Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/tin-2.4.5~20200522/include/bool.h
Examining data/tin-2.4.5~20200522/include/bugrep.h
Examining data/tin-2.4.5~20200522/include/debug.h
Examining data/tin-2.4.5~20200522/include/extern.h
Examining data/tin-2.4.5~20200522/include/keymap.h
Examining data/tin-2.4.5~20200522/include/missing_fd.h
Examining data/tin-2.4.5~20200522/include/newsrc.h
Examining data/tin-2.4.5~20200522/include/nntplib.h
Examining data/tin-2.4.5~20200522/include/plp_snprintf.h
Examining data/tin-2.4.5~20200522/include/policy.h
Examining data/tin-2.4.5~20200522/include/proto.h
Examining data/tin-2.4.5~20200522/include/rfc2046.h
Examining data/tin-2.4.5~20200522/include/stpwatch.h
Examining data/tin-2.4.5~20200522/include/tcurses.h
Examining data/tin-2.4.5~20200522/include/tin.h
Examining data/tin-2.4.5~20200522/include/tinrc.h
Examining data/tin-2.4.5~20200522/include/tnntp.h
Examining data/tin-2.4.5~20200522/include/trace.h
Examining data/tin-2.4.5~20200522/include/version.h
Examining data/tin-2.4.5~20200522/src/active.c
Examining data/tin-2.4.5~20200522/src/art.c
Examining data/tin-2.4.5~20200522/src/auth.c
Examining data/tin-2.4.5~20200522/src/charset.c
Examining data/tin-2.4.5~20200522/src/color.c
Examining data/tin-2.4.5~20200522/src/config.c
Examining data/tin-2.4.5~20200522/src/cook.c
Examining data/tin-2.4.5~20200522/src/curses.c
Examining data/tin-2.4.5~20200522/src/debug.c
Examining data/tin-2.4.5~20200522/src/envarg.c
Examining data/tin-2.4.5~20200522/src/feed.c
Examining data/tin-2.4.5~20200522/src/filter.c
Examining data/tin-2.4.5~20200522/src/getline.c
Examining data/tin-2.4.5~20200522/src/global.c
Examining data/tin-2.4.5~20200522/src/group.c
Examining data/tin-2.4.5~20200522/src/hashstr.c
Examining data/tin-2.4.5~20200522/src/header.c
Examining data/tin-2.4.5~20200522/src/heapsort.c
Examining data/tin-2.4.5~20200522/src/help.c
Examining data/tin-2.4.5~20200522/src/inews.c
Examining data/tin-2.4.5~20200522/src/joinpath.c
Examining data/tin-2.4.5~20200522/src/keymap.c
Examining data/tin-2.4.5~20200522/src/lang.c
Examining data/tin-2.4.5~20200522/src/langinfo.c
Examining data/tin-2.4.5~20200522/src/list.c
Examining data/tin-2.4.5~20200522/src/lock.c
Examining data/tin-2.4.5~20200522/src/mail.c
Examining data/tin-2.4.5~20200522/src/main.c
Examining data/tin-2.4.5~20200522/src/makecfg.c
Examining data/tin-2.4.5~20200522/src/memory.c
Examining data/tin-2.4.5~20200522/src/mimetypes.c
Examining data/tin-2.4.5~20200522/src/misc.c
Examining data/tin-2.4.5~20200522/src/newsrc.c
Examining data/tin-2.4.5~20200522/src/nntplib.c
Examining data/tin-2.4.5~20200522/src/nrctbl.c
Examining data/tin-2.4.5~20200522/src/options_menu.c
Examining data/tin-2.4.5~20200522/src/page.c
Examining data/tin-2.4.5~20200522/src/plp_snprintf.c
Examining data/tin-2.4.5~20200522/src/prompt.c
Examining data/tin-2.4.5~20200522/src/read.c
Examining data/tin-2.4.5~20200522/src/refs.c
Examining data/tin-2.4.5~20200522/src/regex.c
Examining data/tin-2.4.5~20200522/src/rfc1524.c
Examining data/tin-2.4.5~20200522/src/rfc2045.c
Examining data/tin-2.4.5~20200522/src/rfc2046.c
Examining data/tin-2.4.5~20200522/src/rfc2047.c
Examining data/tin-2.4.5~20200522/src/save.c
Examining data/tin-2.4.5~20200522/src/screen.c
