii]);
data/teem-1.12.0~20160122/src/unrrdu/make.c:451:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(parseBuf, centerings[ii]);
data/teem-1.12.0~20160122/src/unrrdu/make.c:579:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(parseBuf, spunits[ii]);
data/teem-1.12.0~20160122/src/unrrdu/vidicon.c:127:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(stname, "%s-" #name ".png", stpfx); \
data/teem-1.12.0~20160122/src/air/threadAir.c:294:5: [3] (misc) InitializeCriticalSection:
Exceptions can be thrown in low-memory situations. Use
InitializeCriticalSectionAndSpinCount instead.
InitializeCriticalSection(&(cond->lock));
data/teem-1.12.0~20160122/src/air/threadAir.c:309:3: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
EnterCriticalSection(&(cond->lock)); /* avoid race conditions */
data/teem-1.12.0~20160122/src/air/threadAir.c:320:3: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
EnterCriticalSection(&(cond->lock));
data/teem-1.12.0~20160122/src/air/threadAir.c:348:3: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
EnterCriticalSection(&(cond->lock));
data/teem-1.12.0~20160122/src/air/threadAir.c:365:3: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
EnterCriticalSection(&(cond->lock));
data/teem-1.12.0~20160122/src/bin/puller.c:1096:26: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (const char *envS = getenv("DEFT_HOME")) {
data/teem-1.12.0~20160122/src/bin/unu.c:50:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!getenv(nrrdEnvVarStateKindNoop)) {
data/teem-1.12.0~20160122/src/bin/unu.c:56:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!getenv(nrrdEnvVarStateKeyValuePairsPropagate)) {
data/teem-1.12.0~20160122/src/echo/test/trend.c:888:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((env = getenv("NT"))) {
data/teem-1.12.0~20160122/src/nrrd/defaultsNrrd.c:162:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
env = getenv(envVar);
data/teem-1.12.0~20160122/src/nrrd/defaultsNrrd.c:192:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
env = getenv(envVar);
data/teem-1.12.0~20160122/src/nrrd/defaultsNrrd.c:216:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
env = getenv(envVar);
data/teem-1.12.0~20160122/src/nrrd/defaultsNrrd.c:239:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
env = getenv(envVar);
data/teem-1.12.0~20160122/src/nrrd/defaultsNrrd.c:262:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
env = getenv(envVar);
data/teem-1.12.0~20160122/src/nrrd/defaultsNrrd.c:288:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
*envStr = getenv(envVar);
data/teem-1.12.0~20160122/src/unrrdu/env.c:230:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv(UNRRDU_QUIET_QUIT_ENV)) {
data/teem-1.12.0~20160122/src/unrrdu/privateUnrrdu.h:130:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!(getenv(UNRRDU_QUIET_QUIT_ENV) \
data/teem-1.12.0~20160122/Testing/air/amath.c:34:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/Testing/air/miscAir.c:76:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[10];
data/teem-1.12.0~20160122/Testing/air/miscAir.c:181:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prstmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/Testing/air/pptest.c:38:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/Testing/air/strtok.c:62:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wordsp[AIR_STRLEN_MED], *line, *last=NULL;
data/teem-1.12.0~20160122/Testing/gage/probeMulti.c:277:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errpre[AIR_STRLEN_LARGE];
data/teem-1.12.0~20160122/Testing/gage/probeScl.c:213:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *corrfn, explain[AIR_STRLEN_LARGE];
data/teem-1.12.0~20160122/Testing/gage/tsbp.c:40:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[AIR_STRLEN_LARGE];
data/teem-1.12.0~20160122/Testing/gage/tsbp.c:61:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char explain[AIR_STRLEN_LARGE]="!explain_not_set!";
data/teem-1.12.0~20160122/Testing/meet/buildinfo.c:47:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp1[AIR_STRLEN_SMALL], stmp2[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/Testing/meet/probeSS.c:88:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpStr[4][AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/Testing/meet/probeSS.c:111:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpStr[0], "%u", sx); helixArgv[1] = tmpStr[0];
data/teem-1.12.0~20160122/Testing/meet/probeSS.c:112:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpStr[1], "%u", sy); helixArgv[2] = tmpStr[1];
data/teem-1.12.0~20160122/Testing/meet/probeSS.c:113:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpStr[2], "%u", sz); helixArgv[3] = tmpStr[2];
data/teem-1.12.0~20160122/Testing/meet/probeSS.c:114:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpStr[3], "tmp-ten.nrrd");
data/teem-1.12.0~20160122/Testing/meet/probeSS.c:341:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/Testing/meet/probeSS.c:400:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/Testing/meet/probeSS.c:445:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/Testing/meet/probeSS.c:557:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(man->san + man->sidx[ai],
data/teem-1.12.0~20160122/Testing/meet/probeSS.c:897:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[KIND_NUM][AIR_STRLEN_SMALL] = { "scl", "vec", "ten", "dwi" };
data/teem-1.12.0~20160122/Testing/meet/probeSS.c:898:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nameComp[KIND_NUM][AIR_STRLEN_SMALL] = { "sclComp", "vecComp", "tenComp", "dwiComp" };
data/teem-1.12.0~20160122/Testing/nrrd/macros.c:41:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sbuff[NRRD_DIM_MAX*AIR_STRLEN_SMALL],
data/teem-1.12.0~20160122/Testing/nrrd/macros.c:101:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(scomp, "[%u]", ii); \
data/teem-1.12.0~20160122/Testing/nrrd/macros.c:122:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(scomp, "[%u,%u]", ii, jj); \
data/teem-1.12.0~20160122/Testing/nrrd/macros.c:151:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(scomp, "[%u,%u,%u]", ii, jj, kk); \
data/teem-1.12.0~20160122/Testing/nrrd/macros.c:185:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(scomp, "[%u,%u,%u,%u]", ii, jj, kk, ll); \
data/teem-1.12.0~20160122/Testing/nrrd/tbspec.c:81:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[AIR_STRLEN_LARGE];
data/teem-1.12.0~20160122/Testing/nrrd/tbspec.c:115:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[AIR_STRLEN_LARGE];
data/teem-1.12.0~20160122/Testing/nrrd/tload.c:58:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *blah, *blah1L, explain[AIR_STRLEN_LARGE];
data/teem-1.12.0~20160122/Testing/nrrd/trand.c:49:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *name, explain[AIR_STRLEN_LARGE];
data/teem-1.12.0~20160122/Testing/nrrd/trand.c:54:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * const mine[3] = { "vals.nrrd",
data/teem-1.12.0~20160122/Testing/nrrd/trand.c:57:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * const corr[3] = { "test/trandvals.nrrd",
data/teem-1.12.0~20160122/Testing/nrrd/trand.c:60:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * const what[3] = { "value",
data/teem-1.12.0~20160122/Testing/nrrd/tskip.c:54:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *berr, *outS[2], stmp[AIR_STRLEN_SMALL], doneStr[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/Testing/nrrd/tskip.c:126:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fout = fopen(outS[0], "wb" COMMIT))) {
data/teem-1.12.0~20160122/Testing/nrrd/tskip.c:155:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char local_stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/Testing/nrrd/tskip.c:178:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fout = fopen(outS[1], "w"))) {
data/teem-1.12.0~20160122/Testing/nrrd/tskip.c:216:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char local_stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/Testing/ten/glyphBqd.c:39:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *err, *refname, explain[AIR_STRLEN_LARGE];
data/teem-1.12.0~20160122/src/air/air.h:201:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
AIR_EXPORT int airEnumCheck(char err[AIR_STRLEN_LARGE], const airEnum *enm);
data/teem-1.12.0~20160122/src/air/air.h:565:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
AIR_EXPORT void airTeemVersionSprint(char buff[AIR_STRLEN_LARGE]);
data/teem-1.12.0~20160122/src/air/air.h:572:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
AIR_EXPORT char *airSprintSize_t(char str[AIR_STRLEN_SMALL], size_t val);
data/teem-1.12.0~20160122/src/air/air.h:572:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
AIR_EXPORT char *airSprintSize_t(char str[AIR_STRLEN_SMALL], size_t val);
data/teem-1.12.0~20160122/src/air/air.h:576:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
AIR_EXPORT char *airPrettySprintSize_t(char str[AIR_STRLEN_SMALL], size_t v);
data/teem-1.12.0~20160122/src/air/air.h:576:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
AIR_EXPORT char *airPrettySprintSize_t(char str[AIR_STRLEN_SMALL], size_t v);
data/teem-1.12.0~20160122/src/air/air.h:577:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
AIR_EXPORT char *airSprintPtrdiff_t(char str[AIR_STRLEN_SMALL], ptrdiff_t v);
data/teem-1.12.0~20160122/src/air/air.h:577:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
AIR_EXPORT char *airSprintPtrdiff_t(char str[AIR_STRLEN_SMALL], ptrdiff_t v);
data/teem-1.12.0~20160122/src/air/air.h:593:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
AIR_EXPORT const char airTypeStr[AIR_TYPE_MAX+1][AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/air/array.c:174:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newdata, a->data, AIR_MIN(a->len*a->unit,
data/teem-1.12.0~20160122/src/air/array.c:249:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newdata, a->data, AIR_MIN(a->len*a->unit,
data/teem-1.12.0~20160122/src/air/dio.c:43:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char
data/teem-1.12.0~20160122/src/air/enum.c:104:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *strCpy, test[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/air/enum.c:164:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buff, ident[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/air/enum.c:278:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
airEnumCheck(char err[AIR_STRLEN_LARGE], const airEnum *enm) {
data/teem-1.12.0~20160122/src/air/enum.c:313:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/air/enum.c:332:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bb1[AIR_STRLEN_SMALL], bb2[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/air/enum.c:409:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/air/enum.c:452:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bb1[AIR_STRLEN_SMALL], bb2[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/air/heap.c:152:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(h->key, key->data, key->len*sizeof(double));
data/teem-1.12.0~20160122/src/air/heap.c:153:24: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (h->data_a!=NULL) memcpy(h->data, data->data, data->len*data->unit);
data/teem-1.12.0~20160122/src/air/heap.c:197:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)h->data_a->data+oldlen*h->data_a->unit, data,
data/teem-1.12.0~20160122/src/air/heap.c:223:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(first->key+first_len, second->key, second_len*sizeof(double));
data/teem-1.12.0~20160122/src/air/heap.c:225:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)first->data_a->data+first_len*first->data_a->unit,
data/teem-1.12.0~20160122/src/air/heap.c:241:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, (char*)h->data_a->data+h->idx[0]*h->data_a->unit,
data/teem-1.12.0~20160122/src/air/heap.c:261:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)h->data_a->data+h->idx[0]*h->data_a->unit, newData,
data/teem-1.12.0~20160122/src/air/heap.c:304:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)h->data_a->data+ai*h->data_a->unit,
data/teem-1.12.0~20160122/src/air/heap.c:329:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)h->data_a->data+ai*h->data_a->unit,
data/teem-1.12.0~20160122/src/air/miscAir.c:57:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
airTeemVersionSprint(char buff[AIR_STRLEN_LARGE]) {
data/teem-1.12.0~20160122/src/air/miscAir.c:132:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ret = fopen(name, mode);
data/teem-1.12.0~20160122/src/air/miscAir.c:175:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fmt, buff[AIR_STRLEN_LARGE];
data/teem-1.12.0~20160122/src/air/miscAir.c:213:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(conv, "%s", 2);
data/teem-1.12.0~20160122/src/air/miscAir.c:218:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(conv, "%4s", 3);
data/teem-1.12.0~20160122/src/air/miscAir.c:237:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buff, "%f", val);
data/teem-1.12.0~20160122/src/air/miscAir.c:239:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buff, "%g", val);
data/teem-1.12.0~20160122/src/air/miscAir.c:244:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(conv, "%f", 2);
data/teem-1.12.0~20160122/src/air/miscAir.c:246:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(conv, "%lf", 3);
data/teem-1.12.0~20160122/src/air/miscAir.c:269:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *
data/teem-1.12.0~20160122/src/air/miscAir.c:270:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
airSprintSize_t(char _str[AIR_STRLEN_SMALL], size_t val) {
data/teem-1.12.0~20160122/src/air/miscAir.c:271:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/air/miscAir.c:293:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *
data/teem-1.12.0~20160122/src/air/miscAir.c:294:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
airSprintPtrdiff_t(char _str[AIR_STRLEN_SMALL], ptrdiff_t val) {
data/teem-1.12.0~20160122/src/air/miscAir.c:295:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/air/miscAir.c:330:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/air/miscAir.c:355:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *
data/teem-1.12.0~20160122/src/air/miscAir.c:356:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
airPrettySprintSize_t(char str[AIR_STRLEN_SMALL], size_t val) {
data/teem-1.12.0~20160122/src/air/miscAir.c:592:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "\b\b\b\b\b\b ---- ");
data/teem-1.12.0~20160122/src/air/miscAir.c:594:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "\b\b\b\b\b\b% 3d.%d%%", perc/10, perc%10);
data/teem-1.12.0~20160122/src/air/miscAir.c:599:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "\b\b\b\b\b\b100.0%%");
data/teem-1.12.0~20160122/src/air/miscAir.c:602:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "\b\b\b\b\b\b done.");
data/teem-1.12.0~20160122/src/air/miscAir.c:633:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char
data/teem-1.12.0~20160122/src/air/mop.c:193:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char
data/teem-1.12.0~20160122/src/air/sane.c:148:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char
data/teem-1.12.0~20160122/src/air/test/doubleprint.c:31:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fS, buff[128];
data/teem-1.12.0~20160122/src/air/test/floatprint.c:31:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fS, buff[128];
data/teem-1.12.0~20160122/src/air/test/fp.c:34:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[128];
data/teem-1.12.0~20160122/src/air/test/fp.c:61:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%f", f);
data/teem-1.12.0~20160122/src/air/test/fp.c:85:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%f", d);
data/teem-1.12.0~20160122/src/air/test/tarr.c:52:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(file = fopen(fname, "rb"))) {
data/teem-1.12.0~20160122/src/air/test/tdio.c:64:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(file = fopen(fname, "w"))) {
data/teem-1.12.0~20160122/src/air/test/tdio.c:87:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/air/test/tdio.c:113:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(fname, "w");
data/teem-1.12.0~20160122/src/air/test/tdio.c:133:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(fname, "w");
data/teem-1.12.0~20160122/src/air/test/tdio.c:160:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(fname, "w");
data/teem-1.12.0~20160122/src/air/test/tline.c:33:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return fopen(name, "r");
data/teem-1.12.0~20160122/src/air/test/tprint.c:30:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/alan/coreAlan.c:187:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[AIR_STRLEN_MED];
data/teem-1.12.0~20160122/src/alan/coreAlan.c:197:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "%06d.nrrd", actx->constFilename ? 0 : iter);
data/teem-1.12.0~20160122/src/alan/enumsAlan.c:26:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *
data/teem-1.12.0~20160122/src/alan/enumsAlan.c:36:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *
data/teem-1.12.0~20160122/src/bane/bane.h:98:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/bane/bane.h:153:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/bane/bane.h:189:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/bane/bane.h:244:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/bane/clip.c:131:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(clip->name, "absolute");
data/teem-1.12.0~20160122/src/bane/clip.c:135:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(clip->name, "peak ratio");
data/teem-1.12.0~20160122/src/bane/clip.c:139:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(clip->name, "percentile");
data/teem-1.12.0~20160122/src/bane/clip.c:143:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(clip->name, "top N");
data/teem-1.12.0~20160122/src/bane/gkmsFlotsam.c:38:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
baneGkmsParseIncStrategy(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/bane/gkmsFlotsam.c:38:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
baneGkmsParseIncStrategy(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/bane/gkmsFlotsam.c:99:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
baneGkmsParseBEF(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/bane/gkmsFlotsam.c:99:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
baneGkmsParseBEF(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/bane/gkmsFlotsam.c:179:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
baneGkmsParseGthresh(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/bane/gkmsFlotsam.c:179:44: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
baneGkmsParseGthresh(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/bane/gkmsFlotsam.c:239:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[AIR_STRLEN_LARGE], fmt[AIR_STRLEN_LARGE];
data/teem-1.12.0~20160122/src/bane/gkmsFlotsam.c:247:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buff, "--- Semi-Automatic Generation of Transfer Functions ---");
data/teem-1.12.0~20160122/src/bane/gkmsFlotsam.c:248:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmt, "%%%ds\n",
data/teem-1.12.0~20160122/src/bane/gkmsFlotsam.c:260:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buff, " ... ");
data/teem-1.12.0~20160122/src/bane/gkmsPvg.c:68:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, _baneGkmsDonData, 4*23*sizeof(float));
data/teem-1.12.0~20160122/src/bane/gkmsScat.c:38:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *out[2], *perr;
data/teem-1.12.0~20160122/src/bane/hvol.c:93:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prog[13],
data/teem-1.12.0~20160122/src/bane/hvol.c:267:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prog[13];
data/teem-1.12.0~20160122/src/bane/inc.c:290:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(inc->name, "absolute");
data/teem-1.12.0~20160122/src/bane/inc.c:304:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(inc->name, "range ratio");
data/teem-1.12.0~20160122/src/bane/inc.c:317:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(inc->name, "percentile");
data/teem-1.12.0~20160122/src/bane/inc.c:336:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(inc->name, "stdv");
data/teem-1.12.0~20160122/src/bane/rangeBane.c:112:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(range->name, "positive");
data/teem-1.12.0~20160122/src/bane/rangeBane.c:116:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(range->name, "negative");
data/teem-1.12.0~20160122/src/bane/rangeBane.c:120:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(range->name, "zero-centered");
data/teem-1.12.0~20160122/src/bane/rangeBane.c:124:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(range->name, "anywhere");
data/teem-1.12.0~20160122/src/bane/test/htrnsf.c:52:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(file = fopen(iStr, "r"))) {
data/teem-1.12.0~20160122/src/bane/test/htrnsf.c:63:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(file = fopen(bStr, "r"))) {
data/teem-1.12.0~20160122/src/bane/test/htrnsf.c:94:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(file = fopen(tStr, "w"))) {
data/teem-1.12.0~20160122/src/bane/test/pvg.c:74:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(file = fopen(posStr, "r"))) {
data/teem-1.12.0~20160122/src/bane/test/pvg.c:156:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(file = fopen(ppmStr, "w"))) {
data/teem-1.12.0~20160122/src/bane/trex.c:55:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/bane/valid.c:141:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/bane/valid.c:196:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/biff/biffmsg.c:115:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[_HACK_STRLEN];
data/teem-1.12.0~20160122/src/biff/biffmsg.c:208:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[_HACK_STRLEN];
data/teem-1.12.0~20160122/src/bin/airSanity.c:35:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/bin/cubic.c:39:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/teem-1.12.0~20160122/src/bin/gprobe.c:59:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[2][AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/bin/gprobe.c:243:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[4][AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/bin/ilk.c:132:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/bin/miter.c:42:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *errS, *outS, *shadeStr, *normalStr, debugStr[AIR_STRLEN_MED];
data/teem-1.12.0~20160122/src/bin/miter.c:284:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(debugStr, "%04d-%04d-debug.nrrd", verbPix[0], verbPix[1]);
data/teem-1.12.0~20160122/src/bin/nrrdSanity.c:36:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vbuff[AIR_STRLEN_LARGE];
data/teem-1.12.0~20160122/src/bin/pprobe.c:242:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fnform[AIR_STRLEN_LARGE];
data/teem-1.12.0~20160122/src/bin/puller.c:582:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((file = fopen("eplot.txt", "w"))) {
data/teem-1.12.0~20160122/src/bin/puller.c:682:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[512];
data/teem-1.12.0~20160122/src/bin/puller.c:688:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "pos-sel-%03u.nrrd", ii);
data/teem-1.12.0~20160122/src/bin/puller.c:689:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(ff = fopen(fname, "rb"))) {
data/teem-1.12.0~20160122/src/bin/puller.c:1102:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Deft::homeDir, "./");
data/teem-1.12.0~20160122/src/bin/puller.c:1499:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *fakeArgv[2] = {"Deft_pull", NULL};
data/teem-1.12.0~20160122/src/bin/puller.c:1706:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[3][AIR_STRLEN_MED];
data/teem-1.12.0~20160122/src/bin/qbert.c:63:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rsi->parm[i], uk->parm, uk->kernel->numParm*sizeof(double));
data/teem-1.12.0~20160122/src/bin/qbert.c:92:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/bin/qbert.c:148:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp1[AIR_STRLEN_SMALL], stmp2[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/bin/qbert.c:151:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rsi->parm[i], dk->parm, dk->kernel->numParm*sizeof(double));
data/teem-1.12.0~20160122/src/bin/qbert.c:481:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmt, "exclusions (v g h): %g %g %g", perc[0], perc[1], perc[2]);
