Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/texlive-lang-2020.20200925/texmf-dist/doc/cstex/cspsfonts-gen/kernoff.c
Examining data/texlive-lang-2020.20200925/texmf-dist/doc/generic/t2/etc/t2filter.c
Examining data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c
Examining data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c
FINAL RESULTS:
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:120:40: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
{ printf("Input file: "); gets(infilename); }
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:122:14: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
gets(outfilename);
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:100:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (argc>1) strcpy(infilename,argv[1]);
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:112:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
{ case 3: strcpy(infilename,argv[1+k]);
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:113:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outfilename,argv[2+k]);
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:115:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
case 2: strcpy(infilename,argv[1+k]);
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:126:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
{ strcpy (outfilename,infilename); /* default output file name */
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:178:33: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
{ if (bnline == TRUE) { strcat(outbuf,i_ptr); write_outbuf(); }
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:187:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(outbuf,i_ptr); *p = c; i_ptr = p; continue;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:191:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(outbuf,i_ptr); /* append partial line to outbuf */
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:222:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outbuf,o_ptr);
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:341:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
{ bnword(); strcat (outbuf,i_ptr); write_outbuf(); getline(); CC; }
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:387:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(outbuf,i_ptr); write_outbuf(); getline(); CC;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:512:35: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
{ char temp[] = " "; temp[0] = c; strcat(s,temp);
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:544:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(w,x); strcat(w,z)
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:544:14: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(w,x); strcat(w,z)
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:577:23: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(outbuf,tmp);
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:585:23: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(outbuf,tmp);
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:587:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmp,work);
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:594:23: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(outbuf,tmp);
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:596:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmp,work);
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:610:18: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(outbuf,tmp);
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:612:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmp,work);
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:616:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(outbuf,work);
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:801:33: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
if(strncmp(p,a,n)==0) { strcat(work,z); p+=n; c;}
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:162:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
{ case 3: strcpy(infilename,argv[1]);
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:163:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outfilename,argv[2]);
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:165:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
case 2: strcpy(infilename,argv[1]);
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:169:42: [4] (buffer) scanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
{ printf("Input file: "); scanf(FILENAME_SCANF, infilename); }
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:171:14: [4] (buffer) scanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
scanf(FILENAME_SCANF, outfilename);
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:174:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
{ strcpy (outfilename,infilename); /* default output file name */
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:240:34: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
{ if (sktline == TRUE) { strcat(outbuf,i_ptr); write_outbuf(); }
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:249:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(outbuf,i_ptr); *p = c; i_ptr = p; continue;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:253:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(outbuf,i_ptr); /* append partial line to outbuf */
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:290:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outbuf,o_ptr);
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:343:3: [4] (buffer) scanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
scanf(inbuf);
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:429:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(w,x); if((y)>9)chrcat(w,('0'+((y)/10))); \
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:430:27: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
chrcat(w,('0'+((y)%10))); strcat(w,z)
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:449:20: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
{ sktword(); strcat (outbuf,i_ptr); write_outbuf(); get_line(); CC; }
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:454:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(outbuf,i_ptr); write_outbuf(); get_line(); CC;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:758:35: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
{ char temp[] = " "; temp[0] = c; strcat(s,temp);
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:797:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
ra=x; ya=y; strcat(work,z); vaflg++;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:855:23: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(outbuf,tmp);
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:863:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tmp,work);
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:869:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tmp,work);
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:884:18: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(outbuf,tmp);
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:886:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmp,work); whiteness = bwh;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:889:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(outbuf,work);
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:2211:24: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
{ case 0: strcat(outbuf,Y); break; \
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:2212:58: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
case 1: if (tech) strcat(outbuf,"\\ZX{"); strcat(outbuf,Z); \
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:2214:48: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
case 2: strcat(outbuf,"\\ZW{"); strcat(outbuf,Y); \
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:2216:48: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
case 3: strcat(outbuf,"\\ZY{"); strcat(outbuf,Z); \
data/texlive-lang-2020.20200925/texmf-dist/doc/cstex/cspsfonts-gen/kernoff.c:10:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[500];
data/texlive-lang-2020.20200925/texmf-dist/doc/cstex/cspsfonts-gen/kernoff.c:41:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
v = atoi(&line[i]);
data/texlive-lang-2020.20200925/texmf-dist/doc/generic/t2/etc/t2filter.c:40:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[BUFSIZE];
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:36:26: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *infile, *outfile, *fopen();
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:37:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infilename[80];