Examining data/tin-2.4.5~20200522/src/search.c
Examining data/tin-2.4.5~20200522/src/select.c
Examining data/tin-2.4.5~20200522/src/sigfile.c
Examining data/tin-2.4.5~20200522/src/signal.c
Examining data/tin-2.4.5~20200522/src/strftime.c
Examining data/tin-2.4.5~20200522/src/string.c
Examining data/tin-2.4.5~20200522/src/tags.c
Examining data/tin-2.4.5~20200522/src/tcurses.c
Examining data/tin-2.4.5~20200522/src/tmpfile.c
Examining data/tin-2.4.5~20200522/src/my_tmpfile.c
Examining data/tin-2.4.5~20200522/src/thread.c
Examining data/tin-2.4.5~20200522/src/trace.c
Examining data/tin-2.4.5~20200522/src/version.c
Examining data/tin-2.4.5~20200522/src/wildmat.c
Examining data/tin-2.4.5~20200522/src/xface.c
Examining data/tin-2.4.5~20200522/src/xref.c
Examining data/tin-2.4.5~20200522/src/pgp.c
Examining data/tin-2.4.5~20200522/src/post.c
Examining data/tin-2.4.5~20200522/src/attrib.c
Examining data/tin-2.4.5~20200522/src/init.c
Examining data/tin-2.4.5~20200522/pcre/config.h
Examining data/tin-2.4.5~20200522/pcre/dftables.c
Examining data/tin-2.4.5~20200522/pcre/pcre.h
Examining data/tin-2.4.5~20200522/pcre/pcre_compile.c
Examining data/tin-2.4.5~20200522/pcre/pcre_config.c
Examining data/tin-2.4.5~20200522/pcre/pcre_dfa_exec.c
Examining data/tin-2.4.5~20200522/pcre/pcre_exec.c
Examining data/tin-2.4.5~20200522/pcre/pcre_fullinfo.c
Examining data/tin-2.4.5~20200522/pcre/pcre_get.c
Examining data/tin-2.4.5~20200522/pcre/pcre_globals.c
Examining data/tin-2.4.5~20200522/pcre/pcre_info.c
Examining data/tin-2.4.5~20200522/pcre/pcre_internal.h
Examining data/tin-2.4.5~20200522/pcre/pcre_maketables.c
Examining data/tin-2.4.5~20200522/pcre/pcre_newline.c
Examining data/tin-2.4.5~20200522/pcre/pcre_ord2utf8.c
Examining data/tin-2.4.5~20200522/pcre/pcre_refcount.c
Examining data/tin-2.4.5~20200522/pcre/pcre_study.c
Examining data/tin-2.4.5~20200522/pcre/pcre_tables.c
Examining data/tin-2.4.5~20200522/pcre/pcre_try_flipped.c
Examining data/tin-2.4.5~20200522/pcre/pcre_ucp_searchfuncs.c
Examining data/tin-2.4.5~20200522/pcre/pcre_valid_utf8.c
Examining data/tin-2.4.5~20200522/pcre/pcre_version.c
Examining data/tin-2.4.5~20200522/pcre/pcre_xclass.c
Examining data/tin-2.4.5~20200522/pcre/pcredemo.c
Examining data/tin-2.4.5~20200522/pcre/pcregrep.c
Examining data/tin-2.4.5~20200522/pcre/pcreposix.c
Examining data/tin-2.4.5~20200522/pcre/pcreposix.h
Examining data/tin-2.4.5~20200522/pcre/pcretest.c
Examining data/tin-2.4.5~20200522/pcre/ucp.h
Examining data/tin-2.4.5~20200522/pcre/ucpinternal.h
Examining data/tin-2.4.5~20200522/pcre/ucptable.c
Examining data/tin-2.4.5~20200522/libcanlock/src/base64.c
Examining data/tin-2.4.5~20200522/libcanlock/src/canlock.c
Examining data/tin-2.4.5~20200522/libcanlock/src/hmac.c
Examining data/tin-2.4.5~20200522/libcanlock/src/secret.c
Examining data/tin-2.4.5~20200522/libcanlock/src/sha1.c
Examining data/tin-2.4.5~20200522/libcanlock/src/sha224-256.c
Examining data/tin-2.4.5~20200522/libcanlock/src/sha384-512.c
Examining data/tin-2.4.5~20200522/libcanlock/src/usha.c
Examining data/tin-2.4.5~20200522/libcanlock/include/base64.h
Examining data/tin-2.4.5~20200522/libcanlock/include/canlock.h
Examining data/tin-2.4.5~20200522/libcanlock/include/canlock-private.h