data/teem-1.12.0~20160122/src/bin/qbert.c:483:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmt, "exclusions (v g): %g %g", perc[0], perc[1]);
data/teem-1.12.0~20160122/src/bin/qbert.c:486:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmt, "minv: %g", minv); nrrdCommentAdd(nvgh, cmt);
data/teem-1.12.0~20160122/src/bin/qbert.c:487:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmt, "maxv: %g", maxv); nrrdCommentAdd(nvgh, cmt);
data/teem-1.12.0~20160122/src/bin/qbert.c:488:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmt, "ming: %g", ming); nrrdCommentAdd(nvgh, cmt);
data/teem-1.12.0~20160122/src/bin/qbert.c:489:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmt, "maxg: %g", maxg); nrrdCommentAdd(nvgh, cmt);
data/teem-1.12.0~20160122/src/bin/qbert.c:491:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmt, "minh: %g", minh); nrrdCommentAdd(nvgh, cmt);
data/teem-1.12.0~20160122/src/bin/qbert.c:492:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmt, "maxh: %g", maxh); nrrdCommentAdd(nvgh, cmt);
data/teem-1.12.0~20160122/src/bin/talkweb.c:99:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char **all, line[AIR_STRLEN_HUGE];
data/teem-1.12.0~20160122/src/bin/talkweb.c:160:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *title, *image, *text, stop[AIR_STRLEN_HUGE], line[AIR_STRLEN_HUGE];
data/teem-1.12.0~20160122/src/bin/talkweb.c:262:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(file = fopen(filename, "wb"))) {
data/teem-1.12.0~20160122/src/bin/talkweb.c:307:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
tkwbWriteIndex(char *_indx, tkwbSlide **slide, char *tag[TKWB_TAG_MAX+1]) {
data/teem-1.12.0~20160122/src/bin/talkweb.c:307:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
tkwbWriteIndex(char *_indx, tkwbSlide **slide, char *tag[TKWB_TAG_MAX+1]) {
data/teem-1.12.0~20160122/src/bin/talkweb.c:309:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *repl, *indx, tmp[AIR_STRLEN_MED];
data/teem-1.12.0~20160122/src/bin/talkweb.c:328:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(repl, "<ol>\n");
data/teem-1.12.0~20160122/src/bin/talkweb.c:334:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(repl, "</ol>");
data/teem-1.12.0~20160122/src/bin/talkweb.c:349:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
tkwbWriteSlides(tkwbSlide **slide, int numSlides, char *tmpl,
data/teem-1.12.0~20160122/src/bin/talkweb.c:350:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *tag[TKWB_TAG_MAX+1], char *link[4]) {
data/teem-1.12.0~20160122/src/bin/talkweb.c:350:44: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *tag[TKWB_TAG_MAX+1], char *link[4]) {
data/teem-1.12.0~20160122/src/bin/talkweb.c:352:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *text, name[AIR_STRLEN_MED], frst[AIR_STRLEN_MED], prev[AIR_STRLEN_MED],
data/teem-1.12.0~20160122/src/bin/talkweb.c:376:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "slide%03d.html", si+1);
data/teem-1.12.0~20160122/src/bin/talkweb.c:388:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
tkwbDoit(char *indxS, char *tmplS, char *scriptS,
data/teem-1.12.0~20160122/src/bin/talkweb.c:388:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
tkwbDoit(char *indxS, char *tmplS, char *scriptS,
data/teem-1.12.0~20160122/src/bin/talkweb.c:388:36: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
tkwbDoit(char *indxS, char *tmplS, char *scriptS,
data/teem-1.12.0~20160122/src/bin/talkweb.c:389:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *tag[TKWB_TAG_MAX+1], char *link[4]) {
data/teem-1.12.0~20160122/src/bin/talkweb.c:389:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *tag[TKWB_TAG_MAX+1], char *link[4]) {
data/teem-1.12.0~20160122/src/bin/talkweb.c:439:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *err, *indxS, *tmplS, *scriptS, *pretag[TKWB_TAG_MAX+1],
data/teem-1.12.0~20160122/src/bin/talkweb.c:499:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
tag[ti] = (char *)calloc(strlen(pretag[ti]) + strlen("<!---->") + 1,
data/teem-1.12.0~20160122/src/bin/tend.c:67:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vbuff[AIR_STRLEN_LARGE];
data/teem-1.12.0~20160122/src/bin/unu.c:91:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vbuff[AIR_STRLEN_LARGE];
data/teem-1.12.0~20160122/src/bin/vprobe.c:68:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[4][AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/coil/coil.h:110:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/coil/coil.h:141:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[AIR_STRLEN_SMALL]; /* short identifying string for kind */
data/teem-1.12.0~20160122/src/coil/enumsCoil.c:26:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *
data/teem-1.12.0~20160122/src/coil/enumsCoil.c:39:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *
data/teem-1.12.0~20160122/src/coil/enumsCoil.c:91:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *
data/teem-1.12.0~20160122/src/coil/enumsCoil.c:99:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *
data/teem-1.12.0~20160122/src/coil/methodsCoil.c:132:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/dye/dye.h:70:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
signed char spc[2], /* the spaces the two colors belong to */
data/teem-1.12.0~20160122/src/dye/dye.h:77:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
DYE_EXPORT const char *dyeSpaceToStr[DYE_MAX_SPACE+1];
data/teem-1.12.0~20160122/src/dye/methodsDye.c:33:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *
data/teem-1.12.0~20160122/src/dye/methodsDye.c:45:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *
data/teem-1.12.0~20160122/src/dye/methodsDye.c:166:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(c1, c0, sizeof(dyeColor));
data/teem-1.12.0~20160122/src/dye/test/bow.c:57:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(out = fopen(outS, "wa"))) {
data/teem-1.12.0~20160122/src/dye/test/conv.c:37:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *inS, *spcS, buff[512];
data/teem-1.12.0~20160122/src/dye/test/mchist.c:84:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char **ninStr, *err, *outS, doneStr[13];
data/teem-1.12.0~20160122/src/echo/color.c:27:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _echoBuff[128] = "";
data/teem-1.12.0~20160122/src/echo/color.c:35:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(_echoBuff, ". ");
data/teem-1.12.0~20160122/src/echo/enumsEcho.c:28:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *
data/teem-1.12.0~20160122/src/echo/enumsEcho.c:46:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *
data/teem-1.12.0~20160122/src/echo/enumsEcho.c:86:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *
data/teem-1.12.0~20160122/src/echo/enumsEcho.c:120:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *
data/teem-1.12.0~20160122/src/echo/enumsEcho.c:184:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *
data/teem-1.12.0~20160122/src/echo/enumsEcho.c:193:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *
data/teem-1.12.0~20160122/src/echo/renderEcho.c:285:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char done[20];
data/teem-1.12.0~20160122/src/echo/test/glyph.c:192:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
echoParseTenNrrd(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/echo/test/glyph.c:192:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
echoParseTenNrrd(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/elf/glyphElf.c:412:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char color[3];
data/teem-1.12.0~20160122/src/ell/genmat.c:113:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[4][AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/ell/genmat.c:183:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/ell/genmat.c:309:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mat, _mat, NN*NN*sizeof(double));
data/teem-1.12.0~20160122/src/ell/genmat.c:350:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[2][AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/ell/test/inter.c:140:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[AIR_STRLEN_MED];
data/teem-1.12.0~20160122/src/gage/ctx.c:109:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ntx, ctx, sizeof(gageContext));
data/teem-1.12.0~20160122/src/gage/ctx.c:159:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ntx->off, ctx->off, fd*fd*fd*sizeof(unsigned int));
data/teem-1.12.0~20160122/src/gage/ctx.c:255:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[AIR_STRLEN_LARGE]="";
data/teem-1.12.0~20160122/src/gage/gage.h:626:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef unsigned char gageQuery[GAGE_QUERY_BYTES_NUM];
data/teem-1.12.0~20160122/src/gage/gage.h:788:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errStr[AIR_STRLEN_LARGE];
data/teem-1.12.0~20160122/src/gage/gage.h:861:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[AIR_STRLEN_SMALL]; /* short identifying string for kind */
data/teem-1.12.0~20160122/src/gage/gage.h:1232:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *nameA,
data/teem-1.12.0~20160122/src/gage/gage.h:1234:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *nameB,
data/teem-1.12.0~20160122/src/gage/gage.h:1236:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char explain[AIR_STRLEN_LARGE]);
data/teem-1.12.0~20160122/src/gage/gage.h:1269:41: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
GAGE_EXPORT int gageStackBlurParmSprint(char str[AIR_STRLEN_LARGE],
data/teem-1.12.0~20160122/src/gage/kind.c:244:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/gage/miscGage.c:176:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *
data/teem-1.12.0~20160122/src/gage/optimsig.c:711:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/gage/optimsig.c:712:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "err-%04u.nrrd", call);
data/teem-1.12.0~20160122/src/gage/optimsig.c:769:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/gage/optimsig.c:770:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "err-%04u.nrrd", call);
data/teem-1.12.0~20160122/src/gage/optimsig.c:820:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *
data/teem-1.12.0~20160122/src/gage/optimsig.c:821:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
_timefmt(char tstr[AIR_STRLEN_MED], double deltim) {
data/teem-1.12.0~20160122/src/gage/optimsig.c:824:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tstr, "%g secs", deltim);
data/teem-1.12.0~20160122/src/gage/optimsig.c:829:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tstr, "%g mins", deltim);
data/teem-1.12.0~20160122/src/gage/optimsig.c:834:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tstr, "%g hours", deltim);
data/teem-1.12.0~20160122/src/gage/optimsig.c:839:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tstr, "%g days", deltim);
data/teem-1.12.0~20160122/src/gage/optimsig.c:843:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tstr, "%g weeks", deltim);
data/teem-1.12.0~20160122/src/gage/optimsig.c:850:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tstr[AIR_STRLEN_MED];
data/teem-1.12.0~20160122/src/gage/optimsig.c:995:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tstr[AIR_STRLEN_MED];
data/teem-1.12.0~20160122/src/gage/optimsig.c:1206:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char doneStr[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/gage/optimsig.c:1300:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char doneStr[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/gage/pvl.c:148:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nvl, pvl, sizeof(gagePerVolume));
data/teem-1.12.0~20160122/src/gage/shape.c:75:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nhp, shp, sizeof(gageShape));
data/teem-1.12.0~20160122/src/gage/st.c:32:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char s[6];
data/teem-1.12.0~20160122/src/gage/stackBlur.c:126:61: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
gageStackBlurParmCompare(const gageStackBlurParm *aa, const char *_nameA,
data/teem-1.12.0~20160122/src/gage/stackBlur.c:127:61: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const gageStackBlurParm *bb, const char *_nameB,
data/teem-1.12.0~20160122/src/gage/stackBlur.c:128:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int *differ, char explain[AIR_STRLEN_LARGE]) {
data/teem-1.12.0~20160122/src/gage/stackBlur.c:133:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[2][AIR_STRLEN_LARGE], subexplain[AIR_STRLEN_LARGE];
data/teem-1.12.0~20160122/src/gage/stackBlur.c:234:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char explain[AIR_STRLEN_LARGE];
data/teem-1.12.0~20160122/src/gage/stackBlur.c:673:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *pval, xeq[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/gage/stackBlur.c:681:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if (strcpy(xeq, "k=") && stok == strstr(stok, xeq)) {
data/teem-1.12.0~20160122/src/gage/stackBlur.c:690:18: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
} else if (strcpy(xeq, "b=") && strstr(stok, xeq) == stok) {
data/teem-1.12.0~20160122/src/gage/stackBlur.c:699:18: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
} else if (strcpy(xeq, "v=") && strstr(stok, xeq) == stok) {
data/teem-1.12.0~20160122/src/gage/stackBlur.c:706:18: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
} else if (strcpy(xeq, "s=") && strstr(stok, xeq) == stok) {
data/teem-1.12.0~20160122/src/gage/stackBlur.c:715:18: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
} else if (strcpy(xeq, "dggsm=") && strstr(stok, xeq) == stok) {
data/teem-1.12.0~20160122/src/gage/stackBlur.c:805:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
gageStackBlurParmSprint(char str[AIR_STRLEN_LARGE],
data/teem-1.12.0~20160122/src/gage/stackBlur.c:810:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *out, stmp[AIR_STRLEN_LARGE];
data/teem-1.12.0~20160122/src/gage/stackBlur.c:820:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(out, "%.17g-%u-%.17g",
data/teem-1.12.0~20160122/src/gage/stackBlur.c:841:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(stmp, "%c", AIR_CAST(char, fi));
data/teem-1.12.0~20160122/src/gage/stackBlur.c:854:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(out, "k="); strcat(out, stmp);
data/teem-1.12.0~20160122/src/gage/stackBlur.c:863:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(out, "b="); strcat(out, stmp);
data/teem-1.12.0~20160122/src/gage/stackBlur.c:867:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(out, "/s=");
data/teem-1.12.0~20160122/src/gage/stackBlur.c:872:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(stmp, "/v=%d", sbp->verbose);
data/teem-1.12.0~20160122/src/gage/stackBlur.c:879:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(stmp, "/dggsm=%.17g", sbp->dgGoodSigmaMax);
data/teem-1.12.0~20160122/src/gage/stackBlur.c:892:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
_gageHestStackBlurParmParse(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/gage/stackBlur.c:892:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
_gageHestStackBlurParmParse(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/gage/stackBlur.c:962:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char
data/teem-1.12.0~20160122/src/gage/stackBlur.c:977:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char val[KVP_NUM][AIR_STRLEN_LARGE];
data/teem-1.12.0~20160122/src/gage/stackBlur.c:996:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(blurVal[blIdx].val[0], "true");
data/teem-1.12.0~20160122/src/gage/stackBlur.c:997:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(blurVal[blIdx].val[1], "%u", cksum);
data/teem-1.12.0~20160122/src/gage/stackBlur.c:998:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(blurVal[blIdx].val[2], "%.17g", sbp->sigma[blIdx]);
data/teem-1.12.0~20160122/src/gage/stackBlur.c:1006:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(blurVal[blIdx].val[8], "%.17g", sbp->dgGoodSigmaMax);
data/teem-1.12.0~20160122/src/gage/stackBlur.c:1430:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kstr[AIR_STRLEN_LARGE], bstr[AIR_STRLEN_LARGE];
data/teem-1.12.0~20160122/src/gage/stackBlur.c:1633:29: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
firstExists = !!(file = fopen(fname, "r"));
data/teem-1.12.0~20160122/src/gage/test/aalias.c:39:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *err, done[13];
data/teem-1.12.0~20160122/src/gage/test/ctfix.c:38:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *err, done[13];
data/teem-1.12.0~20160122/src/gage/test/vh.c:35:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *err, done[13];
data/teem-1.12.0~20160122/src/hest/hest.h:78:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int (*parse)(void *ptr, char *str, char err[AIR_STRLEN_HUGE]);
data/teem-1.12.0~20160122/src/hest/hest.h:78:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int (*parse)(void *ptr, char *str, char err[AIR_STRLEN_HUGE]);
data/teem-1.12.0~20160122/src/hest/methodsHest.c:119:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret, *optP, num*sizeof(hestOpt));
data/teem-1.12.0~20160122/src/hest/methodsHest.c:234:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char copy[AIR_STRLEN_HUGE], *sep;
data/teem-1.12.0~20160122/src/hest/methodsHest.c:319:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[AIR_STRLEN_HUGE], copy[AIR_STRLEN_HUGE], *sep;
data/teem-1.12.0~20160122/src/hest/methodsHest.c:353:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buff, "-%c", parm->varParamStopFlag);
data/teem-1.12.0~20160122/src/hest/parseHest.c:65:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(file = fopen(argv[ai]+1, "rb"))) {
data/teem-1.12.0~20160122/src/hest/parseHest.c:99:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[AIR_STRLEN_HUGE], *pound;
data/teem-1.12.0~20160122/src/hest/parseHest.c:120:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(oldArgv[oldArgc]+1, "rb");
data/teem-1.12.0~20160122/src/hest/parseHest.c:461:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
prms[flag] = (char *)airFree(prms[flag]);
data/teem-1.12.0~20160122/src/hest/parseHest.c:729:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ident[AIR_STRLEN_HUGE], me[]="_hestSetValues: ",
data/teem-1.12.0~20160122/src/hest/parseHest.c:797:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (1 != airParseStrS((char **)vP, prms[op], " ", 1,
data/teem-1.12.0~20160122/src/hest/parseHest.c:1044:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
airParseStrS((char **)(*((void**)vP)), prms[op], " ", nprm[op],
data/teem-1.12.0~20160122/src/hest/parseHest.c:1288:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
str = (char **)opt[op].valueP;
data/teem-1.12.0~20160122/src/hest/parseHest.c:1289:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
strP = (char ***)opt[op].valueP;
data/teem-1.12.0~20160122/src/hest/parseHest.c:1313:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
str[i] = (char *)airFree(str[i]);
data/teem-1.12.0~20160122/src/hest/parseHest.c:1325:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(*strP)[ui] = (char *)airFree((*strP)[ui]);
data/teem-1.12.0~20160122/src/hest/parseHest.c:1374:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vbuff[AIR_STRLEN_LARGE];
data/teem-1.12.0~20160122/src/hest/test/ex3.c:29:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char **in, *out, *blah[3], *option = NULL;
data/teem-1.12.0~20160122/src/hest/test/ex4.c:34:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(err, "parsed %d (not 2) doubles", ret);
data/teem-1.12.0~20160122/src/hest/test/ex5.c:33:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(err, "couldn't strdup() str");
data/teem-1.12.0~20160122/src/hest/test/ex5.c:49:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *single, *triple[3], *maybe, **many;
data/teem-1.12.0~20160122/src/hest/test/strings.c:33:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1025];
data/teem-1.12.0~20160122/src/hest/test/strings.c:35:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(line, "bingo \t\t bob \t boasts \n bumperstickers \n ");
data/teem-1.12.0~20160122/src/hest/test/strings.c:39:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(line, " \t \n ");
data/teem-1.12.0~20160122/src/hest/test/strings.c:43:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(line, "Director, writor, and editor John Sayles goes happily "
data/teem-1.12.0~20160122/src/hest/usage.c:33:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char copy[AIR_STRLEN_HUGE], *sep;
data/teem-1.12.0~20160122/src/hest/usage.c:51:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(B, "--");
data/teem-1.12.0~20160122/src/hest/usage.c:69:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(B, "\t...");
data/teem-1.12.0~20160122/src/hest/usage.c:233:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[2*AIR_STRLEN_HUGE], tmpS[AIR_STRLEN_HUGE];
data/teem-1.12.0~20160122/src/hest/usage.c:248:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buff, "Usage: ");
data/teem-1.12.0~20160122/src/hest/usage.c:251:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpS, " [%cfile\t...]", PARM->respFileFlag);
data/teem-1.12.0~20160122/src/hest/usage.c:274:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[2*AIR_STRLEN_HUGE], tmpS[AIR_STRLEN_HUGE];
data/teem-1.12.0~20160122/src/hest/usage.c:299:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buff, "%cfile ...", PARM->respFileFlag);
data/teem-1.12.0~20160122/src/hest/usage.c:305:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buff, "response file(s) containing command-line arguments");
data/teem-1.12.0~20160122/src/hest/usage.c:322:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buff, " = ");
data/teem-1.12.0~20160122/src/hest/usage.c:345:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buff, "\n ");
data/teem-1.12.0~20160122/src/hest/usage.c:352:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buff, "optional\t");
data/teem-1.12.0~20160122/src/hest/usage.c:356:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpS, "%d\t", _hestMax(opt[i].max));
data/teem-1.12.0~20160122/src/hest/usage.c:361:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpS, "%d\tor\tmore\t", opt[i].min);
data/teem-1.12.0~20160122/src/hest/usage.c:364:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpS, "%d..%d\t", opt[i].min, _hestMax(opt[i].max));
data/teem-1.12.0~20160122/src/hest/usage.c:414:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buff, "\n ");
data/teem-1.12.0~20160122/src/hest/usage.c:417:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buff, "; ");
data/teem-1.12.0~20160122/src/hest/usage.c:419:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buff, "default:\t");
data/teem-1.12.0~20160122/src/hex/dehex.c:92:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fin = fopen(inS, "r");
data/teem-1.12.0~20160122/src/hex/dehex.c:109:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(outS, "w");
data/teem-1.12.0~20160122/src/hex/enhex.c:87:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fin = fopen(inS, "rb");
data/teem-1.12.0~20160122/src/hex/enhex.c:101:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(outS, "w");
data/teem-1.12.0~20160122/src/hoover/defaultsHoover.c:36:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *
data/teem-1.12.0~20160122/src/limn/cam.c:202:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char which[AIR_STRLEN_MED];
data/teem-1.12.0~20160122/src/limn/cam.c:300:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if (!( (strcpy(which, "quaternion"), quatSpline =
data/teem-1.12.0~20160122/src/limn/cam.c:302:14: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
&& (strcpy(which, "from point"), fromSpline =
data/teem-1.12.0~20160122/src/limn/cam.c:304:14: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
&& (strcpy(which, "at point"), atptSpline =
data/teem-1.12.0~20160122/src/limn/cam.c:306:14: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
&& (strcpy(which, "up vector"), upvcSpline =
data/teem-1.12.0~20160122/src/limn/cam.c:308:14: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
&& (strcpy(which, "plane distances"), distSpline =
data/teem-1.12.0~20160122/src/limn/cam.c:310:14: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
&& (strcpy(which, "field-of-view"), fovaSpline =
data/teem-1.12.0~20160122/src/limn/cam.c:312:14: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
&& (strcpy(which, "time warp"), timeSpline =
data/teem-1.12.0~20160122/src/limn/enumsLimn.c:26:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *
data/teem-1.12.0~20160122/src/limn/enumsLimn.c:49:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *
data/teem-1.12.0~20160122/src/limn/envmap.c:144:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[3][AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/limn/io.c:279:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[AIR_STRLEN_LARGE]; /* HEY: bad Gordon */
data/teem-1.12.0~20160122/src/limn/io.c:462:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infoS[AIR_STRLEN_MED];
data/teem-1.12.0~20160122/src/limn/io.c:585:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[AIR_STRLEN_MED], name[AIR_STRLEN_MED], *tmp;
data/teem-1.12.0~20160122/src/limn/io.c:597:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "magic");
data/teem-1.12.0~20160122/src/limn/io.c:609:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "nums");
data/teem-1.12.0~20160122/src/limn/io.c:627:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "info");
data/teem-1.12.0~20160122/src/limn/io.c:668:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "type");
data/teem-1.12.0~20160122/src/limn/io.c:694:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "icnt");
data/teem-1.12.0~20160122/src/limn/io.c:719:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "indx");
data/teem-1.12.0~20160122/src/limn/io.c:758:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pld->indx, nrrd->data, nrrdElementSize(nrrd)*nrrdElementNumber(nrrd));
data/teem-1.12.0~20160122/src/limn/io.c:768:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "xyzw");
data/teem-1.12.0~20160122/src/limn/io.c:798:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pld->xyzw, nrrd->data, nrrdElementSize(nrrd)*nrrdElementNumber(nrrd));
data/teem-1.12.0~20160122/src/limn/io.c:878:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, nrrd->data, nrrdElementSize(nrrd)*nrrdElementNumber(nrrd));
data/teem-1.12.0~20160122/src/limn/io.c:888:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
_limnHestPolyDataLMPDParse(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/limn/io.c:888:50: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
_limnHestPolyDataLMPDParse(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/limn/io.c:938:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
_limnHestPolyDataOFFParse(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/limn/io.c:938:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
_limnHestPolyDataOFFParse(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/limn/io.c:1080:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[AIR_STRLEN_LARGE]; /* HEY: bad Gordon */
data/teem-1.12.0~20160122/src/limn/lpuFlotsam.c:47:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[AIR_STRLEN_LARGE], fmt[AIR_STRLEN_LARGE];
data/teem-1.12.0~20160122/src/limn/lpuFlotsam.c:54:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buff, "--- LimnPolyData Hacking ---");
data/teem-1.12.0~20160122/src/limn/lpuFlotsam.c:55:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmt, "%%%ds\n",
data/teem-1.12.0~20160122/src/limn/lpuFlotsam.c:67:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buff, " ... ");
data/teem-1.12.0~20160122/src/limn/lpu_about.c:31:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[AIR_STRLEN_LARGE], fmt[AIR_STRLEN_MED];
data/teem-1.12.0~20160122/src/limn/lpu_about.c:42:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buff, "--- lpu: LimnPolyData command-line interface ---");
data/teem-1.12.0~20160122/src/limn/lpu_about.c:43:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmt, "%%%ds\n",
data/teem-1.12.0~20160122/src/limn/lpu_about.c:47:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmt, "%%%ds\n",
data/teem-1.12.0~20160122/src/limn/polydata.c:247:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pldB->xyzw, pldA->xyzw, pldA->xyzwNum*sizeof(float)*4);
data/teem-1.12.0~20160122/src/limn/polydata.c:249:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pldB->rgba, pldA->rgba, pldA->rgbaNum*sizeof(unsigned char)*4);
data/teem-1.12.0~20160122/src/limn/polydata.c:252:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pldB->norm, pldA->norm, pldA->normNum*sizeof(float)*3);
data/teem-1.12.0~20160122/src/limn/polydata.c:255:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pldB->tex2, pldA->tex2, pldA->tex2Num*sizeof(float)*2);
data/teem-1.12.0~20160122/src/limn/polydata.c:258:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pldB->tang, pldA->tang, pldA->tangNum*sizeof(float)*3);
data/teem-1.12.0~20160122/src/limn/polydata.c:260:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pldB->indx, pldA->indx, pldA->indxNum*sizeof(unsigned int));
data/teem-1.12.0~20160122/src/limn/polydata.c:261:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pldB->type, pldA->type, pldA->primNum*sizeof(signed char));
data/teem-1.12.0~20160122/src/limn/polydata.c:262:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pldB->icnt, pldA->icnt, pldA->primNum*sizeof(unsigned int));
data/teem-1.12.0~20160122/src/limn/polydata.c:294:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pldB->xyzw + ii*size, pldA->xyzw, size*sizeof(float));
data/teem-1.12.0~20160122/src/limn/polydata.c:299:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pldB->type + ii*size, pldA->type, size*sizeof(unsigned char));
data/teem-1.12.0~20160122/src/limn/polydata.c:300:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pldB->icnt + ii*size, pldA->icnt, size*sizeof(unsigned int));
data/teem-1.12.0~20160122/src/limn/polydata.c:303:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pldB->rgba + ii*size, pldA->rgba, size*sizeof(unsigned char));
data/teem-1.12.0~20160122/src/limn/polydata.c:307:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pldB->norm + ii*size, pldA->norm, size*sizeof(float));
data/teem-1.12.0~20160122/src/limn/polydata.c:311:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pldB->tex2 + ii*size, pldA->tex2, size*sizeof(float));
data/teem-1.12.0~20160122/src/limn/polydata.c:315:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pldB->tang + ii*size, pldA->tang, size*sizeof(float));
data/teem-1.12.0~20160122/src/limn/polymod.c:834:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pld->xyzw, pldTmp.xyzw, oldVertNum*4*sizeof(float));
data/teem-1.12.0~20160122/src/limn/polymod.c:836:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pld->rgba, pldTmp.rgba, oldVertNum*4*sizeof(unsigned char));
data/teem-1.12.0~20160122/src/limn/polymod.c:839:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pld->norm, pldTmp.norm, oldVertNum*3*sizeof(float));
data/teem-1.12.0~20160122/src/limn/polymod.c:842:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pld->tex2, pldTmp.tex2, oldVertNum*2*sizeof(float));
data/teem-1.12.0~20160122/src/limn/polymod.c:845:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pld->tang, pldTmp.tang, oldVertNum*3*sizeof(float));
data/teem-1.12.0~20160122/src/limn/polymod.c:1482:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(baseIndx, startIndx[sortIdx],
data/teem-1.12.0~20160122/src/limn/polymod.c:2017:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pld, newpld, sizeof(limnPolyData));
data/teem-1.12.0~20160122/src/limn/polymod.c:2112:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret->type, pld->type, sizeof(char)*pld->primNum);
data/teem-1.12.0~20160122/src/limn/polymod.c:2113:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret->icnt, pld->icnt, sizeof(int)*pld->primNum);
data/teem-1.12.0~20160122/src/limn/polymod.c:2162:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret->xyzw+4*vertNum, plds[i]->xyzw,
data/teem-1.12.0~20160122/src/limn/polymod.c:2165:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret->rgba+4*vertNum, plds[i]->rgba,
data/teem-1.12.0~20160122/src/limn/polymod.c:2169:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret->norm+3*vertNum, plds[i]->norm,
data/teem-1.12.0~20160122/src/limn/polymod.c:2173:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret->tex2+2*vertNum, plds[i]->tex2,
data/teem-1.12.0~20160122/src/limn/polymod.c:2177:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret->tang+3*vertNum, plds[i]->tang,
data/teem-1.12.0~20160122/src/limn/polyshapes.c:1140:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(verts,icovertices,sizeof(float)*12*3);
data/teem-1.12.0~20160122/src/limn/polyshapes.c:1145:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(edges,icoedges,sizeof(unsigned int)*60);
data/teem-1.12.0~20160122/src/limn/polyshapes.c:1150:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(faces,icofaces,sizeof(unsigned int)*60);
data/teem-1.12.0~20160122/src/limn/polyshapes.c:1168:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newverts, verts, sizeof(float)*3*vertNum);
data/teem-1.12.0~20160122/src/limn/polyshapes.c:1269:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pld->norm, verts, sizeof(float)*3*vertNum);
data/teem-1.12.0~20160122/src/limn/splineMethods.c:135:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[2][AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/limn/splineMethods.c:259:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/limn/splineMethods.c:417:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[2][AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/limn/splineMisc.c:27:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *
data/teem-1.12.0~20160122/src/limn/splineMisc.c:37:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *
data/teem-1.12.0~20160122/src/limn/splineMisc.c:81:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *
data/teem-1.12.0~20160122/src/limn/splineMisc.c:92:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *
data/teem-1.12.0~20160122/src/limn/splineMisc.c:361:41: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
_limnHestSplineTypeSpecParse(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/limn/splineMisc.c:361:52: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
_limnHestSplineTypeSpecParse(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/limn/splineMisc.c:399:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
_limnHestSplineParse(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/limn/splineMisc.c:399:44: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
_limnHestSplineParse(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/limn/test/plot.c:150:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/limn/test/plot.c:195:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buff, "%g", pparm->horzTick[ti]);
data/teem-1.12.0~20160122/src/limn/test/plot.c:218:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buff, "%g", pparm->vertTick[ti]);
data/teem-1.12.0~20160122/src/limn/test/tcamanim.c:34:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[AIR_STRLEN_HUGE];
data/teem-1.12.0~20160122/src/limn/test/tio.c:38:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen("in.lmpd", "r");
data/teem-1.12.0~20160122/src/limn/test/tio.c:46:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen("out.vtk", "w");
data/teem-1.12.0~20160122/src/limn/test/tps.c:155:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
win->file = fopen(outS, "w");
data/teem-1.12.0~20160122/src/limn/transform.c:368:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buff, face->vertIdx, face->sideNum*sizeof(int));
data/teem-1.12.0~20160122/src/limn/transform.c:372:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buff, face->edgeIdx, face->sideNum*sizeof(int));
data/teem-1.12.0~20160122/src/meet/enumall.c:222:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err[AIR_STRLEN_LARGE];
data/teem-1.12.0~20160122/src/meet/meet.h:170:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char explain[AIR_STRLEN_LARGE]);
data/teem-1.12.0~20160122/src/meet/meetGage.c:73:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
_meetHestConstGageKindParse(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/meet/meetGage.c:73:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
_meetHestConstGageKindParse(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/meet/meetGage.c:96:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
_meetHestGageKindParse(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/meet/meetGage.c:96:46: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
_meetHestGageKindParse(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/meet/meetPull.c:228:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
meetHestPullVolParse(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/meet/meetPull.c:228:44: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
meetHestPullVolParse(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/meet/meetPull.c:308:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int *can, char explain[AIR_STRLEN_LARGE]) {
data/teem-1.12.0~20160122/src/meet/meetPull.c:310:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subexplain[AIR_STRLEN_LARGE];
data/teem-1.12.0~20160122/src/meet/meetPull.c:320:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(explain, "original loaded from stdin");
data/teem-1.12.0~20160122/src/meet/meetPull.c:484:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char explain[AIR_STRLEN_LARGE];
data/teem-1.12.0~20160122/src/meet/meetPull.c:521:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char formatSS[AIR_STRLEN_LARGE];
data/teem-1.12.0~20160122/src/meet/meetPull.c:737:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
meetHestPullInfoParse(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/meet/meetPull.c:737:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
meetHestPullInfoParse(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/meet/test/strace.c:159:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char doneStr[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/meet/test/strace.c:692:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_LARGE];
data/teem-1.12.0~20160122/src/meet/test/strace.c:749:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char doneStr[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/mite/mite.h:155:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shadeStr[AIR_STRLEN_MED], /* how to do shading */
data/teem-1.12.0~20160122/src/mite/mite.h:445:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
MITE_EXPORT char miteRangeChar[MITE_RANGE_NUM+1];
data/teem-1.12.0~20160122/src/mite/ray.c:253:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mtt->range, muu->rangeInit, MITE_RANGE_NUM*sizeof(mite_t));
data/teem-1.12.0~20160122/src/mite/ray.c:332:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(muu->ndebug->axis[0].label, ",,");
data/teem-1.12.0~20160122/src/mite/ray.c:334:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(muu->ndebug->axis[0].label, "R,G,B,A,Z");
data/teem-1.12.0~20160122/src/mite/shade.c:173:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var[4][AIR_STRLEN_MED];
data/teem-1.12.0~20160122/src/mite/shade.c:178:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buff, "none");
data/teem-1.12.0~20160122/src/mite/txf.c:32:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char
data/teem-1.12.0~20160122/src/mite/txf.c:257:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp1[AIR_STRLEN_SMALL], stmp2[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/mite/txf.c:299:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/mite/txf.c:593:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/moss/hestMoss.c:28:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
_mossHestTransformParse (void *ptr, char *_str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/moss/hestMoss.c:28:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
_mossHestTransformParse (void *ptr, char *_str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/moss/hestMoss.c:102:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
_mossHestOriginParse (void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/moss/hestMoss.c:102:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
_mossHestOriginParse (void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/nrrd/accessors.c:217:57: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
static int _nrrdSprintCH(char *s, const CH *v) { return sprintf(s, "%d", *v); }
data/teem-1.12.0~20160122/src/nrrd/accessors.c:218:57: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
static int _nrrdSprintUC(char *s, const UC *v) { return sprintf(s, "%u", *v); }
data/teem-1.12.0~20160122/src/nrrd/accessors.c:219:57: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
static int _nrrdSprintSH(char *s, const SH *v) { return sprintf(s, "%d", *v); }
data/teem-1.12.0~20160122/src/nrrd/accessors.c:220:57: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
static int _nrrdSprintUS(char *s, const US *v) { return sprintf(s, "%u", *v); }
data/teem-1.12.0~20160122/src/nrrd/accessors.c:221:57: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
static int _nrrdSprintIN(char *s, const JN *v) { return sprintf(s, "%d", *v); }
data/teem-1.12.0~20160122/src/nrrd/accessors.c:222:57: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
static int _nrrdSprintUI(char *s, const UI *v) { return sprintf(s, "%u", *v); }
data/teem-1.12.0~20160122/src/nrrd/accessors.c:521:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char explain[AIR_STRLEN_LARGE]) {
data/teem-1.12.0~20160122/src/nrrd/accessors.c:526:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/apply1D.c:166:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp1[AIR_STRLEN_SMALL], stmp2[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/apply1D.c:707:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp1[AIR_STRLEN_SMALL], stmp2[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/apply1D.c:830:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/apply2D.c:75:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/arraysNrrd.c:31:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char
data/teem-1.12.0~20160122/src/nrrd/axis.c:950:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int *differ, char explain[AIR_STRLEN_LARGE]) {
data/teem-1.12.0~20160122/src/nrrd/axis.c:964:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp1[AIR_STRLEN_SMALL], stmp2[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/axis.c:991:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/axis.c:992:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(stmp, "spaceDirection[%u]", saxi);
data/teem-1.12.0~20160122/src/nrrd/deringNrrd.c:415:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kstr[AIR_STRLEN_LARGE];
data/teem-1.12.0~20160122/src/nrrd/deringNrrd.c:478:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&nonconstdata, &cdata, sizeof(void*));
data/teem-1.12.0~20160122/src/nrrd/deringNrrd.c:599:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/deringNrrd.c:600:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "wght-%02u.nrrd", dbg->zi);
data/teem-1.12.0~20160122/src/nrrd/deringNrrd.c:645:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fn[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/deringNrrd.c:646:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fn, "rshp-%02u.nrrd", dbg->zi); nrrdSave(fn, dbg->nptxf[RSHP],NULL);
data/teem-1.12.0~20160122/src/nrrd/deringNrrd.c:647:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fn, "crop-%02u.nrrd", dbg->zi); nrrdSave(fn, dbg->nptxf[CROP],NULL);
data/teem-1.12.0~20160122/src/nrrd/deringNrrd.c:651:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fn[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/deringNrrd.c:652:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fn, "orig-%02u.nrrd", dbg->zi); nrrdSave(fn, dbg->nptxf[ORIG],NULL);
data/teem-1.12.0~20160122/src/nrrd/deringNrrd.c:653:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fn, "blrr-%02u.nrrd", dbg->zi); nrrdSave(fn, dbg->nptxf[BLRR],NULL);
data/teem-1.12.0~20160122/src/nrrd/deringNrrd.c:654:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fn, "diff-%02u.nrrd", dbg->zi); nrrdSave(fn, dbg->nptxf[DIFF],NULL);
data/teem-1.12.0~20160122/src/nrrd/deringNrrd.c:655:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fn, "ring-%02u.nrrd", dbg->zi); nrrdSave(fn, dbg->nptxf[RING],NULL);
data/teem-1.12.0~20160122/src/nrrd/deringNrrd.c:717:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/deringNrrd.c:718:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "ring2-%02u.nrrd", dbg->zi); nrrdSave(fname, dbg->nptxf[RING], NULL);
data/teem-1.12.0~20160122/src/nrrd/deringNrrd.c:719:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "drng-%02u.nrrd", dbg->zi); nrrdSave(fname, dbg->nslice, NULL);
data/teem-1.12.0~20160122/src/nrrd/encodingAscii.c:39:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbStr[AIR_STRLEN_HUGE]; /* HEY: fix this */
data/teem-1.12.0~20160122/src/nrrd/encodingAscii.c:56:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp1[AIR_STRLEN_SMALL], stmp2[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/encodingAscii.c:115:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[AIR_STRLEN_MED];
data/teem-1.12.0~20160122/src/nrrd/encodingBzip2.c:125:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp1[AIR_STRLEN_SMALL], stmp2[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/encodingBzip2.c:221:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp1[AIR_STRLEN_SMALL], stmp2[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/encodingGzip.c:135:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp1[AIR_STRLEN_SMALL], stmp2[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/encodingGzip.c:142:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_data, buff + sizeRed - sizeData - backwards, sizeData);
data/teem-1.12.0~20160122/src/nrrd/encodingGzip.c:180:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp1[AIR_STRLEN_SMALL], stmp2[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/encodingGzip.c:215:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmt[4];
data/teem-1.12.0~20160122/src/nrrd/encodingGzip.c:279:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp1[AIR_STRLEN_SMALL], stmp2[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/encodingHex.c:100:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp1[AIR_STRLEN_SMALL], stmp2[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/encodingRaw.c:43:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[3][AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/encodingRaw.c:135:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[3][AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/enumsNrrd.c:50:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *
data/teem-1.12.0~20160122/src/nrrd/enumsNrrd.c:61:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *
data/teem-1.12.0~20160122/src/nrrd/enumsNrrd.c:107:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *
data/teem-1.12.0~20160122/src/nrrd/enumsNrrd.c:123:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *
data/teem-1.12.0~20160122/src/nrrd/enumsNrrd.c:198:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *
data/teem-1.12.0~20160122/src/nrrd/enumsNrrd.c:209:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *
data/teem-1.12.0~20160122/src/nrrd/enumsNrrd.c:255:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *
data/teem-1.12.0~20160122/src/nrrd/enumsNrrd.c:262:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *
data/teem-1.12.0~20160122/src/nrrd/enumsNrrd.c:322:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *
data/teem-1.12.0~20160122/src/nrrd/enumsNrrd.c:358:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *
data/teem-1.12.0~20160122/src/nrrd/enumsNrrd.c:495:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *
data/teem-1.12.0~20160122/src/nrrd/enumsNrrd.c:536:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *
data/teem-1.12.0~20160122/src/nrrd/enumsNrrd.c:681:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *
data/teem-1.12.0~20160122/src/nrrd/enumsNrrd.c:700:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *
data/teem-1.12.0~20160122/src/nrrd/enumsNrrd.c:786:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *
data/teem-1.12.0~20160122/src/nrrd/enumsNrrd.c:795:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *
data/teem-1.12.0~20160122/src/nrrd/enumsNrrd.c:820:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *
data/teem-1.12.0~20160122/src/nrrd/enumsNrrd.c:831:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *
data/teem-1.12.0~20160122/src/nrrd/enumsNrrd.c:886:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *
data/teem-1.12.0~20160122/src/nrrd/enumsNrrd.c:896:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *
data/teem-1.12.0~20160122/src/nrrd/enumsNrrd.c:920:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *
data/teem-1.12.0~20160122/src/nrrd/enumsNrrd.c:955:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *
data/teem-1.12.0~20160122/src/nrrd/enumsNrrd.c:1105:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *
data/teem-1.12.0~20160122/src/nrrd/enumsNrrd.c:1142:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *
data/teem-1.12.0~20160122/src/nrrd/enumsNrrd.c:1266:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *
data/teem-1.12.0~20160122/src/nrrd/enumsNrrd.c:1294:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *
data/teem-1.12.0~20160122/src/nrrd/enumsNrrd.c:1413:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *
data/teem-1.12.0~20160122/src/nrrd/enumsNrrd.c:1434:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *
data/teem-1.12.0~20160122/src/nrrd/enumsNrrd.c:1513:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *
data/teem-1.12.0~20160122/src/nrrd/enumsNrrd.c:1522:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *
data/teem-1.12.0~20160122/src/nrrd/enumsNrrd.c:1562:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *
data/teem-1.12.0~20160122/src/nrrd/enumsNrrd.c:1570:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *
data/teem-1.12.0~20160122/src/nrrd/filt.c:221:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char done[13];
data/teem-1.12.0~20160122/src/nrrd/formatEPS.c:74:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/formatNRRD.c:612:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strbuf[AIR_STRLEN_MED], *strptr, *tmp;
data/teem-1.12.0~20160122/src/nrrd/formatPNG.c:91:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/formatPNG.c:440:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/formatPNG.c:567:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
txt[jj].key = (char *)airFree(txt[jj].key);
data/teem-1.12.0~20160122/src/nrrd/formatPNG.c:568:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
txt[jj].text = (char *)airFree(txt[jj].text);
data/teem-1.12.0~20160122/src/nrrd/formatPNM.c:79:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/formatText.c:179:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/formatText.c:195:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/formatText.c:209:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/formatText.c:227:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/formatText.c:234:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp1[AIR_STRLEN_SMALL], stmp2[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/formatText.c:273:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nrrd->data, al, sx*sy*sizeof(float));
data/teem-1.12.0~20160122/src/nrrd/formatText.c:281:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmt[AIR_STRLEN_SMALL], buff[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/formatText.c:287:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmt, "%c ", NRRD_COMMENT_CHAR);
data/teem-1.12.0~20160122/src/nrrd/formatVTK.c:92:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *three[3];
data/teem-1.12.0~20160122/src/nrrd/formatVTK.c:296:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[AIR_STRLEN_MED], name[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/formatVTK.c:332:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(type, "unsigned_char");
data/teem-1.12.0~20160122/src/nrrd/formatVTK.c:335:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(type, "char");
data/teem-1.12.0~20160122/src/nrrd/formatVTK.c:338:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(type, "unsigned_short");
data/teem-1.12.0~20160122/src/nrrd/formatVTK.c:341:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(type, "short");
data/teem-1.12.0~20160122/src/nrrd/formatVTK.c:344:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(type, "unsigned_int");
data/teem-1.12.0~20160122/src/nrrd/formatVTK.c:347:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(type, "int");
data/teem-1.12.0~20160122/src/nrrd/formatVTK.c:350:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(type, "float");
data/teem-1.12.0~20160122/src/nrrd/formatVTK.c:353:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(type, "double");
data/teem-1.12.0~20160122/src/nrrd/formatVTK.c:382:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "nrrd%05d", airRandInt(100000));
data/teem-1.12.0~20160122/src/nrrd/gzio.c:108:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *_nrrdGzErrMsg[10] = {
data/teem-1.12.0~20160122/src/nrrd/gzio.c:166:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmode[AIR_STRLEN_MED]; /* copy of mode, without the compression level */
data/teem-1.12.0~20160122/src/nrrd/gzio.c:335:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s->stream.next_out, s->stream.next_in, n);
data/teem-1.12.0~20160122/src/nrrd/gzio.c:425:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&nonconstbuf, &buf, sizeof(void*));
data/teem-1.12.0~20160122/src/nrrd/hestNrrd.c:38:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
_nrrdHestNrrdParse(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/nrrd/hestNrrd.c:38:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
_nrrdHestNrrdParse(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/nrrd/hestNrrd.c:81:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
_nrrdHestKernelSpecParse(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/nrrd/hestNrrd.c:81:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
_nrrdHestKernelSpecParse(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/nrrd/hestNrrd.c:114:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
_nrrdHestBoundarySpecParse(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/nrrd/hestNrrd.c:114:50: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
_nrrdHestBoundarySpecParse(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/nrrd/hestNrrd.c:192:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
_nrrdHestIterParse(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/nrrd/hestNrrd.c:192:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
_nrrdHestIterParse(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/nrrd/histogram.c:60:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/histogram.c:89:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/histogram.c:195:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmt[AIR_STRLEN_MED], stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/histogram.c:300:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmt, "min value: %g\n", nout->axis[0].min);
data/teem-1.12.0~20160122/src/nrrd/histogram.c:302:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmt, "max value: %g\n", nout->axis[0].max);
data/teem-1.12.0~20160122/src/nrrd/histogram.c:356:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/histogram.c:427:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(coordOut, coordIn, nin->dim*sizeof(size_t));
data/teem-1.12.0~20160122/src/nrrd/histogram.c:517:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/histogram.c:530:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp1[AIR_STRLEN_SMALL], stmp2[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/histogram.c:576:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/iter.c:130:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ret, buff[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/kernel.c:2975:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[AIR_STRLEN_HUGE],
data/teem-1.12.0~20160122/src/nrrd/kernel.c:3163:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
nrrdKernelSpecSprint(char str[AIR_STRLEN_LARGE], const NrrdKernelSpec *ksp) {
data/teem-1.12.0~20160122/src/nrrd/kernel.c:3166:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_LARGE];
data/teem-1.12.0~20160122/src/nrrd/kernel.c:3195:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "tmf:%c,%c,%c",
data/teem-1.12.0~20160122/src/nrrd/kernel.c:3201:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(stmp, ",%.17g", ksp->parm[0]);
data/teem-1.12.0~20160122/src/nrrd/kernel.c:3209:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(stmp, "%c%.17g", (!pi ? ':' : ','), ksp->parm[pi]);
data/teem-1.12.0~20160122/src/nrrd/kernel.c:3222:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
nrrdKernelSprint(char str[AIR_STRLEN_LARGE], const NrrdKernel *kernel,
data/teem-1.12.0~20160122/src/nrrd/kernel.c:3244:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int *differ, char explain[AIR_STRLEN_LARGE]) {
data/teem-1.12.0~20160122/src/nrrd/kernel.c:3293:36: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int *differ, char explain[AIR_STRLEN_LARGE]) {
data/teem-1.12.0~20160122/src/nrrd/kernel.c:3295:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subexplain[AIR_STRLEN_LARGE];
data/teem-1.12.0~20160122/src/nrrd/kernel.c:3370:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kstr[AIR_STRLEN_LARGE], kspstr[AIR_STRLEN_LARGE],
data/teem-1.12.0~20160122/src/nrrd/keyvalue.c:244:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(dst, "\\n");
data/teem-1.12.0~20160122/src/nrrd/keyvalue.c:251:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(dst, "\\\\");
data/teem-1.12.0~20160122/src/nrrd/keyvalue.c:258:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(dst, "\\\"");
data/teem-1.12.0~20160122/src/nrrd/keyvalue.c:313:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(*stringP, ":=");
data/teem-1.12.0~20160122/src/nrrd/map.c:140:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typeS[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/measure.c:224:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(line, _line, len*nrrdTypeSize[lineType]);
data/teem-1.12.0~20160122/src/nrrd/measure.c:268:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(line, _line, len*nrrdTypeSize[lineType]);
data/teem-1.12.0~20160122/src/nrrd/measure.c:1209:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp1[AIR_STRLEN_SMALL], stmp2[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/measure.c:1226:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(line + ei*iElSz, ptr + ei*iElSz*colNum, iElSz);
data/teem-1.12.0~20160122/src/nrrd/methodsNrrd.c:178:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
nrrdBoundarySpecSprint(char str[AIR_STRLEN_LARGE],
data/teem-1.12.0~20160122/src/nrrd/methodsNrrd.c:195:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(out, ":%.17g", bspec->padValue);
data/teem-1.12.0~20160122/src/nrrd/methodsNrrd.c:203:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int *differ, char explain[AIR_STRLEN_LARGE]) {
data/teem-1.12.0~20160122/src/nrrd/methodsNrrd.c:233:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(explain, "padValue differ: %.17g != %.17g",
data/teem-1.12.0~20160122/src/nrrd/methodsNrrd.c:406:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ksp, oldKsp, sizeof(NrrdKernelSpec));
data/teem-1.12.0~20160122/src/nrrd/methodsNrrd.c:911:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nout->data, nin->data,
data/teem-1.12.0~20160122/src/nrrd/methodsNrrd.c:974:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[2][AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/methodsNrrd.c:1077:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/methodsNrrd.c:1207:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int *differ, char explain[AIR_STRLEN_LARGE]) {
data/teem-1.12.0~20160122/src/nrrd/methodsNrrd.c:1243:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp1[AIR_STRLEN_SMALL], stmp2[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/methodsNrrd.c:1273:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpexplain[AIR_STRLEN_LARGE];
data/teem-1.12.0~20160122/src/nrrd/methodsNrrd.c:1315:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp1[AIR_STRLEN_SMALL], stmp2[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/methodsNrrd.c:1336:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/methodsNrrd.c:1338:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(stmp, "spaceOrigin[%u]", saxi);
data/teem-1.12.0~20160122/src/nrrd/methodsNrrd.c:1340:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(stmp, "spaceUnits[%u]", saxi);
data/teem-1.12.0~20160122/src/nrrd/methodsNrrd.c:1343:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(stmp, "measurementFrame[%u][%u]", saxi, saxj);
data/teem-1.12.0~20160122/src/nrrd/methodsNrrd.c:1360:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/methodsNrrd.c:1362:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(stmp, "comment[%u]", ii);
data/teem-1.12.0~20160122/src/nrrd/methodsNrrd.c:1375:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/methodsNrrd.c:1377:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(stmp, "key/value key[%u]", ii);
data/teem-1.12.0~20160122/src/nrrd/methodsNrrd.c:1379:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(stmp, "key/value value[%u]", ii);
data/teem-1.12.0~20160122/src/nrrd/methodsNrrd.c:1401:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[2][AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/methodsNrrd.c:1423:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[2][AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/nrrd.h:170:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *spaceUnits[NRRD_SPACE_DIM_MAX];
data/teem-1.12.0~20160122/src/nrrd/nrrd.h:219:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[AIR_STRLEN_SMALL]; /* short identifying string */
data/teem-1.12.0~20160122/src/nrrd/nrrd.h:256:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[AIR_STRLEN_SMALL], /* short identifying string */
data/teem-1.12.0~20160122/src/nrrd/nrrd.h:480:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/nrrd.h:770:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
NRRD_EXPORT const char nrrdTypePrintfStr[NRRD_TYPE_MAX+1][AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/nrrd.h:788:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
NRRD_EXPORT int nrrdBoundarySpecSprint(char str[AIR_STRLEN_LARGE],
data/teem-1.12.0~20160122/src/nrrd/nrrd.h:793:41: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char explain[AIR_STRLEN_LARGE]);
data/teem-1.12.0~20160122/src/nrrd/nrrd.h:834:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int *differ, char explain[AIR_STRLEN_LARGE]);
data/teem-1.12.0~20160122/src/nrrd/nrrd.h:868:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char explain[AIR_STRLEN_LARGE]);
data/teem-1.12.0~20160122/src/nrrd/nrrd.h:1063:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char explain[AIR_STRLEN_LARGE]);
data/teem-1.12.0~20160122/src/nrrd/nrrd.h:1586:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
NRRD_EXPORT int nrrdKernelSpecSprint(char str[AIR_STRLEN_LARGE],
data/teem-1.12.0~20160122/src/nrrd/nrrd.h:1588:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
NRRD_EXPORT int nrrdKernelSprint(char str[AIR_STRLEN_LARGE],
data/teem-1.12.0~20160122/src/nrrd/nrrd.h:1596:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char explain[AIR_STRLEN_LARGE]);
data/teem-1.12.0~20160122/src/nrrd/nrrd.h:1600:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char explain[AIR_STRLEN_LARGE]);
data/teem-1.12.0~20160122/src/nrrd/parseNrrd.c:1243:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/privateNrrd.h:126:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char _nrrdEnumFieldStr[NRRD_FIELD_MAX+1][AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/privateNrrd.h:160:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char _nrrdFieldStr[NRRD_FIELD_MAX+1][AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/read.c:218:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp1[AIR_STRLEN_SMALL], stmp2[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/read.c:299:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/read.c:438:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linestart[AIR_STRLEN_SMALL], stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/reorder.c:159:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff1[NRRD_DIM_MAX*30], buff2[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/reorder.c:214:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dataIn, nin->data, nrrdElementNumber(nin)*nrrdElementSize(nin));
data/teem-1.12.0~20160122/src/nrrd/reorder.c:255:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dataOut + idxOut*lineSize, dataIn + idxInA*lineSize, lineSize);
data/teem-1.12.0~20160122/src/nrrd/reorder.c:310:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff2[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/reorder.c:325:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff1[LONGEST_INTERESTING_AXIS*30];
data/teem-1.12.0~20160122/src/nrrd/reorder.c:347:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/reorder.c:407:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dataOut + idxOut*lineSize, dataIn + idxInB*lineSize, lineSize);
data/teem-1.12.0~20160122/src/nrrd/reorder.c:415:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/reorder.c:584:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[2][AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/reorder.c:782:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dataPerm, ninperm[ni]->data, chunksize);
data/teem-1.12.0~20160122/src/nrrd/reorder.c:838:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[4][AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/reorder.c:900:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/reorder.c:987:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff1[NRRD_DIM_MAX*30], buff2[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/reorder.c:990:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[2][AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/reorder.c:1130:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nout->data, nin->data, nrrdElementNumber(nin)*nrrdElementSize(nin));
data/teem-1.12.0~20160122/src/nrrd/reorder.c:1167:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[2][AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/reorder.c:1220:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nout->data, nin->data, nrrdElementNumber(nin)*nrrdElementSize(nin));
data/teem-1.12.0~20160122/src/nrrd/reorder.c:1388:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[2][AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/resampleContext.c:302:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kstr[AIR_STRLEN_LARGE];
data/teem-1.12.0~20160122/src/nrrd/resampleContext.c:1205:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp1[AIR_STRLEN_SMALL], stmp2[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/resampleNrrd.c:137:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[2][AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/resampleNrrd.c:415:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(parm, info->parm[ai], NRRD_KERNEL_PARMS_NUM*sizeof(double));
data/teem-1.12.0~20160122/src/nrrd/resampleNrrd.c:734:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/simple.c:533:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/simple.c:756:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/simple.c:953:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/simple.c:1170:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[2][AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/simple.c:1330:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char which[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/simple.c:1333:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(which, "nrrdFormat"); goto err;
data/teem-1.12.0~20160122/src/nrrd/simple.c:1336:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(which, "nrrdType"); goto err;
data/teem-1.12.0~20160122/src/nrrd/simple.c:1339:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(which, "nrrdEncodingType"); goto err;
data/teem-1.12.0~20160122/src/nrrd/simple.c:1342:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(which, "nrrdCenter"); goto err;
data/teem-1.12.0~20160122/src/nrrd/simple.c:1345:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(which, "nrrdAxisInfo"); goto err;
data/teem-1.12.0~20160122/src/nrrd/simple.c:1349:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(which, "nrrdField"); goto err;
data/teem-1.12.0~20160122/src/nrrd/simple.c:1352:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(which, "nrrdHasNonExist"); goto err;
data/teem-1.12.0~20160122/src/nrrd/simple.c:1356:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(which, "nrrdBoundary"); goto err;
data/teem-1.12.0~20160122/src/nrrd/simple.c:1359:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(which, "nrrdMeasure"); goto err;
data/teem-1.12.0~20160122/src/nrrd/simple.c:1362:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(which, "nrrdUnaryOp"); goto err;
data/teem-1.12.0~20160122/src/nrrd/simple.c:1365:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(which, "nrrdBinaryOp"); goto err;
data/teem-1.12.0~20160122/src/nrrd/simple.c:1368:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(which, "nrrdTernaryOp"); goto err;
data/teem-1.12.0~20160122/src/nrrd/subset.c:52:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *dest, stmp[2][AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/subset.c:136:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, src, rowLen);
data/teem-1.12.0~20160122/src/nrrd/subset.c:189:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff1[NRRD_DIM_MAX*30], buff2[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/subset.c:200:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *dataIn, *dataOut, stmp[3][AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/subset.c:274:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dataOut + idxOut*typeSize, dataIn + idxIn*typeSize, lineSize);
data/teem-1.12.0~20160122/src/nrrd/subset.c:398:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *above, *below, stmp[2][AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/subset.c:591:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[2][AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/subset.c:616:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val, (char*)(nrrd->data) + I*typeSize, typeSize);
data/teem-1.12.0~20160122/src/nrrd/superset.c:44:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[2][AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/superset.c:135:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(src, dest, rowLen); /* switched src,dest from nrrdSlice() */
data/teem-1.12.0~20160122/src/nrrd/superset.c:162:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff1[NRRD_DIM_MAX*30], buff2[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/superset.c:173:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *dataIn, *dataOut, *subCont, stmp[3][AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/superset.c:254:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dataIn + idxIn*typeSize, dataOut + idxOut*typeSize, lineSize);
data/teem-1.12.0~20160122/src/nrrd/superset.c:320:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff1[NRRD_DIM_MAX*30], buff2[AIR_STRLEN_MED];
data/teem-1.12.0~20160122/src/nrrd/superset.c:337:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[2][AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/nrrd/superset.c:453:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dataOut + idxOut*typeSize, dataIn + idxIn*typeSize,
data/teem-1.12.0~20160122/src/nrrd/superset.c:462:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dataOut + idxOut*typeSize, dataIn + idxIn*typeSize, typeSize);
data/teem-1.12.0~20160122/src/nrrd/test/tkernel.c:46:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *me, *kernS[2], *minS, *stepS, *maxS, *outS, *err, kstr[AIR_STRLEN_LARGE];
data/teem-1.12.0~20160122/src/nrrd/test/tline.c:44:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return fopen(name, "r");
data/teem-1.12.0~20160122/src/nrrd/write.c:216:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
_nrrdStrcatSpaceVector(char *str, unsigned int spaceDim,
data/teem-1.12.0~20160122/src/nrrd/write.c:218:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[AIR_STRLEN_MED]; /* bad Gordon */
data/teem-1.12.0~20160122/src/nrrd/write.c:410:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[AIR_STRLEN_MED], *fnb, stmp[AIR_STRLEN_SMALL],
data/teem-1.12.0~20160122/src/nrrd/write.c:587:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(*strP, " \"");
data/teem-1.12.0~20160122/src/nrrd/write.c:662:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(*strP, " \"");
data/teem-1.12.0~20160122/src/nrrd/write.c:805:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mesg[AIR_STRLEN_MED];
data/teem-1.12.0~20160122/src/pull/constraints.c:736:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[AIR_STRLEN_LARGE];
data/teem-1.12.0~20160122/src/pull/constraints.c:738:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "%04u-%04u-phist.nrrd", task->pctx->iter, point->idtag);