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:38:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outfilename[80];
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:54:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inbuf[133]; /* input file line buffer of text being processed */
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:56:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outbuf[512]; /* output file line buffer of text processed */
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:65:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bnbuf[255]; /* storage for Bengali in internal code */
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:68:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char work[80]; /* general scratchpad */
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:70:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[80]; /* temporary buffer for previous syllable */
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:131:15: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (p == 0) strcat(infilename,".bn"); /* default input file extension */
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:132:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((infile=fopen(infilename,"r")) == NULL)
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:138:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{ if (inbuf[0] == '@') strcat(outfilename,".dn");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:139:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
else strcat(outfilename,".tex"); /* set default output file extension */
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:141:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((outfile=fopen(outfilename,"w")) == NULL)
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:298:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char err_str[80]; int j;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:303:21: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if (n == 0) { strcpy(err_str,"oct(");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:548:33: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (roman_flag && bnbuf[0]) { strcat(outbuf,"\\,"); roman_flag = FALSE; }
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:576:59: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{ if (*tmp) { if (outbuf[0]=='\0' && tmp[0]=='[') strcat(outbuf,"{}");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:584:59: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (*tmp) { if (outbuf[0]=='\0' && tmp[0]=='[') strcat(outbuf,"{}");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:593:59: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (*tmp) { if (outbuf[0]=='\0' && tmp[0]=='[') strcat(outbuf,"{}");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:609:54: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (*tmp) { if (outbuf[0]=='\0' && tmp[0]=='[') strcat(outbuf,"{}");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:641:18: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case '!': strcat(tmp,"\\-"); break; /* discretionary hyphen */
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:645:18: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case '@': strcat(work,"\\30Cz"); break; /* hasanta */
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:664:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'A': strcat(work,"aA"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:665:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'i': strcat(work,"\\302z"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:666:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'I': strcat(work,"\\303z"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:667:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'u': strcat(work,"\\304z"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:668:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'U': strcat(work,"\\305z"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:669:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'x': strcat(work,"\\306z"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:671:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'e': strcat(work,"\\308z"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:672:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'E': strcat(work,"\\309z"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:673:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'o': strcat(work,"\\30Az"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:674:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'O': strcat(work,"\\30Bz"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:690:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *p, msg[80]="";
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:698:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{ case 'B': strcat(msg,"bh"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:699:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'C': strcat(msg,"ch"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:700:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'D': strcat(msg,"dh"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:701:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'G': strcat(msg,"gh"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:702:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'H': strcat(msg,".h"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:703:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'J': strcat(msg,"jh"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:704:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'K': strcat(msg,"kh"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:705:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'P': strcat(msg,"ph"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:706:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'T': strcat(msg,"th"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:707:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'f': strcat(msg,".t"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:708:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'F': strcat(msg,".th"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:709:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'N': strcat(msg,".n"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:710:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'q': strcat(msg,".d"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:711:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'Q': strcat(msg,".dh"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:712:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'S': strcat(msg,".s"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:713:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'V': strcat(msg,"~n"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:714:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'Y': strcat(msg,".y"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:715:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'z': strcat(msg,"\"n"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:716:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'Z': strcat(msg,"\"s"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:724:20: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'x': strcat(msg,".r"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:746:27: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{ strcat(work,"\\319z"); ac_char = 'a'; }
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:747:27: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
else { strcat(work,"\\31Az"); ac_char = 'a'; }
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:754:19: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (post_ra) { strcat(work,"\\30Fz"); } /* ra-phala */
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:755:19: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (post_ya) { strcat(work,"\\30Dz"); } /* ya-phala */
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:760:15: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (pre_ra) { strcat(work,"\\30Ez"); } /* add repha */
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:825:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{p+=1; strcat(work,"k{\\kern-.25em}u{\\kern.25em}");NX;}
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:827:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{p+=1; strcat(work,"k{\\kern-.25em}U{\\kern.25em}");NX;}
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:829:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{p+=1; strcat(work,"k{\\kern-.25em}W{\\kern.25em}");NX;}
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:831:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{p+=2; strcat(work,"\\388z");NR;}