Examining data/tin-2.4.5~20200522/libcanlock/include/config.h
Examining data/tin-2.4.5~20200522/libcanlock/include/sha-private.h
Examining data/tin-2.4.5~20200522/libcanlock/include/sha.h
Examining data/tin-2.4.5~20200522/libcanlock/test/canlocktest.c
Examining data/tin-2.4.5~20200522/libcanlock/test/canlocktest_legacy.c
Examining data/tin-2.4.5~20200522/libcanlock/test/hkdf.c
Examining data/tin-2.4.5~20200522/libcanlock/test/shatest.c
Examining data/tin-2.4.5~20200522/libcanlock/util/canlock.c
Examining data/tin-2.4.5~20200522/intl/bindtextdom.c
Examining data/tin-2.4.5~20200522/intl/dcgettext.c
Examining data/tin-2.4.5~20200522/intl/dcigettext.c
Examining data/tin-2.4.5~20200522/intl/dcngettext.c
Examining data/tin-2.4.5~20200522/intl/dgettext.c
Examining data/tin-2.4.5~20200522/intl/dngettext.c
Examining data/tin-2.4.5~20200522/intl/explodename.c
Examining data/tin-2.4.5~20200522/intl/finddomain.c
Examining data/tin-2.4.5~20200522/intl/gettext.c
Examining data/tin-2.4.5~20200522/intl/gettext.h
Examining data/tin-2.4.5~20200522/intl/gettextP.h
Examining data/tin-2.4.5~20200522/intl/hash-string.h
Examining data/tin-2.4.5~20200522/intl/intl-compat.c
Examining data/tin-2.4.5~20200522/intl/l10nflist.c
Examining data/tin-2.4.5~20200522/intl/libgettext.h
Examining data/tin-2.4.5~20200522/intl/libgnuintl.h
Examining data/tin-2.4.5~20200522/intl/loadinfo.h
Examining data/tin-2.4.5~20200522/intl/loadmsgcat.c
Examining data/tin-2.4.5~20200522/intl/localcharset.c
Examining data/tin-2.4.5~20200522/intl/localealias.c
Examining data/tin-2.4.5~20200522/intl/ngettext.c
Examining data/tin-2.4.5~20200522/intl/plural.c
Examining data/tin-2.4.5~20200522/intl/textdomain.c
Examining data/tin-2.4.5~20200522/debian/patches/misc_autoconf.h
FINAL RESULTS:
data/tin-2.4.5~20200522/src/attrib.c:1564:2: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(new_file, (mode_t) (S_IRUSR|S_IWUSR));
data/tin-2.4.5~20200522/src/config.c:1493:2: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(file_tmp, (mode_t) (S_IRUSR|S_IWUSR)); /* rename_file() preserves mode */
data/tin-2.4.5~20200522/src/config.c:2238:2: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(file_tmp, (mode_t) (S_IRUSR|S_IWUSR)); /* rename_file() preserves mode */
data/tin-2.4.5~20200522/src/debug.c:173:3: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(file, (S_IRUGO|S_IWUGO));
data/tin-2.4.5~20200522/src/debug.c:217:3: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(file, (S_IRUGO|S_IWUGO));
data/tin-2.4.5~20200522/src/debug.c:284:3: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(file, (S_IRUGO|S_IWUGO));
data/tin-2.4.5~20200522/src/debug.c:355:3: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(file, (S_IRUGO|S_IWUGO));
data/tin-2.4.5~20200522/src/debug.c:389:3: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(file, (S_IRUGO|S_IWUGO));
data/tin-2.4.5~20200522/src/debug.c:443:4: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(file, (S_IRUGO|S_IWUGO));
data/tin-2.4.5~20200522/src/init.c:919:5: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(posted_info_file, (mode_t) (S_IRUSR|S_IWUSR));
data/tin-2.4.5~20200522/src/misc.c:245:3: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(backupname, mode);