data/teem-1.12.0~20160122/src/pull/constraints.c:743:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fhist = fopen(fname, "w"))) {
data/teem-1.12.0~20160122/src/pull/contextPull.c:901:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rgb[3];
data/teem-1.12.0~20160122/src/pull/corePull.c:335:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/pull/corePull.c:336:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "hinter-%05u.nrrd", pctx->iter);
data/teem-1.12.0~20160122/src/pull/corePull.c:350:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char poutS[AIR_STRLEN_MED];
data/teem-1.12.0~20160122/src/pull/corePull.c:385:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(poutS, "snap.%06d.pos.nrrd", pctx->iter);
data/teem-1.12.0~20160122/src/pull/energy.c:27:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *
data/teem-1.12.0~20160122/src/pull/energy.c:79:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *
data/teem-1.12.0~20160122/src/pull/energy.c:97:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *
data/teem-1.12.0~20160122/src/pull/energy.c:809:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
_pullHestEnergyParse(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/pull/energy.c:809:44: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
_pullHestEnergyParse(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/pull/enumsPull.c:310:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *
data/teem-1.12.0~20160122/src/pull/infoPull.c:439:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
pullInfoSpecSprint(char str[AIR_STRLEN_LARGE],
data/teem-1.12.0~20160122/src/pull/infoPull.c:443:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_LARGE];
data/teem-1.12.0~20160122/src/pull/infoPull.c:453:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "-c");
data/teem-1.12.0~20160122/src/pull/infoPull.c:477:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(stmp, "%g", ispec->zero);
data/teem-1.12.0~20160122/src/pull/infoPull.c:480:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(stmp, "%g", ispec->scale);
data/teem-1.12.0~20160122/src/pull/pointPull.c:625:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
flog = fopen("flog.txt", "w");
data/teem-1.12.0~20160122/src/pull/pointPull.c:958:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/pull/pointPull.c:964:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "%04u-%04u-%04u-phist.nrrd", pctx->iter,
data/teem-1.12.0~20160122/src/pull/pointPull.c:966:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fhist = fopen(fname, "w"))) {
data/teem-1.12.0~20160122/src/pull/pointPull.c:1085:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char doneStr[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/pull/pointPull.c:1291:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp1[AIR_STRLEN_MED], stmp2[AIR_STRLEN_MED];
data/teem-1.12.0~20160122/src/pull/pointPull.c:1296:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(stmp2, " (? bad seedthresh %g ?)",
data/teem-1.12.0~20160122/src/pull/pointPull.c:1302:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(stmp2, " (? flag.nixAtVolumeEdgeSpace true ?)");
data/teem-1.12.0~20160122/src/pull/pointPull.c:1306:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(stmp2, " (no guess as to why)");
data/teem-1.12.0~20160122/src/pull/pull.h:432:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/pull/pull.h:1133:36: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
PULL_EXPORT int pullInfoSpecSprint(char str[AIR_STRLEN_LARGE],
data/teem-1.12.0~20160122/src/pull/test/circ.c:41:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *
data/teem-1.12.0~20160122/src/pull/trace.c:695:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[AIR_STRLEN_MED], name[AIR_STRLEN_MED];
data/teem-1.12.0~20160122/src/pull/trace.c:699:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "separator");
data/teem-1.12.0~20160122/src/pull/trace.c:713:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "seed pos");
data/teem-1.12.0~20160122/src/pull/trace.c:725:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "have nrrds");
data/teem-1.12.0~20160122/src/pull/trace.c:753:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "seed idx");
data/teem-1.12.0~20160122/src/pull/trace.c:764:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "stops");
data/teem-1.12.0~20160122/src/pull/trace.c:781:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[AIR_STRLEN_MED], name[AIR_STRLEN_MED];
data/teem-1.12.0~20160122/src/pull/trace.c:790:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "magic");
data/teem-1.12.0~20160122/src/pull/trace.c:802:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "# of traces");
data/teem-1.12.0~20160122/src/push/corePush.c:317:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char poutS[AIR_STRLEN_MED], toutS[AIR_STRLEN_MED];
data/teem-1.12.0~20160122/src/push/corePush.c:339:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(poutS, "snap.%06d.pos.nrrd", pctx->iter);
data/teem-1.12.0~20160122/src/push/corePush.c:340:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(toutS, "snap.%06d.ten.nrrd", pctx->iter);
data/teem-1.12.0~20160122/src/push/forces.c:33:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *
data/teem-1.12.0~20160122/src/push/forces.c:43:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *
data/teem-1.12.0~20160122/src/push/forces.c:442:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
_pushHestEnergyParse(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/push/forces.c:442:44: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
_pushHestEnergyParse(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/push/push.h:142:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/push/test/pusher.c:35:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *outS[3];
data/teem-1.12.0~20160122/src/seek/enumsSeek.c:29:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *
data/teem-1.12.0~20160122/src/seek/enumsSeek.c:45:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *
data/teem-1.12.0~20160122/src/seek/extract.c:663:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
signed char flip[12]={0,0,0,0,0,0,0,0,0,0,0,0}, flipProd;
data/teem-1.12.0~20160122/src/seek/extract.c:894:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char done[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/seek/test/trv.c:28:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
probeParseKind(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/seek/test/trv.c:28:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
probeParseKind(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/seek/textract.c:924:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pairs,idcs,sizeof(char)*ct);
data/teem-1.12.0~20160122/src/seek/textract.c:934:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(idxnew,idcs,sizeof(char)*ct);
data/teem-1.12.0~20160122/src/seek/textract.c:976:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inter[12]; /* indices of intersections */
data/teem-1.12.0~20160122/src/seek/textract.c:984:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mask[4][4]={{_SEEK_TREATED_EDGE0, _SEEK_TREATED_EDGE1,
data/teem-1.12.0~20160122/src/seek/textract.c:994:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char treat[4]={0,0,0,0};
data/teem-1.12.0~20160122/src/seek/textract.c:1151:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char idcs[12]; /* consider if we need to restrict this */
data/teem-1.12.0~20160122/src/seek/textract.c:1326:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char edges[6][5]={{0, 2, 3, 1,12},
data/teem-1.12.0~20160122/src/seek/textract.c:1339:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char connections[84];/* (12 edges * 3 possible intersections+6 faces)*2 */
data/teem-1.12.0~20160122/src/seek/textract.c:1340:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char degeneracies[6];
data/teem-1.12.0~20160122/src/seek/textract.c:1548:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
signed char polygon[42];
data/teem-1.12.0~20160122/src/seek/updateSeek.c:550:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char doneStr[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/ten/aniso.c:1136:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp1[AIR_STRLEN_SMALL], stmp2[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/ten/bimod.c:270:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[AIR_STRLEN_MED];
data/teem-1.12.0~20160122/src/ten/bimod.c:297:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "%04d-%d.png", biparm->iteration, biparm->stage);
data/teem-1.12.0~20160122/src/ten/bvec.c:122:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/ten/chan.c:74:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpKey[AIR_STRLEN_MED],
data/teem-1.12.0~20160122/src/ten/chan.c:645:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[2][AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/ten/chan.c:882:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[6][AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/ten/chan.c:1034:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmt[128];
data/teem-1.12.0~20160122/src/ten/enumsTen.c:29:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *
data/teem-1.12.0~20160122/src/ten/enumsTen.c:77:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *
data/teem-1.12.0~20160122/src/ten/epireg.c:72:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/ten/epireg.c:299:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
thr = (unsigned char *)(nthresh[ni]->data);
data/teem-1.12.0~20160122/src/ten/epireg.c:442:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
thr = (unsigned char *)(nthresh[ni]->data);
data/teem-1.12.0~20160122/src/ten/epireg.c:1227:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/ten/estimate.c:1078:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[3][AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/ten/estimate.c:1170:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keystr[AIR_STRLEN_MED], valstr[AIR_STRLEN_MED];
data/teem-1.12.0~20160122/src/ten/estimate.c:1173:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(valstr, "%g", bValue);
data/teem-1.12.0~20160122/src/ten/estimate.c:1179:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(valstr, "%g %g %g",
data/teem-1.12.0~20160122/src/ten/estimate.c:1189:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(valstr, "%g %g %g %g %g %g",
data/teem-1.12.0~20160122/src/ten/estimate.c:1898:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char doneStr[20];
data/teem-1.12.0~20160122/src/ten/estimate.c:1905:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/ten/experSpec.c:329:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keystr[AIR_STRLEN_MED], valstr[AIR_STRLEN_MED];
data/teem-1.12.0~20160122/src/ten/experSpec.c:340:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(valstr, "%.17g", maxb);
data/teem-1.12.0~20160122/src/ten/experSpec.c:351:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(valstr, "%.17g %.17g %.17g", vec[0], vec[1], vec[2]);
data/teem-1.12.0~20160122/src/ten/fiber.c:678:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pans[tfx->halfIdx] + pansLen*pansIdx, pansP,
data/teem-1.12.0~20160122/src/ten/fiber.c:789:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(valOut + pansLen*outIdx, pans[0] + pansLen*i,
data/teem-1.12.0~20160122/src/ten/fiber.c:794:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(valOut + pansLen*outIdx, pans[1] + pansLen*i,
data/teem-1.12.0~20160122/src/ten/fiber.c:1256:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(valOut + pansLen*vertTotalIdx,
data/teem-1.12.0~20160122/src/ten/fiberMethods.c:844:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tfx, oldTfx, sizeof(tenFiberContext));
data/teem-1.12.0~20160122/src/ten/glyph.c:79:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[5][AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/ten/glyph.c:200:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/ten/grads.c:77:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/ten/grads.c:93:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/ten/grads.c:470:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/ten/grads.c:529:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(npos[newIdx]->data, npos[oldIdx]->data, 3*num*sizeof(double));
data/teem-1.12.0~20160122/src/ten/grads.c:546:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(npos[newIdx]->data, npos[oldIdx]->data, 3*num*sizeof(double));
data/teem-1.12.0~20160122/src/ten/grads.c:566:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(filename, "%05d.nrrd", iter/tgparm->snap);
data/teem-1.12.0~20160122/src/ten/miscTen.c:49:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/ten/miscTen.c:227:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/ten/miscTen.c:243:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/ten/model1Cylinder.c:61:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *
data/teem-1.12.0~20160122/src/ten/model1Cylinder.c:62:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
parmSprint(char str[AIR_STRLEN_MED], const double *parm) {
data/teem-1.12.0~20160122/src/ten/model1Cylinder.c:63:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "(%g) %gX%g (%g,%g,%g)", parm[0],
data/teem-1.12.0~20160122/src/ten/model1Stick.c:55:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *
data/teem-1.12.0~20160122/src/ten/model1Stick.c:56:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
parmSprint(char str[AIR_STRLEN_MED], const double *parm) {
data/teem-1.12.0~20160122/src/ten/model1Stick.c:57:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "(%g) %g (%g,%g,%g)", parm[0], parm[1],
data/teem-1.12.0~20160122/src/ten/model1Tensor2.c:59:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *
data/teem-1.12.0~20160122/src/ten/model1Tensor2.c:60:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
parmSprint(char str[AIR_STRLEN_MED], const double *parm) {
data/teem-1.12.0~20160122/src/ten/model1Tensor2.c:61:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "(%g) [%g %g %g; %g %g; %g]", parm[0],
data/teem-1.12.0~20160122/src/ten/model1Unit2D.c:48:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *
data/teem-1.12.0~20160122/src/ten/model1Unit2D.c:49:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
parmSprint(char str[AIR_STRLEN_MED], const double *parm) {
data/teem-1.12.0~20160122/src/ten/model1Unit2D.c:50:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "(%g) th=%g", parm[0], parm[1]);
data/teem-1.12.0~20160122/src/ten/model1Vector2D.c:50:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *
data/teem-1.12.0~20160122/src/ten/model1Vector2D.c:51:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
parmSprint(char str[AIR_STRLEN_MED], const double *parm) {
data/teem-1.12.0~20160122/src/ten/model1Vector2D.c:52:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "(%g) r=%g th=%g", parm[0], parm[1], parm[2]);
data/teem-1.12.0~20160122/src/ten/model2Unit2D.c:56:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *
data/teem-1.12.0~20160122/src/ten/model2Unit2D.c:57:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
parmSprint(char str[AIR_STRLEN_MED], const double *parm) {
data/teem-1.12.0~20160122/src/ten/model2Unit2D.c:58:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "(%g) (1-f)*th0=%g + (f=%g)*th1=%g",
data/teem-1.12.0~20160122/src/ten/modelB0.c:45:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *
data/teem-1.12.0~20160122/src/ten/modelB0.c:46:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
parmSprint(char str[AIR_STRLEN_MED], const double *parm) {
data/teem-1.12.0~20160122/src/ten/modelB0.c:47:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "(%g)", parm[0]);
data/teem-1.12.0~20160122/src/ten/modelBall.c:47:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *
data/teem-1.12.0~20160122/src/ten/modelBall.c:48:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
parmSprint(char str[AIR_STRLEN_MED], const double *parm) {
data/teem-1.12.0~20160122/src/ten/modelBall.c:49:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "(%g) %g", parm[0], parm[1]);
data/teem-1.12.0~20160122/src/ten/modelBall1Cylinder.c:67:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *
data/teem-1.12.0~20160122/src/ten/modelBall1Cylinder.c:68:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
parmSprint(char str[AIR_STRLEN_MED], const double *parm) {
data/teem-1.12.0~20160122/src/ten/modelBall1Cylinder.c:69:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "(%g) [(1-f) %g + (f=%g) %gX%g (%g,%g,%g)]", parm[0],
data/teem-1.12.0~20160122/src/ten/modelBall1Stick.c:62:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *
data/teem-1.12.0~20160122/src/ten/modelBall1Stick.c:63:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
parmSprint(char str[AIR_STRLEN_MED], const double *parm) {
data/teem-1.12.0~20160122/src/ten/modelBall1Stick.c:64:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "(%g) (1-f)*%g + (f=%g)*(%g @ (%g,%g,%g))", parm[0],
data/teem-1.12.0~20160122/src/ten/modelBall1StickEMD.c:59:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *
data/teem-1.12.0~20160122/src/ten/modelBall1StickEMD.c:60:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
parmSprint(char str[AIR_STRLEN_MED], const double *parm) {
data/teem-1.12.0~20160122/src/ten/modelBall1StickEMD.c:61:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "(%g) %g * (%g + %g*(%g,%g,%g))", parm[0],
data/teem-1.12.0~20160122/src/ten/modelZero.c:46:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *
data/teem-1.12.0~20160122/src/ten/modelZero.c:47:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
parmSprint(char str[AIR_STRLEN_MED], const double *parm) {
data/teem-1.12.0~20160122/src/ten/modelZero.c:50:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "constant 0");
data/teem-1.12.0~20160122/src/ten/path.c:124:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newtip, tip, sizeof(tenInterpParm));
data/teem-1.12.0~20160122/src/ten/path.c:138:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newtip->eval, tip->eval, 3*num*sizeof(double));
data/teem-1.12.0~20160122/src/ten/path.c:139:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newtip->evec, tip->evec, 9*num*sizeof(double));
data/teem-1.12.0~20160122/src/ten/path.c:140:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newtip->rtIn, tip->rtIn, 3*num*sizeof(double));
data/teem-1.12.0~20160122/src/ten/path.c:141:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newtip->rtLog, tip->rtLog, 3*num*sizeof(double));
data/teem-1.12.0~20160122/src/ten/path.c:142:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newtip->qIn, tip->qIn, 4*num*sizeof(double));
data/teem-1.12.0~20160122/src/ten/path.c:143:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newtip->qBuff, tip->qBuff, 4*num*sizeof(double));
data/teem-1.12.0~20160122/src/ten/path.c:144:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newtip->qInter, tip->qInter, num*num*sizeof(double));
data/teem-1.12.0~20160122/src/ten/path.c:1062:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/ten/qseg.c:173:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( oldcentroid, centroid, 6 * sizeof( double ));
data/teem-1.12.0~20160122/src/ten/qseg.c:238:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( qpoints, grads, 3 * gradcount * sizeof( double ) );
data/teem-1.12.0~20160122/src/ten/ten.h:1160:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[AIR_STRLEN_SMALL]; /* name */
data/teem-1.12.0~20160122/src/ten/ten.h:1203:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/ten/ten.h:1210:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *(*sprint)(char str[AIR_STRLEN_MED], const double *parm);
data/teem-1.12.0~20160122/src/ten/ten.h:1210:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *(*sprint)(char str[AIR_STRLEN_MED], const double *parm);
data/teem-1.12.0~20160122/src/ten/tenDwiGage.c:1010:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(kind, &_tenDwiGageKindTmpl, sizeof(gageKind));
data/teem-1.12.0~20160122/src/ten/tenDwiGage.c:1014:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(kind->table, _tenDwiGageTable, sizeof(_tenDwiGageTable));
data/teem-1.12.0~20160122/src/ten/tenModel.c:358:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pstr[AIR_STRLEN_MED];
data/teem-1.12.0~20160122/src/ten/tenModel.c:429:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char doneStr[13];
data/teem-1.12.0~20160122/src/ten/tendAbout.c:32:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[AIR_STRLEN_LARGE], fmt[AIR_STRLEN_MED];
data/teem-1.12.0~20160122/src/ten/tendAbout.c:74:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmt, "%%%ds\n",
data/teem-1.12.0~20160122/src/ten/tendAbout.c:78:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmt, "%%%ds\n",
data/teem-1.12.0~20160122/src/ten/tendBfit.c:72:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/ten/tendBfit.c:79:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/ten/tendFlotsam.c:52:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
tendFiberStopParse(void *ptr, char *_str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/ten/tendFlotsam.c:52:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
tendFiberStopParse(void *ptr, char *_str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/ten/tendGlyph.c:47:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[AIR_STRLEN_HUGE];
data/teem-1.12.0~20160122/src/ten/tendGlyph.c:121:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *hackFN, hackoutFN[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/ten/tendGlyph.c:500:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cam, hackcams + hackci, sizeof(limnCamera));
data/teem-1.12.0~20160122/src/ten/tendGlyph.c:530:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hackoutFN, "%04d.png", hackci);
data/teem-1.12.0~20160122/src/ten/tendSatin.c:119:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/ten/tendSatin.c:184:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buff, "satin(%g,%g,%g)", parm, mina, maxa);
data/teem-1.12.0~20160122/src/ten/tensor.c:87:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/ten/tensor.c:201:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/ten/tensor.c:320:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/ten/tensor.c:568:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[7][AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/ten/tensor.c:680:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[2][AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/ten/test/csim.c:217:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[3][AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/ten/test/csim.c:281:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char doneStr[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/ten/test/tensorDotDat.c:38:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *outStr, logFilename[AIR_STRLEN_MED], gradFilename[AIR_STRLEN_MED],
data/teem-1.12.0~20160122/src/ten/test/tensorDotDat.c:164:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if (!E) strcpy(keyStr, "maxiter");
data/teem-1.12.0~20160122/src/ten/test/tensorDotDat.c:165:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if (!E) sprintf(valStr, "%d", tgparm->maxIteration);
data/teem-1.12.0~20160122/src/ten/test/tensorDotDat.c:167:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if (!E) strcpy(keyStr, "step");
data/teem-1.12.0~20160122/src/ten/test/tensorDotDat.c:168:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if (!E) sprintf(valStr, "%g", tgparm->initStep);
data/teem-1.12.0~20160122/src/ten/test/tensorDotDat.c:170:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if (!E) strcpy(keyStr, "dp");
data/teem-1.12.0~20160122/src/ten/test/tensorDotDat.c:171:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if (!E) sprintf(valStr, "%g", tgparm->minPotentialChange);
data/teem-1.12.0~20160122/src/ten/test/tensorDotDat.c:173:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if (!E) strcpy(keyStr, "minvelo");
data/teem-1.12.0~20160122/src/ten/test/tensorDotDat.c:174:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if (!E) sprintf(valStr, "%g", tgparm->minVelocity);
data/teem-1.12.0~20160122/src/ten/test/tensorDotDat.c:176:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if (!E) strcpy(keyStr, "minmean");
data/teem-1.12.0~20160122/src/ten/test/tensorDotDat.c:177:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if (!E) sprintf(valStr, "%g", tgparm->minMean);