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:833:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{p+=2; strcat(work,"\\389z");NR;}
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:864:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{p+=2; strcat(work,"\\392z");NR;}
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:874:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{p+=2; strcat(work,"\\399z");NR;}
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:885:27: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{p+=2; strcat(work,"\\39Cz");NR;}
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:895:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{p+=1; strcat(work,"J{\\kern-.24em}u{\\kern.24em}");NX;}
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:897:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{p+=1; strcat(work,"J{\\kern-.24em}U{\\kern.24em}");NX;}
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:899:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{p+=1; strcat(work,"J{\\kern-.24em}W{\\kern.24em}");NX;}
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:904:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{p+=1; strcat(work,"Q{\\kern-.39em}u{\\kern.39em}");NX;}
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:906:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{p+=1; strcat(work,"Q{\\kern-.39em}U{\\kern.39em}");NX;}
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:908:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{p+=1; strcat(work,"Q{\\kern-.39em}W{\\kern.39em}");NX;}
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:942:27: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{p+=2; strcat(work,"\\3ADz"); NR;}
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:944:27: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{p+=2; strcat(work,"\\3B3z"); NX;}
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:961:27: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{p+=2; strcat(work,"\\3BAz");NR;}
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:980:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{p+=2; strcat(work,"\\3C1z");NR;}
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:982:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{p+=2; strcat(work,"\\3C2z");NR;}
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:984:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{p+=2; strcat(work,"\\3C3z");NR;}
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:986:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{p+=2; strcat(work,"\\4Pz");NR;}
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:1011:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{p+=1; strcat(work,"f{\\kern-.21em}u{\\kern.21em}");NX;}
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:1013:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{p+=1; strcat(work,"f{\\kern-.21em}U{\\kern.21em}");NX;}
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:1015:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{p+=1; strcat(work,"f{\\kern-.21em}W{\\kern.21em}");NX;}
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:1034:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{p+=2; strcat(work,"\\3DEz");NR;}
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:1056:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{p+=2; strcat(work,"\\3E3z");NX;}
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:1079:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{p+=2; strcat(work,"\\3F1z");NR;}
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:1091:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{p+=2; strcat(work,"\\3F9z");NR;}
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:1093:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{p+=2; strcat(work,"\\3FAz");NR;}
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:1095:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{p+=2; strcat(work,"\\3FEz");NX;}
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:1097:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{p+=2; strcat(work,"\\3FFz");NR;}
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:1099:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{p+=2; strcat(work,"\\313z");NR;}
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:1115:26: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'h': if(*p=='x') { strcat(work,"\\31Cz");hr_flag = TRUE; IX; }
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:1132:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'R': strcat(work,"\\4rz"); NR;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:1135:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'v': strcat(work,"\\4vz"); NR;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:63:26: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *infile, *outfile, *fopen();
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:64:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infilename[80];
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:65:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outfilename[80];
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:89:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inbuf[255]; /* input file line buffer of text being processed */
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:91:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outbuf[2048]; /* output file line buffer of text processed */
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:102:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sktbuf[255]; /* storage for sanskrit in internal code */
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:105:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char work[256]; /* general scratchpad */
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:107:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[2048]; /* temporary buffer for previous syllable */
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:179:15: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (p == 0) strcat(infilename,".skt"); /* default input file extension */
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:180:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((infile=fopen(infilename,"r")) == NULL)
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:183:15: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (p == 0) strcat(outfilename,".tex"); /* set default output file extension */
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:184:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((outfile=fopen(outfilename,"w")) == NULL)
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:403:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char err_str[80]; int j;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:408:21: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if (n == 0) { strcpy(err_str,"oct(");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:467:31: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (!xlit) { if (feint) strcat(outbuf,"\\ZF{");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:468:31: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (bold) strcat(outbuf,"\\ZB{");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:469:41: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (!feint && !bold) strcat(outbuf,"\\ZN{");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:484:31: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (!xlit) { if (feint) strcat(outbuf,"\\ZF{");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:485:31: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (bold) strcat(outbuf,"\\ZB{");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:486:41: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (!feint && !bold) strcat(outbuf,"\\ZN{");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:854:59: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{ if (*tmp) { if (outbuf[0]=='\0' && tmp[0]=='[') strcat(outbuf,"{}");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:883:54: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (*tmp) { if (outbuf[0]=='\0' && tmp[0]=='[') strcat(outbuf,"{}");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:896:29: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