data/tin-2.4.5~20200522/src/misc.c:726:10: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
return chmod(path, mode);
data/tin-2.4.5~20200522/src/misc.c:784:5: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(new_filename, mode);
data/tin-2.4.5~20200522/src/misc.c:1164:3: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(the_lock_file, (mode_t) (S_IRUSR|S_IWUSR));
data/tin-2.4.5~20200522/src/misc.c:2306:2: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(file_tmp, (mode_t) (S_IRUSR|S_IWUSR)); /* rename_file() preserves mode */
data/tin-2.4.5~20200522/src/misc.c:2314:3: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(local_input_history_file, (mode_t) (S_IRUSR|S_IWUSR));
data/tin-2.4.5~20200522/src/newsrc.c:231:4: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(newnewsrc, newsrc_mode);
data/tin-2.4.5~20200522/src/newsrc.c:354:3: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(newsrc_file, newsrc_mode);
data/tin-2.4.5~20200522/src/newsrc.c:572:3: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(newnewsrc, newsrc_mode);
data/tin-2.4.5~20200522/src/newsrc.c:637:4: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(newnewsrc, newsrc_mode);
data/tin-2.4.5~20200522/src/newsrc.c:686:4: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(newnewsrc, newsrc_mode);
data/tin-2.4.5~20200522/src/newsrc.c:1250:3: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(newnewsrc, newsrc_mode);
data/tin-2.4.5~20200522/src/nrctbl.c:79:2: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(local_newsrctable_file, (mode_t) (S_IRUSR|S_IWUSR));
data/tin-2.4.5~20200522/src/post.c:2207:2: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(article_name, (mode_t) (S_IRUSR|S_IWUSR));
data/tin-2.4.5~20200522/src/post.c:2985:2: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(article_name, (mode_t) (S_IRUSR|S_IWUSR));
data/tin-2.4.5~20200522/src/post.c:3163:2: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(filename, (mode_t) (S_IRUSR|S_IWUSR));
data/tin-2.4.5~20200522/src/post.c:3883:2: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(cancel, (mode_t) (S_IRUSR|S_IWUSR));
data/tin-2.4.5~20200522/src/post.c:4115:2: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(article_name, (mode_t) (S_IRUSR|S_IWUSR));
data/tin-2.4.5~20200522/src/post.c:5279:4: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(path_secret, S_IRUSR|S_IWUSR);
data/tin-2.4.5~20200522/src/save.c:1009:5: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(path, mode);
data/tin-2.4.5~20200522/include/debug.h:60:23: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define DEBUG_IO(x) fprintf x
data/tin-2.4.5~20200522/include/extern.h:115:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
extern int fprintf(FILE *, const char *, ...);
data/tin-2.4.5~20200522/include/extern.h:148:15: [4] (misc) getlogin:
It's often easy to fool getlogin. Sometimes it does not work at all,
because some program messed up the utmp file. Often, it gives only the
first 8 characters of the login name. The user currently logged in on the
controlling tty of our program need not be the user who started it. Avoid
getlogin() for security-related purposes (CWE-807). Use getpwuid(geteuid())
and extract the desired information instead.