data/teem-1.12.0~20160122/src/ten/triple.c:500:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/tijk/approxTijk.c:162:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(parm,&refine_rank1_parm_default,sizeof(tijk_refine_rank1_parm));
data/teem-1.12.0~20160122/src/tijk/approxTijk.c:286:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(parm,&refine_rankk_parm_default,sizeof(tijk_refine_rankk_parm));
data/teem-1.12.0~20160122/src/tijk/approxTijk.c:376:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(parm,&approx_heur_parm_default,sizeof(tijk_approx_heur_parm));
data/teem-1.12.0~20160122/src/tijk/approxTijk.c:416:22: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (res!=NULL) memcpy(res,ten,sizeof(TYPE)*type->num); \
data/teem-1.12.0~20160122/src/tijk/approxTijk.c:427:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(restmp, ten, sizeof(TYPE)*type->num); \
data/teem-1.12.0~20160122/src/tijk/approxTijk.c:446:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vs, vstmp, sizeof(TYPE)*DIM*currank); \
data/teem-1.12.0~20160122/src/tijk/approxTijk.c:447:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ls, lstmp, sizeof(TYPE)*currank); \
data/teem-1.12.0~20160122/src/tijk/approxTijk.c:449:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(res, restmp, sizeof(TYPE)*type->num); \
data/teem-1.12.0~20160122/src/tijk/approxTijk.c:504:22: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (res!=NULL) memcpy(res,ten,sizeof(TYPE)*type->num); \
data/teem-1.12.0~20160122/src/tijk/approxTijk.c:528:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(res, ten, sizeof(TYPE)*type->num); \
data/teem-1.12.0~20160122/src/tijk/enumsTijk.c:24:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *
data/teem-1.12.0~20160122/src/tijk/enumsTijk.c:32:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *
data/teem-1.12.0~20160122/src/unrrdu/aabplot.c:115:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *line, rbuff[128];
data/teem-1.12.0~20160122/src/unrrdu/aabplot.c:136:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(rbuff, "|<-- %g", vrange[0]);
data/teem-1.12.0~20160122/src/unrrdu/aabplot.c:137:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(line, rbuff, strlen(rbuff));
data/teem-1.12.0~20160122/src/unrrdu/aabplot.c:138:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(rbuff, "%g -->|", vrange[1]);
data/teem-1.12.0~20160122/src/unrrdu/aabplot.c:139:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(line + plen - strlen(rbuff), rbuff, strlen(rbuff));
data/teem-1.12.0~20160122/src/unrrdu/about.c:32:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[AIR_STRLEN_MED], fmt[AIR_STRLEN_MED];
data/teem-1.12.0~20160122/src/unrrdu/about.c:100:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buff, "--- unu: Utah Nrrd Utilities command-line interface ---");
data/teem-1.12.0~20160122/src/unrrdu/about.c:101:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmt, "%%%ds\n",
data/teem-1.12.0~20160122/src/unrrdu/about.c:105:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmt, "%%%ds\n",
data/teem-1.12.0~20160122/src/unrrdu/cksum.c:40:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL], ends[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/unrrdu/crop.c:111:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp1[AIR_STRLEN_SMALL], stmp2[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/unrrdu/dice.c:39:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *base, *err, fnout[AIR_STRLEN_MED], /* file name out */
data/teem-1.12.0~20160122/src/unrrdu/dice.c:84:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/unrrdu/dice.c:132:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fffname + strlen(fffname) - 4, "png");
data/teem-1.12.0~20160122/src/unrrdu/dice.c:136:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fffname + strlen(fffname) - 4, "pgm");
data/teem-1.12.0~20160122/src/unrrdu/dice.c:138:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fffname + strlen(fffname) - 4, "ppm");
data/teem-1.12.0~20160122/src/unrrdu/diff.c:46:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char explain[AIR_STRLEN_LARGE];
data/teem-1.12.0~20160122/src/unrrdu/fft.c:199:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fwise = fopen(wispath, "r");
data/teem-1.12.0~20160122/src/unrrdu/fft.c:222:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fwise = fopen(wispath, "w"))) {
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:133:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmt, "%%%us\n",
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:149:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buff, " ... ");
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:160:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vbuff[AIR_STRLEN_LARGE];
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:205:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[AIR_STRLEN_LARGE], fmt[AIR_STRLEN_LARGE];
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:213:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buff, "--- unu: Utah Nrrd Utilities command-line interface ---");
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:215:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmt, "%%%us\n", (hparm->columns > len
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:237:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buff, " ... ");
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:268:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[AIR_STRLEN_LARGE], fmt[AIR_STRLEN_LARGE];
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:282:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmt, "%%%us\n", (hparm->columns > len
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:294:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buff, " ... ");
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:329:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unrrduParsePos(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:329:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unrrduParsePos(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:409:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unrrduParseMaybeType(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:409:44: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unrrduParseMaybeType(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:451:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unrrduParseBits(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:451:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unrrduParseBits(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:498:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unrrduParseScale(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:498:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unrrduParseScale(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:588:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unrrduParseFile(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:588:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unrrduParseFile(void *ptr, char *str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:625:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unrrduParseEncoding(void *ptr, char *_str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:625:44: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unrrduParseEncoding(void *ptr, char *_str, char err[AIR_STRLEN_HUGE]) {
data/teem-1.12.0~20160122/src/unrrdu/lut2.c:95:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/unrrdu/make.c:72:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *out, *outData, *err,
data/teem-1.12.0~20160122/src/unrrdu/make.c:153:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(encInfo,
data/teem-1.12.0~20160122/src/unrrdu/make.c:160:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(encInfo,
data/teem-1.12.0~20160122/src/unrrdu/make.c:164:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(encInfo,
data/teem-1.12.0~20160122/src/unrrdu/resample.c:324:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/unrrdu/resample.c:437:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info->parm[ai], unuk->parm,
data/teem-1.12.0~20160122/src/unrrdu/save.c:42:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *out, *err, *outData,
data/teem-1.12.0~20160122/src/unrrdu/save.c:53:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fmtInfo,
data/teem-1.12.0~20160122/src/unrrdu/save.c:60:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fmtInfo,
data/teem-1.12.0~20160122/src/unrrdu/save.c:63:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fmtInfo,
data/teem-1.12.0~20160122/src/unrrdu/save.c:67:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(encInfo,
data/teem-1.12.0~20160122/src/unrrdu/save.c:74:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(encInfo,
data/teem-1.12.0~20160122/src/unrrdu/save.c:78:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(encInfo,
data/teem-1.12.0~20160122/src/unrrdu/save.c:82:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(encInfo,
data/teem-1.12.0~20160122/src/unrrdu/shuffle.c:82:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/unrrdu/slice.c:83:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/src/unrrdu/slice.c:85:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(stmp, "[%d]", axi);
data/teem-1.12.0~20160122/src/unrrdu/sselect.c:44:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *outS[2];
data/teem-1.12.0~20160122/src/unrrdu/vidicon.c:42:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *out, *err, *stpfx, stname[AIR_STRLEN_SMALL];
data/teem-1.12.0~20160122/Testing/air/string.c:80:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(STR_A) != airStrlen(STR_A)) {
data/teem-1.12.0~20160122/Testing/air/string.c:82:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
AIR_CAST(unsigned int, strlen(STR_A)),
data/teem-1.12.0~20160122/Testing/air/string.c:96:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aaSize = strlen(aa)+1;
data/teem-1.12.0~20160122/Testing/air/string.c:100:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
abSize = strlen(STR_A) + strlen(" ") + strlen(STR_B) + 1;
data/teem-1.12.0~20160122/Testing/air/string.c:100:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
abSize = strlen(STR_A) + strlen(" ") + strlen(STR_B) + 1;
data/teem-1.12.0~20160122/Testing/air/string.c:100:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
abSize = strlen(STR_A) + strlen(" ") + strlen(STR_B) + 1;
data/teem-1.12.0~20160122/Testing/air/strtok.c:74:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(line, "");
data/teem-1.12.0~20160122/Testing/air/strtok.c:84:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/teem-1.12.0~20160122/src/air/dio.c:162:11: [1] (free) memalign:
On some systems (though not Linux-based systems) an attempt to free()
results from memalign() may fail. This may, on a few systems, be
exploitable. Also note that memalign() may not check that the boundary
parameter is correct (CWE-676). Use posix_memalign instead (defined in
POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD
4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases,
malloc()'s alignment may be sufficient.
tmp = memalign(dioinfo.d_mem, dioinfo.d_miniosz);
data/teem-1.12.0~20160122/src/air/dio.c:242:10: [1] (free) memalign:
On some systems (though not Linux-based systems) an attempt to free()
results from memalign() may fail. This may, on a few systems, be
exploitable. Also note that memalign() may not check that the boundary
parameter is correct (CWE-676). Use posix_memalign instead (defined in
POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD
4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases,
malloc()'s alignment may be sufficient.
return memalign(align, size);
data/teem-1.12.0~20160122/src/air/dio.c:284:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
red = read(fd, ptr, part);
data/teem-1.12.0~20160122/src/air/enum.c:119:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (ii=0; strlen(enm->strEqv[ii]); ii++) {
data/teem-1.12.0~20160122/src/air/enum.c:406:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (ii=0; (slen = strlen(enm->strEqv[ii])); ii++) {
data/teem-1.12.0~20160122/src/air/enum.c:442:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (ii=0; strlen(enm->strEqv[ii]); ii++) {
data/teem-1.12.0~20160122/src/air/enum.c:443:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (jj=ii+1; strlen(enm->strEqv[jj]); jj++) {
data/teem-1.12.0~20160122/src/air/miscAir.c:337:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(dst, "[");
data/teem-1.12.0~20160122/src/air/miscAir.c:340:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(dst, ",");
data/teem-1.12.0~20160122/src/air/miscAir.c:345:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(dst, "]");
data/teem-1.12.0~20160122/src/air/string.c:44:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = (char *)malloc(strlen(s)+1);
data/teem-1.12.0~20160122/src/air/string.c:65:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = strlen(s);
data/teem-1.12.0~20160122/src/air/string.c:174:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(s);
data/teem-1.12.0~20160122/src/air/string.c:232:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(strlen(s) >= strlen(suff)))
data/teem-1.12.0~20160122/src/air/string.c:232:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(strlen(s) >= strlen(suff)))
data/teem-1.12.0~20160122/src/air/string.c:234:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(s + strlen(s) - strlen(suff), suff, strlen(suff)))
data/teem-1.12.0~20160122/src/air/string.c:234:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(s + strlen(s) - strlen(suff), suff, strlen(suff)))
data/teem-1.12.0~20160122/src/air/string.c:234:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(s + strlen(s) - strlen(suff), suff, strlen(suff)))
data/teem-1.12.0~20160122/src/air/string.c:407:23: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
&& EOF != (cc=getc(file)) /* didn't hit EOF trying to read char */
data/teem-1.12.0~20160122/src/air/string.c:422:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cc = getc(file);
data/teem-1.12.0~20160122/src/air/string.c:432:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cc = getc(file);
data/teem-1.12.0~20160122/src/air/string.c:436:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
dd = getc(file);
data/teem-1.12.0~20160122/src/air/test/tarr.c:98:11: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
datum = fgetc(file);
data/teem-1.12.0~20160122/src/air/test/tarr.c:111:13: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
datum = fgetc(file);
data/teem-1.12.0~20160122/src/bane/gkmsFlotsam.c:148:7: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(err, nerr, AIR_STRLEN_HUGE-1-strlen(mesg)-1);
data/teem-1.12.0~20160122/src/bane/gkmsFlotsam.c:148:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(err, nerr, AIR_STRLEN_HUGE-1-strlen(mesg)-1);
data/teem-1.12.0~20160122/src/bane/gkmsFlotsam.c:244:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxlen = AIR_MAX(maxlen, AIR_UINT(strlen(baneGkmsCmdList[ci]->name)));
data/teem-1.12.0~20160122/src/bane/gkmsFlotsam.c:249:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)((hparm->columns-strlen(buff))/2 + strlen(buff) - 1));
data/teem-1.12.0~20160122/src/bane/gkmsFlotsam.c:249:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)((hparm->columns-strlen(buff))/2 + strlen(buff) - 1));
data/teem-1.12.0~20160122/src/bane/gkmsFlotsam.c:253:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = AIR_UINT(strlen(baneGkmsCmdList[ci]->name));
data/teem-1.12.0~20160122/src/bane/gkmsFlotsam.c:254:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(buff, "");
data/teem-1.12.0~20160122/src/bane/gkmsFlotsam.c:256:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buff, " ");
data/teem-1.12.0~20160122/src/bane/gkmsFlotsam.c:258:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buff, " ");
data/teem-1.12.0~20160122/src/bane/gkmsFlotsam.c:261:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = AIR_UINT(strlen(buff));
data/teem-1.12.0~20160122/src/biff/biffbiff.c:280:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
errlen = strlen(err)+strlen(key)+1;
data/teem-1.12.0~20160122/src/biff/biffbiff.c:280:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
errlen = strlen(err)+strlen(key)+1;
data/teem-1.12.0~20160122/src/biff/biffmsg.c:157:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = AIR_UINT(strlen(msg->err[ii]) + strlen(msg->key) + strlen("[] \n"));
data/teem-1.12.0~20160122/src/biff/biffmsg.c:157:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = AIR_UINT(strlen(msg->err[ii]) + strlen(msg->key) + strlen("[] \n"));
data/teem-1.12.0~20160122/src/biff/biffmsg.c:157:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = AIR_UINT(strlen(msg->err[ii]) + strlen(msg->key) + strlen("[] \n"));
data/teem-1.12.0~20160122/src/biff/biffmsg.c:263:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += AIR_UINT(strlen(msg->key)
data/teem-1.12.0~20160122/src/biff/biffmsg.c:264:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(msg->err[ii]) + strlen("[] \n"));
data/teem-1.12.0~20160122/src/biff/biffmsg.c:264:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(msg->err[ii]) + strlen("[] \n"));
data/teem-1.12.0~20160122/src/biff/biffmsg.c:309:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(ret, "");
data/teem-1.12.0~20160122/src/bin/gkms.c:86:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
argv0 = AIR_CAST(char*, malloc(strlen(GKMS) + strlen(argv[1]) + 2));
data/teem-1.12.0~20160122/src/bin/gkms.c:86:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
argv0 = AIR_CAST(char*, malloc(strlen(GKMS) + strlen(argv[1]) + 2));
data/teem-1.12.0~20160122/src/bin/mrender.c:442:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(line);
data/teem-1.12.0~20160122/src/bin/mrender.c:446:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = AIR_CALLOC(strlen(prefix) + len + 1, char);
data/teem-1.12.0~20160122/src/bin/puller.c:1098:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(Deft::homeDir, "/");
data/teem-1.12.0~20160122/src/bin/talkweb.c:112:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
all[lineIdx] = (char *)calloc(strlen(line) + strlen("\n") + 1,
data/teem-1.12.0~20160122/src/bin/talkweb.c:112:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
all[lineIdx] = (char *)calloc(strlen(line) + strlen("\n") + 1,
data/teem-1.12.0~20160122/src/bin/talkweb.c:115:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
totalLen += strlen(line) + 1;
data/teem-1.12.0~20160122/src/bin/talkweb.c:123:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(*strP, "");
data/teem-1.12.0~20160122/src/bin/talkweb.c:244:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (strlen("<img width=xxxx height=xxxx src=\"\">")
data/teem-1.12.0~20160122/src/bin/talkweb.c:245:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(slide[si]->image) + 1);
data/teem-1.12.0~20160122/src/bin/talkweb.c:285:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = (char*)calloc(strlen(*sP) - strlen(f) + strlen(r) + 1, sizeof(char));
data/teem-1.12.0~20160122/src/bin/talkweb.c:285:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = (char*)calloc(strlen(*sP) - strlen(f) + strlen(r) + 1, sizeof(char));
data/teem-1.12.0~20160122/src/bin/talkweb.c:285:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = (char*)calloc(strlen(*sP) - strlen(f) + strlen(r) + 1, sizeof(char));
data/teem-1.12.0~20160122/src/bin/talkweb.c:286:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(n, *sP, p - *sP);
data/teem-1.12.0~20160122/src/bin/talkweb.c:287:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(n + (p - *sP), r, strlen(r));
data/teem-1.12.0~20160122/src/bin/talkweb.c:287:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(n + (p - *sP), r, strlen(r));
data/teem-1.12.0~20160122/src/bin/talkweb.c:288:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(n + (p - *sP) + strlen(r), p + strlen(f));
data/teem-1.12.0~20160122/src/bin/talkweb.c:288:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(n + (p - *sP) + strlen(r), p + strlen(f));
data/teem-1.12.0~20160122/src/bin/talkweb.c:315:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
replLen += strlen("<ol>\n");
data/teem-1.12.0~20160122/src/bin/talkweb.c:317:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
replLen += (strlen("<li> <a href=\"slideXXX.html\"></a>\n")
data/teem-1.12.0~20160122/src/bin/talkweb.c:318:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(slide[si]->title));
data/teem-1.12.0~20160122/src/bin/talkweb.c:320:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
replLen += strlen("</ol>\n");
data/teem-1.12.0~20160122/src/bin/talkweb.c:499:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tag[ti] = (char *)calloc(strlen(pretag[ti]) + strlen("<!---->") + 1,
data/teem-1.12.0~20160122/src/bin/talkweb.c:499:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tag[ti] = (char *)calloc(strlen(pretag[ti]) + strlen("<!---->") + 1,
data/teem-1.12.0~20160122/src/bin/tend.c:84:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
argv0 = (char *)calloc(strlen(TEND) + strlen(argv[1]) + 2, sizeof(char));
data/teem-1.12.0~20160122/src/bin/tend.c:84:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
argv0 = (char *)calloc(strlen(TEND) + strlen(argv[1]) + 2, sizeof(char));
data/teem-1.12.0~20160122/src/bin/unu.c:110:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
argv0 = AIR_CALLOC(strlen(UNU) + strlen(argv[1]) + 2, char);
data/teem-1.12.0~20160122/src/bin/unu.c:110:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
argv0 = AIR_CALLOC(strlen(UNU) + strlen(argv[1]) + 2, char);
data/teem-1.12.0~20160122/src/echo/test/glyph.c:207:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(nerr) > AIR_STRLEN_HUGE - 1)
data/teem-1.12.0~20160122/src/echo/test/glyph.c:218:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(nerr) > AIR_STRLEN_HUGE - 1)
data/teem-1.12.0~20160122/src/gage/ctx.c:75:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(ctx->errStr, "");
data/teem-1.12.0~20160122/src/gage/stackBlur.c:142:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(nameA) + strlen(nameB) > warnLen) {
data/teem-1.12.0~20160122/src/gage/stackBlur.c:142:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(nameA) + strlen(nameB) > warnLen) {
data/teem-1.12.0~20160122/src/gage/stackBlur.c:144:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
airSprintSize_t(stmp[0], strlen(nameA)),
data/teem-1.12.0~20160122/src/gage/stackBlur.c:145:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
airSprintSize_t(stmp[1], strlen(nameB)));
data/teem-1.12.0~20160122/src/gage/stackBlur.c:682:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pval = stok + strlen(xeq);
data/teem-1.12.0~20160122/src/gage/stackBlur.c:691:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pval = stok + strlen(xeq);
data/teem-1.12.0~20160122/src/gage/stackBlur.c:700:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pval = stok + strlen(xeq);
data/teem-1.12.0~20160122/src/gage/stackBlur.c:707:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pval = stok + strlen(xeq);
data/teem-1.12.0~20160122/src/gage/stackBlur.c:716:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pval = stok + strlen(xeq);
data/teem-1.12.0~20160122/src/gage/stackBlur.c:726:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
airArrayLenIncr(epsArr, AIR_CAST(int, 2 + strlen(stok)));
data/teem-1.12.0~20160122/src/gage/stackBlur.c:727:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(eps)) {
data/teem-1.12.0~20160122/src/gage/stackBlur.c:728:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(eps, "/");
data/teem-1.12.0~20160122/src/gage/stackBlur.c:822:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
out += strlen(out);
data/teem-1.12.0~20160122/src/gage/stackBlur.c:834:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(out, "-");
data/teem-1.12.0~20160122/src/gage/stackBlur.c:835:33: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if (sbp->oneDim) { strcat(out, "1"); }
data/teem-1.12.0~20160122/src/gage/stackBlur.c:836:33: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if (sbp->renormalize) { strcat(out, "r"); }
data/teem-1.12.0~20160122/src/gage/stackBlur.c:837:33: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if (sbp->needSpatialBlur) { strcat(out, "p"); }
data/teem-1.12.0~20160122/src/gage/stackBlur.c:849:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(out, "/");
data/teem-1.12.0~20160122/src/gage/stackBlur.c:858:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(out, "/");
data/teem-1.12.0~20160122/src/gage/stackBlur.c:884:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(out, "/");