default: strcat(outbuf, "+."); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:935:18: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tmp,"\\-"); if (bwh < 3) bwh=3; break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:958:26: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{ case 6: strcat(work,";a"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:959:26: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 5: strcat(work,":a"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:960:26: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 4: strcat(work,".a"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:984:26: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{ case 6: strcat(work,";ea"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:985:26: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 5: strcat(work,":ea"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:986:26: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 4: strcat(work,".ea"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:987:26: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 3: strcat(work,"ea"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:992:26: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{ case 6: strcat(work,";Ea"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:993:26: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 5: strcat(work,":Ea"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:994:26: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 4: strcat(work,".Ea"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:995:26: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 3: strcat(work,"Ea"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1013:38: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (interspace==5) {strcat(work,"\\ZS{2}"); break;}
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1014:37: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (interspace>5) {strcat(work,"\\ZS{4}"); break;}
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1045:20: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 5: strcat(tmp,"+."); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1046:20: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 6: strcat(tmp,"+:"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1066:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char *p, msg[80]="";
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1074:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{ case 'B': strcat(msg,"bh"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1075:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'C': strcat(msg,"ch"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1076:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'D': strcat(msg,"dh"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1077:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'G': strcat(msg,"gh"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1078:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'H': strcat(msg,".h"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1079:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'J': strcat(msg,"jh"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1080:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'K': strcat(msg,"kh"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1081:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'L': strcat(msg,"\"l"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1082:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'P': strcat(msg,"ph"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1083:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'T': strcat(msg,"th"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1084:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'f': strcat(msg,".t"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1085:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'F': strcat(msg,".th"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1086:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'N': strcat(msg,".n"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1087:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'q': strcat(msg,".d"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1088:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'Q': strcat(msg,".dh"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1089:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'R': strcat(msg,"\"m"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1090:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'S': strcat(msg,".s"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1091:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'V': strcat(msg,"~n"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1092:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'Y': strcat(msg,".a"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1093:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'z': strcat(msg,"\"n"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1094:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'Z': strcat(msg,"\"s"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1101:20: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{ case 'w': strcat(msg,".l"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1102:20: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'W': strcat(msg,".l.l"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1103:20: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'x': strcat(msg,".r"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1104:20: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'X': strcat(msg,".r.r"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1105:20: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'A': strcat(msg,"aa"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1106:20: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'E': strcat(msg,"ai"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1107:20: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'I': strcat(msg,"ii"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1108:20: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'O': strcat(msg,"au"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1109:20: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 'U': strcat(msg,"uu"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1168:20: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 3: strcat(work, "<\\ZV{10}{M}"); v=18; h=5; j=4; break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1170:20: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 5: strcat(work, "R1"); v=12; h=4; j=3; break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1171:20: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 6: strcat(work, "R2"); v=8; h=3; j=3; break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1172:20: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 7: strcat(work, "R2\\ZV{10}{<}"); v=20; h=3; j=4; break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1193:26: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
else strcat(work,"\\ZK{`1}");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1196:26: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
else strcat(work,"\\ZK{`2}");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1199:26: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
else strcat(work,"\\ZK{`3}");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1202:26: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
else strcat(work,"\\ZK{`7}");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1205:26: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
else strcat(work,"\\ZK{`0}");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1218:32: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
else strcat(work,"\\ZK{`4}");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1232:32: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
else strcat(work,"\\ZK{`5}");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1246:32: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
else strcat(work,"\\ZK{`6}");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1313:22: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{ case '\30': strcat(work,"\\ZK{@r\\ZP{-3}{5}{@b}\\ZV{2}{@b}}"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1314:22: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case '\31': strcat(work,"\\ZK{`u}"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1315:22: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case '\32': strcat(work,"\\ZK{`z}"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1316:22: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case '\33': strcat(work,"\\ZK{@I@o}"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1317:22: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case '\34': strcat(work,"\\ZK{@M}"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1318:22: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case '\35': strcat(work,"\\ZK{@M\\ZS{-9}@M}"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1319:22: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case '\36': strcat(work,"\\ZK{@I\\ZV{2}{@I}}"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1320:22: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