extern char *getlogin(void);
data/tin-2.4.5~20200522/include/extern.h:198:15: [4] (tmpfile) mktemp:
Temporary file race condition (CWE-377).
extern char *mktemp(char *);
data/tin-2.4.5~20200522/include/extern.h:207:15: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
extern FILE *popen(const char *, const char *);
data/tin-2.4.5~20200522/include/extern.h:210:13: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
extern int printf(const char *, ...);
data/tin-2.4.5~20200522/include/extern.h:237:13: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
extern int snprintf(char *, size_t, const char *, ...);
data/tin-2.4.5~20200522/include/extern.h:240:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
extern int sscanf(const char *, const char *, ...);
data/tin-2.4.5~20200522/include/extern.h:267:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
extern int system(const char *);
data/tin-2.4.5~20200522/include/extern.h:322:13: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
extern int vsnprintf(char *, size_t, const char *, va_list);
data/tin-2.4.5~20200522/include/extern.h:326:13: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
extern int vsprintf(char *, char *, va_list);
data/tin-2.4.5~20200522/include/stpwatch.h:57:31: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
# define BegStopWatch(msg) {strcpy (msg_tb, msg); ftime (&beg_tb);}
data/tin-2.4.5~20200522/include/stpwatch.h:61:30: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
# define PrintStopWatch() {sprintf (tmp_tb, "%s: Beg=[%ld.%d] End=[%ld.%d] Elap=[%ld ms]", \
data/tin-2.4.5~20200522/include/stpwatch.h:78:31: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
# define BegStopWatch(msg) {strcpy (msg_tb, msg); \
data/tin-2.4.5~20200522/include/stpwatch.h:89:30: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
# define PrintStopWatch() {sprintf (tmp_tb, "StopWatch(%s): %6.3f ms", msg_tb, d_time); \
data/tin-2.4.5~20200522/include/tcurses.h:115:37: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# if defined(__GNUC__) && !defined(printf)
data/tin-2.4.5~20200522/include/tcurses.h:116:24: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf,2,3)))
data/tin-2.4.5~20200522/include/tcurses.h:120:37: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# if defined(__GNUC__) && !defined(printf)
data/tin-2.4.5~20200522/include/tcurses.h:121:24: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf,1,2)))
data/tin-2.4.5~20200522/include/tcurses.h:169:23: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define my_printf printf
data/tin-2.4.5~20200522/include/tcurses.h:170:24: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define my_fprintf fprintf
data/tin-2.4.5~20200522/include/tin.h:2351:12: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
extern int fprintf(FILE *, const char *, ...);
data/tin-2.4.5~20200522/include/tin.h:2431:10: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
# define snprintf plp_snprintf
data/tin-2.4.5~20200522/include/tin.h:2434:10: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
# define vsnprintf plp_vsnprintf
data/tin-2.4.5~20200522/include/trace.h:54:38: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# if defined(__GNUC__) && !defined(printf)
data/tin-2.4.5~20200522/include/trace.h:55:25: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format(printf,1,2)))
data/tin-2.4.5~20200522/intl/localcharset.c:161:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (res_ptr + res_size - (l2 + 1) - (l1 + 1), buf1);
data/tin-2.4.5~20200522/intl/localcharset.c:162:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (res_ptr + res_size - (l2 + 1), buf2);
data/tin-2.4.5~20200522/intl/plural.c:549:28: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define YYFPRINTF YYSTD (fprintf)
data/tin-2.4.5~20200522/libcanlock/test/canlocktest.c:172:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(uid_mid, uid);
data/tin-2.4.5~20200522/libcanlock/test/canlocktest.c:173:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(uid_mid, mid);