data/teem-1.12.0~20160122/src/gage/stackBlur.c:901:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(str)) {
data/teem-1.12.0~20160122/src/gage/stackBlur.c:1625:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fname = AIR_CALLOC(strlen(format) + AIR_STRLEN_SMALL, char);
data/teem-1.12.0~20160122/src/hest/methodsHest.c:406:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += AIR_UINT(strlen(argv[base+pidx]));
data/teem-1.12.0~20160122/src/hest/methodsHest.c:413:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(ret, "");
data/teem-1.12.0~20160122/src/hest/methodsHest.c:421:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(ret, "\"");
data/teem-1.12.0~20160122/src/hest/methodsHest.c:427:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(ret, "\"");
data/teem-1.12.0~20160122/src/hest/methodsHest.c:430:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(ret, " ");
data/teem-1.12.0~20160122/src/hest/parseHest.c:264:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!( strlen(tbuff) && strlen(sep+1) )) {
data/teem-1.12.0~20160122/src/hest/parseHest.c:264:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!( strlen(tbuff) && strlen(sep+1) )) {
data/teem-1.12.0~20160122/src/hest/parseHest.c:274:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(opt[op].flag)) {
data/teem-1.12.0~20160122/src/hest/parseHest.c:292:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(opt[op].dflt)) {
data/teem-1.12.0~20160122/src/hest/parseHest.c:777:11: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(cberr, "");
data/teem-1.12.0~20160122/src/hest/parseHest.c:780:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(cberr)) {
data/teem-1.12.0~20160122/src/hest/parseHest.c:839:13: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(cberr, "");
data/teem-1.12.0~20160122/src/hest/parseHest.c:842:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(cberr))
data/teem-1.12.0~20160122/src/hest/parseHest.c:915:11: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(cberr, "");
data/teem-1.12.0~20160122/src/hest/parseHest.c:918:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(cberr))
data/teem-1.12.0~20160122/src/hest/parseHest.c:1016:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(cberr))
data/teem-1.12.0~20160122/src/hest/parseHest.c:1232:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end_index = strlen(param)-1;
data/teem-1.12.0~20160122/src/hest/parseHest.c:1238:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(param_copy,¶m[start_index],end_index-start_index+1);
data/teem-1.12.0~20160122/src/hest/test/strings.c:58:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
_hestPrintStr(stdout, 10, strlen("This was found on my desk: "),
data/teem-1.12.0~20160122/src/hest/test/strings.c:62:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
_hestPrintStr(stdout, 10, strlen("This was found on my desk: "),
data/teem-1.12.0~20160122/src/hest/test/strings.c:66:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
_hestPrintStr(stdout, 10, strlen("This was found on my desk: "),
data/teem-1.12.0~20160122/src/hest/test/strings.c:70:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
_hestPrintStr(stdout, 10, strlen("This was found on my desk: "),
data/teem-1.12.0~20160122/src/hest/test/strings.c:74:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
_hestPrintStr(stdout, 10, strlen("This was found on my desk: "),
data/teem-1.12.0~20160122/src/hest/usage.c:42:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(B, "-");
data/teem-1.12.0~20160122/src/hest/usage.c:47:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = AIR_UINT(strlen(B));
data/teem-1.12.0~20160122/src/hest/usage.c:55:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(B, "-");
data/teem-1.12.0~20160122/src/hest/usage.c:59:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(B, "\t");
data/teem-1.12.0~20160122/src/hest/usage.c:63:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(B, "[");
data/teem-1.12.0~20160122/src/hest/usage.c:66:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(B, "<");
data/teem-1.12.0~20160122/src/hest/usage.c:71:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(B, ">");
data/teem-1.12.0~20160122/src/hest/usage.c:74:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(B, "]");
data/teem-1.12.0~20160122/src/hest/usage.c:109:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (pos + 1 + AIR_UINT(strlen(ws)) <= width - !!bslash) {
data/teem-1.12.0~20160122/src/hest/usage.c:113:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += 1 + AIR_UINT(strlen(ws));
data/teem-1.12.0~20160122/src/hest/usage.c:125:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos = indent + AIR_UINT(strlen(ws));
data/teem-1.12.0~20160122/src/hest/usage.c:128:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ('\n' == ws[strlen(ws)-1]) {
data/teem-1.12.0~20160122/src/hest/usage.c:218:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
_hestPrintStr(file, 0, AIR_UINT(strlen(argv0)) + 2,
data/teem-1.12.0~20160122/src/hest/usage.c:255:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buff, " ");
data/teem-1.12.0~20160122/src/hest/usage.c:257:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buff, "[");
data/teem-1.12.0~20160122/src/hest/usage.c:260:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buff, "]");
data/teem-1.12.0~20160122/src/hest/usage.c:263:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
_hestPrintStr(f, AIR_UINT(strlen("Usage: ")), 0,
data/teem-1.12.0~20160122/src/hest/usage.c:294:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(buff, "");
data/teem-1.12.0~20160122/src/hest/usage.c:296:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxlen = AIR_MAX((int)strlen(buff), maxlen);
data/teem-1.12.0~20160122/src/hest/usage.c:300:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = AIR_UINT(strlen(buff));
data/teem-1.12.0~20160122/src/hest/usage.c:309:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(buff, "");
data/teem-1.12.0~20160122/src/hest/usage.c:312:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = AIR_UINT(strlen(buff));
data/teem-1.12.0~20160122/src/hest/usage.c:317:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(buff, "");
data/teem-1.12.0~20160122/src/hest/usage.c:348:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buff, " ");
data/teem-1.12.0~20160122/src/hest/usage.c:350:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buff, "(");
data/teem-1.12.0~20160122/src/hest/usage.c:383:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buff, ")");
data/teem-1.12.0~20160122/src/hest/usage.c:422:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buff, "\"");
data/teem-1.12.0~20160122/src/hest/usage.c:424:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buff, "\"");
data/teem-1.12.0~20160122/src/hex/dehex.c:120:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for (car=fgetc(fin); EOF != car; car=fgetc(fin)) {
data/teem-1.12.0~20160122/src/hex/dehex.c:120:40: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for (car=fgetc(fin); EOF != car; car=fgetc(fin)) {
data/teem-1.12.0~20160122/src/hex/enhex.c:111:9: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
car = fgetc(fin);
data/teem-1.12.0~20160122/src/hex/enhex.c:119:11: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
car = fgetc(fin);
data/teem-1.12.0~20160122/src/limn/io.c:489:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(infoS, "");
data/teem-1.12.0~20160122/src/limn/io.c:494:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(infoS, "\n");
data/teem-1.12.0~20160122/src/limn/io.c:615:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(line, DEMARK_STR NUM_STR, strlen(DEMARK_STR NUM_STR))) {
data/teem-1.12.0~20160122/src/limn/io.c:620:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = line + strlen(DEMARK_STR NUM_STR);
data/teem-1.12.0~20160122/src/limn/io.c:633:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(line, DEMARK_STR INFO_STR, strlen(DEMARK_STR INFO_STR))) {
data/teem-1.12.0~20160122/src/limn/io.c:638:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = line + strlen(DEMARK_STR INFO_STR);
data/teem-1.12.0~20160122/src/limn/io.c:760:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
tmpChar = getc(file);
data/teem-1.12.0~20160122/src/limn/io.c:806:19: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
tmpChar = getc(file);
data/teem-1.12.0~20160122/src/limn/io.c:819:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(line, DEMARK_STR INFO_STR, strlen(DEMARK_STR INFO_STR))) {
data/teem-1.12.0~20160122/src/limn/io.c:824:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = line + strlen(DEMARK_STR INFO_STR) + strlen(" ");
data/teem-1.12.0~20160122/src/limn/io.c:824:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = line + strlen(DEMARK_STR INFO_STR) + strlen(" ");
data/teem-1.12.0~20160122/src/limn/io.c:901:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(str)) {
data/teem-1.12.0~20160122/src/limn/io.c:951:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(str)) {
data/teem-1.12.0~20160122/src/limn/io.c:968:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(err, nerr, AIR_STRLEN_HUGE-1);
data/teem-1.12.0~20160122/src/limn/lpuFlotsam.c:51:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxlen = AIR_MAX(maxlen, (int)strlen(limnpuCmdList[i]->name));
data/teem-1.12.0~20160122/src/limn/lpuFlotsam.c:56:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)((hparm->columns-strlen(buff))/2 + strlen(buff) - 1));
data/teem-1.12.0~20160122/src/limn/lpuFlotsam.c:56:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)((hparm->columns-strlen(buff))/2 + strlen(buff) - 1));
data/teem-1.12.0~20160122/src/limn/lpuFlotsam.c:60:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(limnpuCmdList[i]->name);
data/teem-1.12.0~20160122/src/limn/lpuFlotsam.c:61:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(buff, "");
data/teem-1.12.0~20160122/src/limn/lpuFlotsam.c:63:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buff, " ");
data/teem-1.12.0~20160122/src/limn/lpuFlotsam.c:65:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buff, " ");
data/teem-1.12.0~20160122/src/limn/lpuFlotsam.c:68:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buff);
data/teem-1.12.0~20160122/src/limn/lpu_about.c:44:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)((hparm->columns-strlen(buff))/2 + strlen(buff) - 1));
data/teem-1.12.0~20160122/src/limn/lpu_about.c:44:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)((hparm->columns-strlen(buff))/2 + strlen(buff) - 1));
data/teem-1.12.0~20160122/src/limn/lpu_about.c:48:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)((hparm->columns-strlen(buff))/2 + strlen(buff) - 1));
data/teem-1.12.0~20160122/src/limn/lpu_about.c:48:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)((hparm->columns-strlen(buff))/2 + strlen(buff) - 1));
data/teem-1.12.0~20160122/src/limn/splineMisc.c:375:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(err, err2, AIR_STRLEN_HUGE-1-strlen(err));
data/teem-1.12.0~20160122/src/limn/splineMisc.c:375:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(err, err2, AIR_STRLEN_HUGE-1-strlen(err));
data/teem-1.12.0~20160122/src/limn/splineMisc.c:419:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(err, err2, AIR_STRLEN_HUGE-1-strlen(err));
data/teem-1.12.0~20160122/src/limn/splineMisc.c:419:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(err, err2, AIR_STRLEN_HUGE-1-strlen(err));
data/teem-1.12.0~20160122/src/limn/test/lpu.c:93:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
argv0 = (char *)calloc(strlen(LPU) + strlen(argv[1]) + 2, sizeof(char));
data/teem-1.12.0~20160122/src/limn/test/lpu.c:93:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
argv0 = (char *)calloc(strlen(LPU) + strlen(argv[1]) + 2, sizeof(char));
data/teem-1.12.0~20160122/src/limn/test/plot.c:165:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(pparm->axisHorzLabel) || strlen(pparm->axisVertLabel)) {
data/teem-1.12.0~20160122/src/limn/test/plot.c:165:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(pparm->axisHorzLabel) || strlen(pparm->axisVertLabel)) {
data/teem-1.12.0~20160122/src/limn/test/plot.c:167:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(pparm->axisHorzLabel)) {
data/teem-1.12.0~20160122/src/limn/test/plot.c:171:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(pparm->axisVertLabel)) {
data/teem-1.12.0~20160122/src/meet/meetPull.c:160:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(sbps, "");
data/teem-1.12.0~20160122/src/meet/meetPull.c:163:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(sbps, ":");
data/teem-1.12.0~20160122/src/meet/meetPull.c:191:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (1 != sscanf(ptok + strlen(dnbiase), "%lg",
data/teem-1.12.0~20160122/src/meet/meetPull.c:194:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
me, ptok + strlen(dnbiase), ptok);
data/teem-1.12.0~20160122/src/meet/meetPull.c:712:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(PROP_PREFIX, tok, strlen(PROP_PREFIX))) {
data/teem-1.12.0~20160122/src/meet/meetPull.c:716:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tok += strlen(PROP_PREFIX);
data/teem-1.12.0~20160122/src/mite/ray.c:326:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen += strlen(mtt->stage[stageIdx].label) + 2;
data/teem-1.12.0~20160122/src/mite/ray.c:328:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen += strlen("R,G,B,A,Z") + 1;
data/teem-1.12.0~20160122/src/mite/shade.c:94:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
qstr = buff + strlen("phong:");
data/teem-1.12.0~20160122/src/mite/shade.c:107:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
qstr = buff + strlen("litten:");
data/teem-1.12.0~20160122/src/mite/txf.c:112:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (0 == strlen(label)) {
data/teem-1.12.0~20160122/src/mite/txf.c:134:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
kqstr = buff + strlen("gage(");
data/teem-1.12.0~20160122/src/mite/txf.c:178:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
qstr = buff + strlen("mite(");
data/teem-1.12.0~20160122/src/mite/txf.c:209:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(buff, "");
data/teem-1.12.0~20160122/src/nrrd/accessors.c:551:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(explain, "");
data/teem-1.12.0~20160122/src/nrrd/axis.c:961:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(explain, "");
data/teem-1.12.0~20160122/src/nrrd/axis.c:1023:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(explain) + airStrlen(axisA->label)
data/teem-1.12.0~20160122/src/nrrd/axis.c:1025:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ 2*strlen(" \"\" ") + 1 < AIR_STRLEN_LARGE) {
data/teem-1.12.0~20160122/src/nrrd/comment.c:49:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(_str)) {
data/teem-1.12.0~20160122/src/nrrd/defaultsNrrd.c:169:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(env)) {
data/teem-1.12.0~20160122/src/nrrd/encodingAscii.c:140:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bufflen = strlen(buff);
data/teem-1.12.0~20160122/src/nrrd/encodingBzip2.c:47:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int read, bzerror=BZ_OK;
data/teem-1.12.0~20160122/src/nrrd/encodingBzip2.c:69:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read != 1 || bzerror != BZ_OK) {
data/teem-1.12.0~20160122/src/nrrd/encodingBzip2.c:97:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
data += read;
data/teem-1.12.0~20160122/src/nrrd/encodingBzip2.c:98:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
total_read += read;
data/teem-1.12.0~20160122/src/nrrd/encodingHex.c:81:11: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
car = fgetc(file);
data/teem-1.12.0~20160122/src/nrrd/encodingRaw.c:103:11: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
car = fgetc(file);
data/teem-1.12.0~20160122/src/nrrd/encodingZRL.c:48:10: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cc = fgetc(file);
data/teem-1.12.0~20160122/src/nrrd/encodingZRL.c:50:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
dd = fgetc(file);
data/teem-1.12.0~20160122/src/nrrd/encodingZRL.c:52:14: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
dd = fgetc(file);
data/teem-1.12.0~20160122/src/nrrd/encodingZRL.c:53:19: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
j += dd + fgetc(file)*256;
data/teem-1.12.0~20160122/src/nrrd/formatNRRD.c:216:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxl = 10 + strlen(nio->dataFNFormat);
data/teem-1.12.0~20160122/src/nrrd/formatNRRD.c:220:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxl = AIR_MAX(maxl, strlen(nio->dataFN[fi]));
data/teem-1.12.0~20160122/src/nrrd/formatNRRD.c:227:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fname = (char*)malloc(airStrlen(nio->path) + strlen("/") + maxl + 1);
data/teem-1.12.0~20160122/src/nrrd/formatNRRD.c:251:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(fname, "/");
data/teem-1.12.0~20160122/src/nrrd/formatNRRD.c:252:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(fname + strlen(nio->path) + strlen("/"), nio->dataFNFormat, ii);
data/teem-1.12.0~20160122/src/nrrd/formatNRRD.c:252:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(fname + strlen(nio->path) + strlen("/"), nio->dataFNFormat, ii);
data/teem-1.12.0~20160122/src/nrrd/formatNRRD.c:562:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (nio->encoding->read(dataFile, data, valsPerPiece, nrrd, nio)) {
data/teem-1.12.0~20160122/src/nrrd/formatNRRD.c:662:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = (char*)malloc(strlen(nio->base)
data/teem-1.12.0~20160122/src/nrrd/formatNRRD.c:663:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(".")
data/teem-1.12.0~20160122/src/nrrd/formatNRRD.c:664:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(nio->encoding->suffix) + 1);
data/teem-1.12.0~20160122/src/nrrd/formatNRRD.c:686:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nio->headerStrlen = AIR_CAST(unsigned int, strlen(MAGIC) + strlen("0000")) + 1;
data/teem-1.12.0~20160122/src/nrrd/formatNRRD.c:686:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nio->headerStrlen = AIR_CAST(unsigned int, strlen(MAGIC) + strlen("0000")) + 1;
data/teem-1.12.0~20160122/src/nrrd/formatNRRD.c:714:11: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(nio->headerStringWrite, "\n");
data/teem-1.12.0~20160122/src/nrrd/formatNRRD.c:721:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nio->headerStrlen += AIR_CAST(unsigned int, strlen(strptr));
data/teem-1.12.0~20160122/src/nrrd/formatNRRD.c:722:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nio->headerStrlen += AIR_CAST(unsigned int, strlen("\n"));
data/teem-1.12.0~20160122/src/nrrd/formatNRRD.c:737:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strptr = (char*)malloc(1 + strlen(" ")
data/teem-1.12.0~20160122/src/nrrd/formatNRRD.c:738:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(strtmp) + strlen("\n") + 1);
data/teem-1.12.0~20160122/src/nrrd/formatNRRD.c:738:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(strtmp) + strlen("\n") + 1);
data/teem-1.12.0~20160122/src/nrrd/formatNRRD.c:744:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nio->headerStrlen += (1 + AIR_CAST(unsigned int, strlen(" ")
data/teem-1.12.0~20160122/src/nrrd/formatNRRD.c:745:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(strtmp)
data/teem-1.12.0~20160122/src/nrrd/formatNRRD.c:746:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen("\n")) + 1);
data/teem-1.12.0~20160122/src/nrrd/formatNRRD.c:766:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nio->headerStrlen += AIR_CAST(unsigned int, strlen(strptr));
data/teem-1.12.0~20160122/src/nrrd/formatPNG.c:142:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
png_size_t read;
data/teem-1.12.0~20160122/src/nrrd/formatPNG.c:144:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read != len) png_error(png, "file read error");
data/teem-1.12.0~20160122/src/nrrd/formatPNG.c:542:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(txt[txtidx].text, "\n");
data/teem-1.12.0~20160122/src/nrrd/formatPNM.c:171:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(nio->line, NRRD_PNM_COMMENT, strlen(NRRD_PNM_COMMENT))) {
data/teem-1.12.0~20160122/src/nrrd/formatPNM.c:177:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nio->pos = AIR_CAST(int, strlen(NRRD_PNM_COMMENT));
data/teem-1.12.0~20160122/src/nrrd/formatPNM.c:237:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=0; (i<=strlen(nio->line)-1
data/teem-1.12.0~20160122/src/nrrd/formatPNM.c:240:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (i != strlen(nio->line)) {
data/teem-1.12.0~20160122/src/nrrd/formatPNM.c:276:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (nio->encoding->read(file, nrrd->data, nrrdElementNumber(nrrd),
data/teem-1.12.0~20160122/src/nrrd/formatText.c:94:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
llen = AIR_CAST(unsigned int, strlen(nio->line));
data/teem-1.12.0~20160122/src/nrrd/formatVTK.c:225:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp("SCALARS", three[0], strlen("SCALARS"))) {
data/teem-1.12.0~20160122/src/nrrd/formatVTK.c:239:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (!strncmp("VECTORS", three[0], strlen("VECTORS"))) {
data/teem-1.12.0~20160122/src/nrrd/formatVTK.c:249:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (!strncmp("TENSORS", three[0], strlen("TENSORS"))) {
data/teem-1.12.0~20160122/src/nrrd/formatVTK.c:271:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (nio->encoding->read(file, nrrd->data, nrrdElementNumber(nrrd),
data/teem-1.12.0~20160122/src/nrrd/histogram.c:398:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nout->axis[hax].label = AIR_CALLOC(strlen("histax()")
data/teem-1.12.0~20160122/src/nrrd/histogram.c:399:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(nin->axis[hax].label)
data/teem-1.12.0~20160122/src/nrrd/histogram.c:570:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
totalContentStrlen += strlen(nin[ai]->content);
data/teem-1.12.0~20160122/src/nrrd/histogram.c:571:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nout->axis[ai].label = AIR_CALLOC(strlen("histo(,)")
data/teem-1.12.0~20160122/src/nrrd/histogram.c:572:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(nin[ai]->content)
data/teem-1.12.0~20160122/src/nrrd/histogram.c:635:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nout->content = AIR_CALLOC(strlen(func) + strlen("()")
data/teem-1.12.0~20160122/src/nrrd/histogram.c:635:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nout->content = AIR_CALLOC(strlen(func) + strlen("()")
data/teem-1.12.0~20160122/src/nrrd/histogram.c:636:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ numNin*strlen(",")
data/teem-1.12.0~20160122/src/nrrd/histogram.c:643:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(nout->content);
data/teem-1.12.0~20160122/src/nrrd/histogram.c:646:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(nout->content);
data/teem-1.12.0~20160122/src/nrrd/kernel.c:2997:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(kstr, "");
data/teem-1.12.0~20160122/src/nrrd/kernel.c:3172:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ksp->kernel->name) > warnLen) {
data/teem-1.12.0~20160122/src/nrrd/kernel.c:3174:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
airSprintSize_t(stmp, strlen(ksp->kernel->name)));
data/teem-1.12.0~20160122/src/nrrd/kernel.c:3187:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!( 13 == strlen(ksp->kernel->name)
data/teem-1.12.0~20160122/src/nrrd/kernel.c:3210:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str) + strlen(stmp) > warnLen) {
data/teem-1.12.0~20160122/src/nrrd/kernel.c:3210:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str) + strlen(stmp) > warnLen) {
data/teem-1.12.0~20160122/src/nrrd/keyvalue.c:165:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(key)) {
data/teem-1.12.0~20160122/src/nrrd/keyvalue.c:234:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gslen = strlen(str);
data/teem-1.12.0~20160122/src/nrrd/keyvalue.c:270:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dsln = strlen(dst);
data/teem-1.12.0~20160122/src/nrrd/keyvalue.c:295:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(":=") + 2*airStrlen(value)
data/teem-1.12.0~20160122/src/nrrd/keyvalue.c:296:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen("\n") + 1, char);
data/teem-1.12.0~20160122/src/nrrd/keyvalue.c:315:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(*stringP, "\n");
data/teem-1.12.0~20160122/src/nrrd/methodsNrrd.c:193:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
out += strlen(out);