default: strcat(work,"\\ZK{`8}"); break; /* for & or % accent */
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1359:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 2: strcat(work,"r1"); rldep=1; dep +=4; break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1360:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 3: strcat(work,"r2"); rldep=1; dep +=6; break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1361:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 4: strcat(work,"@R"); if(rldep)rldep--; break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1362:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 5: strcat(work,"r1"); rldep=1; dep +=1; break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1363:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 6: strcat(work,"r4"); if(rldep)rldep--; break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1386:41: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (k > 16) { strcat(work,"{i0");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1388:39: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(work,"Y7}");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1401:20: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 5: strcat(work,"+."); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1402:20: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 6: strcat(work,"+:"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1434:15: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 5: strcat(tmp,"+."); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1435:15: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 6: strcat(tmp,"+:"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1436:15: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 7: strcat(tmp,"+;"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1438:15: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 9: strcat(tmp,"*."); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1439:15: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 10: strcat(tmp,"*:"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1440:15: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 11: strcat(tmp,"*;"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1441:15: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 12: strcat(tmp,"*+"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1449:20: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (k > 16) { strcat(tmp,"\\ZH{0}{i0"); /* add long i-hook */
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1451:20: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tmp,"Y7}");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1455:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{ case 6: strcat(tmp,"a;"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1456:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 5: strcat(tmp,"a:"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1457:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 4: strcat(tmp,"a."); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1459:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 2: strcat(tmp,"@A:"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1460:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 1: strcat(tmp,"@A."); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1461:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
default: strcat(tmp,"@A");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1488:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(work,"\\-");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:2031:26: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(*p=='#'){if(aci(p)){strcat(work,"\\ZH{-6}{<}");IX;}
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:2032:15: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(work,"\\ZH{-6}{<}");IC;}
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:2050:15: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{ case 6: strcat(work,"r4"); if(rldep) rldep--; break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:2051:15: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 5: strcat(work,"r1"); rldep = 1; dep += 1; break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:2052:15: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 4: strcat(work,"@R"); if(rldep) rldep--; break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:2053:15: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 3: strcat(work,"r2"); rldep = 1; dep += 6; break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:2054:15: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 2: strcat(work,"r1"); rldep = 1; dep += 4; break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:2212:34: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 1: if (tech) strcat(outbuf,"\\ZX{"); strcat(outbuf,Z); \
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:2214:24: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 2: strcat(outbuf,"\\ZW{"); strcat(outbuf,Y); \
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:2216:24: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 3: strcat(outbuf,"\\ZY{"); strcat(outbuf,Z); \
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:2239:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(outbuf,"\\ZS{1}\\raisebox{.4ex}{.}\\ZS{-1}");\
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:2241:23: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(outbuf,"\\-"); } \
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:2245:45: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
#define NASAL(X,Y,Z) case X: if (*p == '#') strcat(outbuf,"\\~{"); \
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:2260:30: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case '-': if(option[10]) strcat(outbuf,"\\-"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:2262:22: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{ strcat(outbuf,"{\\upshape\\boldmath\\,$\\mid\\mid$}");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:2264:20: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(outbuf,"{\\upshape\\boldmath\\,$\\mid$}");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:2266:30: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (*p=='|') { strcat(outbuf,"{\\upshape\\,$\\mid\\mid$}");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:2268:15: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(outbuf,"{\\upshape\\,$\\mid$}"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:2270:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case '@': if (xbold) { strcat(outbuf,"{\\upshape\\boldmath$^\\circ$}");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:2272:15: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(outbuf,"{\\upshape$^\\circ$}"); break;
data/texlive-lang-2020.20200925/texmf-dist/doc/cstex/cspsfonts-gen/kernoff.c:15:10: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((c=fgetc(stdin))==EOF) return EOF;
data/texlive-lang-2020.20200925/texmf-dist/doc/cstex/cspsfonts-gen/kernoff.c:24:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((c=fgetc(stdin))==EOF) return s[i] = 0;
data/texlive-lang-2020.20200925/texmf-dist/doc/generic/t2/etc/t2filter.c:45:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!(n=read(0,buf,BUFSIZE)))
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:103:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(infilename,"");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:116:14: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(outfilename,"");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:118:14: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
default: strcpy(infilename,"");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:119:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while(strlen(infilename) == 0)
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:125:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(outfilename) == 0)
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:210:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(outbuf) < 81) { write_line(outbuf); break; }
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:307:21: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(err_str,")");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:368:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
{ strcat(bnbuf,"!"); i_ptr++; CI; }
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:631:18: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
{ case '0': strcat(work,"0"); break; /* numerals */
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:632:18: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