data/tin-2.4.5~20200522/libcanlock/test/canlocktest_legacy.c:115:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(canlock, "%s", "sha1:bNXHc6ohSmeHaRHHW56BIWZJt+4=");
data/tin-2.4.5~20200522/libcanlock/test/canlocktest_legacy.c:116:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cankey, "%s", "sha1:aaaBBBcccDDDeeeFFF");
data/tin-2.4.5~20200522/libcanlock/test/canlocktest_legacy.c:123:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(canlock, "%s", "SHA1:H7/zsCUemvbvSDyARDaMs6AQu5s=");
data/tin-2.4.5~20200522/libcanlock/test/canlocktest_legacy.c:124:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cankey, "%s", "sha1:chW8hNeDx3iNUsGBU6/ezDk88P4=");
data/tin-2.4.5~20200522/libcanlock/test/canlocktest_legacy.c:127:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(canlock, "%s", "SHA1:H7/zsCUemvbvSDyARDaMs6AQu5s=");
data/tin-2.4.5~20200522/libcanlock/test/canlocktest_legacy.c:128:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cankey, "%s", "sha1:4srkWaRIzvK51ArAP:Hc");
data/tin-2.4.5~20200522/libcanlock/test/canlocktest_legacy.c:135:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(canlock, "%s", "sha1:JyEBL4w9/abCBuzCxMIE/E73GM4=");
data/tin-2.4.5~20200522/libcanlock/test/canlocktest_legacy.c:136:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cankey, "%s", "sha1:K4rkWRjRcXmIzvK51ArAP:Jy");
data/tin-2.4.5~20200522/libcanlock/test/canlocktest_legacy.c:139:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(canlock, "%s", "sha1:2Bmg+zWaY1noRiCdy8k3IapwSDU=");
data/tin-2.4.5~20200522/libcanlock/test/canlocktest_legacy.c:140:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cankey, "%s", "sha1:K4rkWRjRcXmIzvK51ArAP:Jy");
data/tin-2.4.5~20200522/libcanlock/util/canlock.c:261:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(key, opt_value);
data/tin-2.4.5~20200522/pcre/pcre_internal.h:64:20: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DPRINTF(p) printf p
data/tin-2.4.5~20200522/pcre/pcregrep.c:821:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(endptr, jfriedl_prefix); endptr += strlen(jfriedl_prefix);
data/tin-2.4.5~20200522/pcre/pcregrep.c:826:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(endptr, jfriedl_postfix); endptr += strlen(jfriedl_postfix);
data/tin-2.4.5~20200522/pcre/pcregrep.c:1404:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "%s%.*s%s", prefix[process_options], MBUFTHIRD, pattern,
data/tin-2.4.5~20200522/pcre/pcregrep.c:1583:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff2, "%s%.*s", buff1, strlen(op->long_name) - baselen - 2,
data/tin-2.4.5~20200522/pcre/pcreposix.c:161:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "%s%s%-6d", message, addmessage, (int)preg->re_erroffset);
data/tin-2.4.5~20200522/pcre/pcretest.c:1091:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *)pbuffer, (char *)p);
data/tin-2.4.5~20200522/src/active.c:255:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(moderated, r);
data/tin-2.4.5~20200522/src/active.c:302:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(moderated, s);
data/tin-2.4.5~20200522/src/active.c:416:12: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(line, fmt, &count, &min, &max, ngname) != 4) {
data/tin-2.4.5~20200522/src/active.c:1328:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(group_path, path);
data/tin-2.4.5~20200522/src/art.c:243:8: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(line, "%"T_ARTNUM_SFMT" %"T_ARTNUM_SFMT, &count, &start) != 2)
data/tin-2.4.5~20200522/src/art.c:315:8: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(line, "%"T_ARTNUM_SFMT" %"T_ARTNUM_SFMT" %"T_ARTNUM_SFMT, &count, &start, &last) != 3)
data/tin-2.4.5~20200522/src/art.c:370:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(group_path, R_OK) != 0)
data/tin-2.4.5~20200522/src/art.c:644:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), "HEAD %"T_ARTNUM_PFMT, art);