data/teem-1.12.0~20160122/src/nrrd/methodsNrrd.c:1219:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(explain, "");
data/teem-1.12.0~20160122/src/nrrd/nrrd.h:243:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int (*read)(FILE *file, Nrrd *nrrd, struct NrrdIoState_t *nio);
data/teem-1.12.0~20160122/src/nrrd/nrrd.h:273:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int (*read)(FILE *file, void *data, size_t elementNum,
data/teem-1.12.0~20160122/src/nrrd/parseNrrd.c:85:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
next += strlen(buff) + 2;
data/teem-1.12.0~20160122/src/nrrd/parseNrrd.c:148:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(info) && !(nrrd->content = airStrdup(info))) {
data/teem-1.12.0~20160122/src/nrrd/parseNrrd.c:437:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!hh[strlen(_nrrdNoSpaceVector)]
data/teem-1.12.0~20160122/src/nrrd/parseNrrd.c:438:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strchr(_nrrdFieldSep, hh[strlen(_nrrdNoSpaceVector)])) {
data/teem-1.12.0~20160122/src/nrrd/parseNrrd.c:443:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length += strlen(_nrrdNoSpaceVector);
data/teem-1.12.0~20160122/src/nrrd/parseNrrd.c:483:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length += strlen(buff);
data/teem-1.12.0~20160122/src/nrrd/parseNrrd.c:578:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(info) != strspn(info, _nrrdFieldSep)) {
data/teem-1.12.0~20160122/src/nrrd/parseNrrd.c:779:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(h) != strspn(h, _nrrdFieldSep)) {
data/teem-1.12.0~20160122/src/nrrd/parseNrrd.c:815:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(h) != strspn(h, _nrrdFieldSep)) {
data/teem-1.12.0~20160122/src/nrrd/parseNrrd.c:1014:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(info) && !(nrrd->sampleUnits = airStrdup(info))) {
data/teem-1.12.0~20160122/src/nrrd/parseNrrd.c:1166:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(info) != strspn(info, _nrrdFieldSep)) {
data/teem-1.12.0~20160122/src/nrrd/parseNrrd.c:1371:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (!strncmp(info, NRRD_LIST_FLAG, strlen(NRRD_LIST_FLAG)) ||
data/teem-1.12.0~20160122/src/nrrd/parseNrrd.c:1372:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
!strncmp(info, NRRD_SKIPLIST_FLAG, strlen(NRRD_SKIPLIST_FLAG))) {
data/teem-1.12.0~20160122/src/nrrd/parseNrrd.c:1379:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
skiplist = !strncmp(info, NRRD_SKIPLIST_FLAG, strlen(NRRD_SKIPLIST_FLAG));
data/teem-1.12.0~20160122/src/nrrd/parseNrrd.c:1387:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
info += strlen(skiplist ? NRRD_SKIPLIST_FLAG : NRRD_LIST_FLAG);
data/teem-1.12.0~20160122/src/nrrd/privateNrrd.h:203:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
unsigned int* read);
data/teem-1.12.0~20160122/src/nrrd/range.c:259:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mmStr[strlen(mmStr)-strlen(NRRD_MINMAX_PERC_SUFF)] = '\0';
data/teem-1.12.0~20160122/src/nrrd/range.c:259:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mmStr[strlen(mmStr)-strlen(NRRD_MINMAX_PERC_SUFF)] = '\0';
data/teem-1.12.0~20160122/src/nrrd/read.c:57:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(nio->line, nio->headerStringRead + nio->headerStrpos, len1);
data/teem-1.12.0~20160122/src/nrrd/read.c:167:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(nio->line, "");
data/teem-1.12.0~20160122/src/nrrd/read.c:172:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*lenP = AIR_UINT(strlen(nio->line)) + 1;
data/teem-1.12.0~20160122/src/nrrd/read.c:314:19: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
skipRet = fgetc(dataFile);
data/teem-1.12.0~20160122/src/nrrd/read.c:440:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(linestart) != strlen(nio->line)) {
data/teem-1.12.0~20160122/src/nrrd/read.c:440:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(linestart) != strlen(nio->line)) {
data/teem-1.12.0~20160122/src/nrrd/read.c:443:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
me, airSprintSize_t(stmp, strlen(nio->line)), linestart);
data/teem-1.12.0~20160122/src/nrrd/read.c:457:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (nio->format->read(file, nrrd, nio)) {
data/teem-1.12.0~20160122/src/nrrd/read.c:686:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fname = AIR_CAST(char *, malloc(strlen(fnameFormat) + 128));
data/teem-1.12.0~20160122/src/nrrd/reorder.c:259:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(buff1, "");
data/teem-1.12.0~20160122/src/nrrd/reorder.c:413:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(buff1, "");
data/teem-1.12.0~20160122/src/nrrd/reorder.c:1032:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(buff1, "");
data/teem-1.12.0~20160122/src/nrrd/simple.c:442:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nout->content = (char *)calloc(strlen("(,)")
data/teem-1.12.0~20160122/src/nrrd/subset.c:329:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(buff1, "");
data/teem-1.12.0~20160122/src/nrrd/superset.c:262:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(buff1, "[");
data/teem-1.12.0~20160122/src/nrrd/superset.c:268:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buff1, "]");
data/teem-1.12.0~20160122/src/nrrd/superset.c:484:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(buff1, "");
data/teem-1.12.0~20160122/src/nrrd/test/kv.c:56:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)strlen(value));
data/teem-1.12.0~20160122/src/nrrd/write.c:222:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str, "(");
data/teem-1.12.0~20160122/src/nrrd/write.c:224:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(buff, "");
data/teem-1.12.0~20160122/src/nrrd/write.c:443:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fslen = strlen(prefix) + strlen(fs) + strlen(": ") + 1;
data/teem-1.12.0~20160122/src/nrrd/write.c:443:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fslen = strlen(prefix) + strlen(fs) + strlen(": ") + 1;
data/teem-1.12.0~20160122/src/nrrd/write.c:443:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fslen = strlen(prefix) + strlen(fs) + strlen(": ") + 1;
data/teem-1.12.0~20160122/src/nrrd/write.c:453:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*strP = AIR_CALLOC(fslen + strlen(strtmp), char);
data/teem-1.12.0~20160122/src/nrrd/write.c:463:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*strP = AIR_CALLOC(fslen + strlen(airEnumStr(nrrdType, nrrd->type)), char);
data/teem-1.12.0~20160122/src/nrrd/write.c:477:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(airEnumStr(nrrdSpace, nrrd->space)), char);
data/teem-1.12.0~20160122/src/nrrd/write.c:528:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen("(,) ")), char);
data/teem-1.12.0~20160122/src/nrrd/write.c:534:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(*strP, " ");
data/teem-1.12.0~20160122/src/nrrd/write.c:592:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(*strP, "\"");
data/teem-1.12.0~20160122/src/nrrd/write.c:627:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*strP = AIR_CALLOC(fslen + strlen(airEnumStr(airEndian, endi)), char);
data/teem-1.12.0~20160122/src/nrrd/write.c:631:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*strP = AIR_CALLOC(fslen + strlen(nio->encoding->name), char);
data/teem-1.12.0~20160122/src/nrrd/write.c:644:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*strP = AIR_CALLOC(fslen + strlen(strtmp), char);
data/teem-1.12.0~20160122/src/nrrd/write.c:667:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(*strP, "\"");
data/teem-1.12.0~20160122/src/nrrd/write.c:672:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen("(,) ")), char);
data/teem-1.12.0~20160122/src/nrrd/write.c:679:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen("(,) "))), char);
data/teem-1.12.0~20160122/src/nrrd/write.c:687:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(*strP, " ");
data/teem-1.12.0~20160122/src/nrrd/write.c:698:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*strP = AIR_CALLOC(fslen + strlen(nio->dataFNFormat) + 4*uintStrlen,
data/teem-1.12.0~20160122/src/nrrd/write.c:711:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxl = AIR_MAX(maxl, strlen(nio->dataFN[ii]));
data/teem-1.12.0~20160122/src/nrrd/write.c:713:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*strP = AIR_CALLOC(fslen + strlen(NRRD_LIST_FLAG)
data/teem-1.12.0~20160122/src/nrrd/write.c:716:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fnb = AIR_CALLOC(fslen + strlen(NRRD_LIST_FLAG)
data/teem-1.12.0~20160122/src/nrrd/write.c:732:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*strP = AIR_CALLOC(fslen + strlen("./")
data/teem-1.12.0~20160122/src/nrrd/write.c:733:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(nio->dataFN[0]) + 1, char);
data/teem-1.12.0~20160122/src/nrrd/write.c:1030:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nio->base[strlen(nio->base) - strlen(NRRD_EXT_NHDR)] = 0;
data/teem-1.12.0~20160122/src/nrrd/write.c:1030:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nio->base[strlen(nio->base) - strlen(NRRD_EXT_NHDR)] = 0;
data/teem-1.12.0~20160122/src/nrrd/write.c:1073:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fname = AIR_CALLOC(strlen(fnameFormat) + 128, char);
data/teem-1.12.0~20160122/src/pull/infoPull.c:449:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str, "");
data/teem-1.12.0~20160122/src/pull/infoPull.c:455:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str, ":");
data/teem-1.12.0~20160122/src/pull/infoPull.c:463:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str, ":");
data/teem-1.12.0~20160122/src/pull/infoPull.c:479:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str, ":");
data/teem-1.12.0~20160122/src/pull/trace.c:742:5: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fgetc(file); \
data/teem-1.12.0~20160122/src/ten/chan.c:96:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(tenDWMRIModalityVal))) {
data/teem-1.12.0~20160122/src/ten/chan.c:196:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(tenDWMRINAVal))) {
data/teem-1.12.0~20160122/src/ten/chan.c:284:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("true"))) {
data/teem-1.12.0~20160122/src/ten/tenModel.c:85:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str += strlen(tenModelPrefixStr);
data/teem-1.12.0~20160122/src/ten/tenModel.c:672:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lablen = (strlen(tenModelPrefixStr)
data/teem-1.12.0~20160122/src/ten/tenModel.c:673:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ (saveB0 ? strlen("B0+") : 0)
data/teem-1.12.0~20160122/src/ten/tenModel.c:674:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(model->name)
data/teem-1.12.0~20160122/src/ten/tenModel.c:810:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lablen = (strlen(tenModelPrefixStr)
data/teem-1.12.0~20160122/src/ten/tenModel.c:811:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ (withB0 ? strlen("B0+") : 0)
data/teem-1.12.0~20160122/src/ten/tenModel.c:812:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(modelDst->name)
data/teem-1.12.0~20160122/src/ten/tendAbout.c:75:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)((hparm->columns-strlen(buff))/2 + strlen(buff) - 1));
data/teem-1.12.0~20160122/src/ten/tendAbout.c:75:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)((hparm->columns-strlen(buff))/2 + strlen(buff) - 1));
data/teem-1.12.0~20160122/src/ten/tendAbout.c:79:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)((hparm->columns-strlen(buff))/2 + strlen(buff) - 1));
data/teem-1.12.0~20160122/src/ten/tendAbout.c:79:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)((hparm->columns-strlen(buff))/2 + strlen(buff) - 1));
data/teem-1.12.0~20160122/src/ten/test/ttriple.c:50:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
printf("%s", space + strlen(airEnumStr(tenTripleType, itype[0])));
data/teem-1.12.0~20160122/src/ten/test/ttriple.c:56:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
printf("%s", space + strlen(airEnumStr(tenTripleType, itype[ii])));
data/teem-1.12.0~20160122/src/tijk/nrrdTijk.c:49:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lablen = strlen("tijk__") + strlen(type->name) +
data/teem-1.12.0~20160122/src/tijk/nrrdTijk.c:49:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lablen = strlen("tijk__") + strlen(type->name) +
data/teem-1.12.0~20160122/src/tijk/nrrdTijk.c:50:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(masked?strlen("mask_"):0) + 1;
data/teem-1.12.0~20160122/src/tijk/nrrdTijk.c:80:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lablen = strlen("tijk_esh_") + (masked?strlen("mask_"):0) + 3;
data/teem-1.12.0~20160122/src/tijk/nrrdTijk.c:80:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lablen = strlen("tijk_esh_") + (masked?strlen("mask_"):0) + 3;
data/teem-1.12.0~20160122/src/tijk/nrrdTijk.c:110:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lablen = strlen("tijk_efs_") + (masked?strlen("mask_"):0) + 3;
data/teem-1.12.0~20160122/src/tijk/nrrdTijk.c:110:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lablen = strlen("tijk_efs_") + (masked?strlen("mask_"):0) + 3;
data/teem-1.12.0~20160122/src/unrrdu/aabplot.c:137:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(line, rbuff, strlen(rbuff));
data/teem-1.12.0~20160122/src/unrrdu/aabplot.c:139:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(line + plen - strlen(rbuff), rbuff, strlen(rbuff));
data/teem-1.12.0~20160122/src/unrrdu/aabplot.c:139:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(line + plen - strlen(rbuff), rbuff, strlen(rbuff));
data/teem-1.12.0~20160122/src/unrrdu/about.c:102:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)((hparm->columns-strlen(buff))/2 + strlen(buff) - 1));
data/teem-1.12.0~20160122/src/unrrdu/about.c:102:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)((hparm->columns-strlen(buff))/2 + strlen(buff) - 1));
data/teem-1.12.0~20160122/src/unrrdu/about.c:106:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)((hparm->columns-strlen(buff))/2 + strlen(buff) - 1));
data/teem-1.12.0~20160122/src/unrrdu/about.c:106:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)((hparm->columns-strlen(buff))/2 + strlen(buff) - 1));
data/teem-1.12.0~20160122/src/unrrdu/axinfo.c:112:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ('\"' == _dirStr[0] && '\"' == _dirStr[strlen(_dirStr)-1]) {
data/teem-1.12.0~20160122/src/unrrdu/axinfo.c:113:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
_dirStr[strlen(_dirStr)-1] = 0;
data/teem-1.12.0~20160122/src/unrrdu/axinfo.c:131:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(label)) {
data/teem-1.12.0~20160122/src/unrrdu/axinfo.c:135:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(units)) {
data/teem-1.12.0~20160122/src/unrrdu/axinsert.c:122:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(label)) {
data/teem-1.12.0~20160122/src/unrrdu/basinfo.c:121:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ('\"' == _origStr[0] && '\"' == _origStr[strlen(_origStr)-1]) {
data/teem-1.12.0~20160122/src/unrrdu/basinfo.c:122:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
_origStr[strlen(_origStr)-1] = 0;
data/teem-1.12.0~20160122/src/unrrdu/crop.c:115:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(stmp1, "");
data/teem-1.12.0~20160122/src/unrrdu/data.c:86:9: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
car = fgetc(nio->dataFile);
data/teem-1.12.0~20160122/src/unrrdu/data.c:94:11: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
car = fgetc(nio->dataFile);
data/teem-1.12.0~20160122/src/unrrdu/dice.c:132:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(fffname + strlen(fffname) - 4, "png");
data/teem-1.12.0~20160122/src/unrrdu/dice.c:136:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(fffname + strlen(fffname) - 4, "pgm");
data/teem-1.12.0~20160122/src/unrrdu/dice.c:138:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(fffname + strlen(fffname) - 4, "ppm");
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:122:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxlen = AIR_MAX(maxlen, AIR_UINT(strlen(cmdList[ii]->name)));
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:128:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buff = AIR_CALLOC(strlen(tdash) + strlen(title) + 1, char);
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:128:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buff = AIR_CALLOC(strlen(tdash) + strlen(title) + 1, char);
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:131:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fmt = AIR_CALLOC(hparm->columns + strlen(buff) + 1, char); /* generous */
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:134:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
AIR_UINT((hparm->columns-strlen(buff))/2 + strlen(buff) - 1));
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:134:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
AIR_UINT((hparm->columns-strlen(buff))/2 + strlen(buff) - 1));
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:142:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = AIR_UINT(strlen(cmdList[ii]->name));
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:143:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(buff, "");
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:145:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buff, " ");
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:147:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buff, " ");
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:150:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buff);
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:180:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
argv0 = AIR_CALLOC(strlen(cmd) + strlen(argv[1]) + 2, char);
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:180:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
argv0 = AIR_CALLOC(strlen(cmd) + strlen(argv[1]) + 2, char);
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:210:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxlen = AIR_MAX(maxlen, AIR_UINT(strlen(unrrduCmdList[cmdi]->name)));
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:214:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = AIR_UINT(strlen(buff));
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:226:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = AIR_UINT(strlen(unrrduCmdList[cmdi]->name));
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:228:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(buff, "");
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:230:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buff, " ");
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:232:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buff, "(");
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:235:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buff, " ");
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:238:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = AIR_UINT(strlen(buff));
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:244:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
infop = AIR_CALLOC(strlen(unrrduCmdList[cmdi]->info) + 2, char);
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:277:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxlen = AIR_MAX(maxlen, AIR_UINT(strlen(cmdList[cmdi]->name)));
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:281:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = AIR_UINT(strlen(buff));
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:287:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = AIR_UINT(strlen(cmdList[cmdi]->name));
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:288:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(buff, "");
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:290:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buff, " ");
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:292:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buff, " ");
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:295:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = AIR_UINT(strlen(buff));
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:514:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strlen(str) > 2
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:525:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strlen(str) > 1
data/teem-1.12.0~20160122/src/unrrdu/flotsam.c:535:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strlen(str) > 2
data/teem-1.12.0~20160122/src/unrrdu/head.c:72:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int c = getc(fin);
data/teem-1.12.0~20160122/src/unrrdu/head.c:74:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(fin);
data/teem-1.12.0~20160122/src/unrrdu/join.c:91:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(label)) {
data/teem-1.12.0~20160122/src/unrrdu/make.c:329:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bufLen += strlen(dataFileNames[ii]) + 1;
data/teem-1.12.0~20160122/src/unrrdu/make.c:333:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(parseBuf, "");
data/teem-1.12.0~20160122/src/unrrdu/make.c:336:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(parseBuf, " ");
data/teem-1.12.0~20160122/src/unrrdu/make.c:377:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(label[ii], "");
data/teem-1.12.0~20160122/src/unrrdu/make.c:385:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(units[ii], "");
data/teem-1.12.0~20160122/src/unrrdu/make.c:420:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(parseBuf, "");
data/teem-1.12.0~20160122/src/unrrdu/make.c:423:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(parseBuf, " ");
data/teem-1.12.0~20160122/src/unrrdu/make.c:446:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(parseBuf, "");
data/teem-1.12.0~20160122/src/unrrdu/make.c:449:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(parseBuf, " ");
data/teem-1.12.0~20160122/src/unrrdu/make.c:490:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ('\"' == _origStr[0] && '\"' == _origStr[strlen(_origStr)-1]) {
data/teem-1.12.0~20160122/src/unrrdu/make.c:491:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
_origStr[strlen(_origStr)-1] = 0;
data/teem-1.12.0~20160122/src/unrrdu/make.c:510:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ('\"' == _dirStr[0] && '\"' == _dirStr[strlen(_dirStr)-1]) {
data/teem-1.12.0~20160122/src/unrrdu/make.c:511:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
_dirStr[strlen(_dirStr)-1] = 0;
data/teem-1.12.0~20160122/src/unrrdu/make.c:530:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ('\"' == _mframeStr[0] && '\"' == _mframeStr[strlen(_mframeStr)-1]) {
data/teem-1.12.0~20160122/src/unrrdu/make.c:531:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
_mframeStr[strlen(_mframeStr)-1] = 0;
data/teem-1.12.0~20160122/src/unrrdu/make.c:563:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(spunits[ii], "");
data/teem-1.12.0~20160122/src/unrrdu/make.c:573:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(parseBuf, "");
data/teem-1.12.0~20160122/src/unrrdu/make.c:576:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(parseBuf, " ");
data/teem-1.12.0~20160122/src/unrrdu/make.c:578:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(parseBuf, "\"");
data/teem-1.12.0~20160122/src/unrrdu/make.c:580:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(parseBuf, "\"");
data/teem-1.12.0~20160122/src/unrrdu/make.c:632:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (nrrdFormatNRRD->read(NULL, nrrd, nio)) {
data/teem-1.12.0~20160122/src/unrrdu/make.c:640:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(outData)) {
data/teem-1.12.0~20160122/src/unrrdu/save.c:136:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(outData)) {
data/teem-1.12.0~20160122/src/unrrdu/slice.c:87:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(stmp, "");
data/teem-1.12.0~20160122/src/unrrdu/undos.c:89:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
car = getc(fin);
data/teem-1.12.0~20160122/src/unrrdu/undos.c:106:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
car = getc(fin);
ANALYSIS SUMMARY:
Hits = 1955
Lines analyzed = 207073 in approximately 6.68 seconds (30989 lines/second)
Physical Source Lines of Code (SLOC) = 152602
Hits@level = [0] 3510 [1] 460 [2] 989 [3] 17 [4] 489 [5] 0
Hits@level+ = [0+] 5465 [1+] 1955 [2+] 1495 [3+] 506 [4+] 489 [5+] 0
Hits/KSLOC@level+ = [0+] 35.8121 [1+] 12.8111 [2+] 9.79673 [3+] 3.31581 [4+] 3.20441 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.