case '1': strcat(work,"1"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:633:18: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
case '2': strcat(work,"2"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:634:18: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
case '3': strcat(work,"3"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:635:18: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
case '4': strcat(work,"4"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:636:18: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
case '5': strcat(work,"5"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:637:18: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
case '6': strcat(work,"6"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:638:18: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
case '7': strcat(work,"7"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:639:18: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
case '8': strcat(work,"8"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:640:18: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
case '9': strcat(work,"9"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:643:18: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
case '|': strcat(work,"."); break; /* dnari */
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:646:18: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
case '~': strcat(work,"w"); break; /* candrabindu */
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:647:18: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
case 'H': strcat(work,"H"); break; /* visarga */
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:648:18: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
case 'M': strcat(work,"M"); break; /* anusvara */
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:663:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
{ case 'a': strcat(work,"a"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:693:8: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
{ strcat(msg,"r");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:694:22: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if (p==s_ptr) strcat(msg,"-");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:719:23: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if (++p == s_ptr) strcat(msg,"-");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:750:15: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
else { strcat(work,"r"); } /* ra */
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:763:23: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if (ac_char == 'A') { strcat(work,"A");} /* add aa-dia */
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:765:23: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if (ac_char == 'I') { strcat(work,"I"); } /* add ii-dia */
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:766:23: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if (ac_char == 'u') { strcat(work,"u");} /* add u-dia */
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:767:23: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if (ac_char == 'U') { strcat(work,"U");} /* add uu-dia */
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:768:23: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if (ac_char == 'x') { strcat(work,"W");} /* add .r dia */
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:771:40: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if (ac_char == 'o') { CAT(tmp,"e",""); strcat(work,"A");} /* add o-dia */
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:772:40: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if (ac_char == 'O') { CAT(tmp,"e",""); strcat(work,"O");} /* add au-dia */
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:800:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define LS(a,c,z) n=strlen(a); \
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:844:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(work,"k"); NR;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:847:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
case 'K': strcat(work,"K"); NR;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:856:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(work,"g"); NR;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:860:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(work,"G"); NR;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:870:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(work,"q"); NR;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:878:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(work,"c"); NR;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:881:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
case 'C': strcat(work,"C"); NR;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:891:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(work,"j"); NR;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:900:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(work,"J"); NR;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:913:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(work,"Q"); NR;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:919:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(work,"T"); NR;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:922:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
case 'F': strcat(work,"Z"); NR;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:926:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(work,"D"); NR;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:929:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
case 'Q': strcat(work,"X"); NR;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:938:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(work,"N"); NR;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:952:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(work,"t"); NR;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:957:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(work,"z"); NR;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:970:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(work,"d"); NR;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:976:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(work,"x"); NR;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:998:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(work,"n"); NR;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:1007:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(work,"p"); NR;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:1017:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(work,"f"); NR;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:1025:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(work,"b"); NR;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:1030:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(work,"v"); NR;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:1043:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(work,"m"); NR;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:1046:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
case 'y': strcat(work,"Y"); NR;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:1049:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
case 'Y': strcat(work,"y"); NR;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:1052:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
case 'r': strcat(work,"r"); NR;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:1065:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(work,"l"); NR;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:1075:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(work,"S"); NR;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:1087:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(work,"F"); NR;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:1112:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(work,"s"); NR;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:1122:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(work,"h"); NR;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:1125:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(work,"R"); NR;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:1127:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
case 'W': strcat(work,"V"); NR;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/bengali/beng.c:1129:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
case 'L': strcat(work,"B"); NR;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:166:14: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(outfilename,"");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:168:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
default: while(strlen(infilename) == 0)
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:173:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(outfilename) == 0)
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:271:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(outbuf) < 81) { write_line(outbuf); break; }
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:273:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ if (strlen(outbuf) > 250)
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:275:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line_cnt, (unsigned)strlen(outbuf) );
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:344:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(inbuf) == 0) eof_flag = TRUE;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:412:21: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(err_str,")");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:473:18: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if (!xlit) strcat(outbuf,"}");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:497:18: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if (!xlit) strcat(outbuf,"}");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:503:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
{ strcat(sktbuf,"-"); i_ptr++; CI; }
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:892:29: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
{ case 1: strcat(outbuf, "."); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:893:29: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
case 2: strcat(outbuf, ":"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:894:29: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
case 3: strcat(outbuf, ";"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:895:29: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
case 4: strcat(outbuf, "+"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:931:31: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
{ case 2: strcat(tmp,"."); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:932:31: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
case 1: strcat(tmp,":"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:933:31: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
case 0: strcat(tmp,";"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:961:26: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
case 3: strcat(work,"a"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1041:20: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
{ case 1: strcat(tmp,"."); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1042:20: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
case 2: strcat(tmp,":"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1043:20: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
case 3: strcat(tmp,";"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1044:20: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
case 4: strcat(tmp,"+"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1069:8: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
{ strcat(msg,"r");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1070:22: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if (p==s_ptr) strcat(msg,"-");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1097:23: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if (++p == s_ptr) strcat(msg,"-");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1166:20: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
{ case 1: strcat(work, "<"); v=10; h=5; j=4; break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1167:20: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
case 2: strcat(work, "M"); v=8; h=2; j=1; break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1169:20: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
case 4: strcat(work, "R"); v=8; h=2; j=2; break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1179:17: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if (top) strcat(work,"}");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1266:15: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if (t) strcat(work,"}");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1282:20: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if (virama) strcat(work,",");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1294:15: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if (v) strcat(work,"}");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1295:17: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if (bot) strcat(work,"}");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1322:20: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if ( h||v ) strcat(work,"}");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1358:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
{ case 1: strcat(work,"r"); if(rldep)rldep--; break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1365:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if (j) strcat(work,"}");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1387:64: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
for (j = 17; j < k; j++) strcat(work,"/");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1394:15: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
{ strcat(work,"a"); bwh=3; }
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1397:20: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
{ case 1: strcat(work,"."); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1398:20: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
case 2: strcat(work,":"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1399:20: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
case 3: strcat(work,";"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1400:20: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
case 4: strcat(work,"+"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1413:19: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if (end_bar) { strcat(work,"a"); bwh = 3; }
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1430:15: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
{ case 1: strcat(tmp,"."); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1431:15: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
case 2: strcat(tmp,":"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1432:15: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
case 3: strcat(tmp,";"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1433:15: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
case 4: strcat(tmp,"+"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1437:15: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
case 8: strcat(tmp,"*"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1450:45: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
for (j = 17; j < k; j++) strcat(tmp,"/");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1458:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
case 3: strcat(tmp,"a"); break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1516:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define LS(t,u,v,w) n=strlen(t); \
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:1520:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define LT(t,u,v,w,x,y,z) n=strlen(t); \
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:2055:15: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
case 1: strcat(work,"r" ); if(rldep) rldep--; break;
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:2057:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if (j) strcat(work,"}");
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:2213:34: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if (tech) strcat(outbuf,"}"); break; \
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:2215:24: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(outbuf,"}"); break; \
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:2217:24: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(outbuf,"}"); break; \
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:2236:22: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if (c != 0) strcat(outbuf,"}"); \
data/texlive-lang-2020.20200925/texmf-dist/source/latex/sanskrit/skt.c:2247:47: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if (*p == '#') { strcat(outbuf,"}"); p++; } \
ANALYSIS SUMMARY:
Hits = 417
Lines analyzed = 3629 in approximately 3.97 seconds (915 lines/second)
Physical Source Lines of Code (SLOC) = 2846
Hits@level = [0] 30 [1] 134 [2] 231 [3] 0 [4] 50 [5] 2
Hits@level+ = [0+] 447 [1+] 417 [2+] 283 [3+] 52 [4+] 52 [5+] 2
Hits/KSLOC@level+ = [0+] 157.063 [1+] 146.521 [2+] 99.4378 [3+] 18.2713 [4+] 18.2713 [5+] 0.702741
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.