data/tin-2.4.5~20200522/src/art.c:675:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), "HEAD %"T_ARTNUM_PFMT, art);
data/tin-2.4.5~20200522/src/art.c:706:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), "%"T_ARTNUM_PFMT, art);
data/tin-2.4.5~20200522/src/art.c:756:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(group_msg, sizeof(group_msg), _(txt_group), cCOLS - MIN(cCOLS - 1, strwidth(_(txt_group))) + 2 - 3, group->name);
data/tin-2.4.5~20200522/src/art.c:1753:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(nntp_caps.headers_range, ptr);
data/tin-2.4.5~20200522/src/art.c:1773:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(cmd, sizeof(cmd), "%s Path %"T_ARTNUM_PFMT, nntp_caps.hdr_cmd, min);
data/tin-2.4.5~20200522/src/art.c:1775:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(cmd, sizeof(cmd), "%s Path %"T_ARTNUM_PFMT"-%"T_ARTNUM_PFMT, nntp_caps.hdr_cmd, min, max);
data/tin-2.4.5~20200522/src/art.c:2328:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(nntp_caps.headers_range, ptr);
data/tin-2.4.5~20200522/src/art.c:2350:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(cbuf, sizeof(cbuf), "%s XREF %"T_ARTNUM_PFMT"-%"T_ARTNUM_PFMT, nntp_caps.hdr_cmd, min, MAX(min, max));
data/tin-2.4.5~20200522/src/art.c:2668:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(nov_file, R_OK) == 0) {
data/tin-2.4.5~20200522/src/art.c:3315:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(line, sizeof(line), "%s %"T_ARTNUM_PFMT, nntp_caps.over_cmd, min);
data/tin-2.4.5~20200522/src/art.c:3317:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(line, sizeof(line), "%s %"T_ARTNUM_PFMT"-%"T_ARTNUM_PFMT, nntp_caps.over_cmd, min, MAX(min, max));
data/tin-2.4.5~20200522/src/attrib.c:572:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(gbuf, DEFAULT_GROUP_FORMAT);
data/tin-2.4.5~20200522/src/attrib.c:573:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tbuf, DEFAULT_THREAD_FORMAT);
data/tin-2.4.5~20200522/src/attrib.c:594:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(newbuf, "%s %s", buf, "%G");
data/tin-2.4.5~20200522/src/auth.c:158:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(authuser, ptr); /* so will replace default user */
data/tin-2.4.5~20200522/src/auth.c:160:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(authpass, _authpass);
data/tin-2.4.5~20200522/src/charset.c:309:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(to, from);
data/tin-2.4.5~20200522/src/charset.c:322:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(to, tex_to[i]);
data/tin-2.4.5~20200522/src/config.c:903:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tinrc.mm_local_charset, tinrc.mm_charset);
data/tin-2.4.5~20200522/src/config.c:934:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, txt_tinrc_header, PRODUCT, TINRC_VERSION, tin_progname, VERSION, RELEASEDATE, RELEASENAME);
data/tin-2.4.5~20200522/src/config.c:1884:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(newbuf, "%s %s", tinrc.sigfile, "%G");
data/tin-2.4.5~20200522/src/config.c:2085:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(newbuf, "%s %s", tinrc.sigfile, "%G");
data/tin-2.4.5~20200522/src/config.c:2226:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, _(txt_serverconfig_header), PRODUCT, tin_progname, VERSION, RELEASEDATE, RELEASENAME, PRODUCT, PRODUCT);
data/tin-2.4.5~20200522/src/cook.c:144:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*line, buf);
data/tin-2.4.5~20200522/src/cook.c:191:2: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(*wline, wbuf);
data/tin-2.4.5~20200522/src/cook.c:226:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buf, buf_len + 1, fmt, ap);
data/tin-2.4.5~20200522/src/cook.c:458:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(line, buf);
data/tin-2.4.5~20200522/src/cook.c:900:8: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(l, bar);
data/tin-2.4.5~20200522/src/curses.c:186:30: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
# define dCAPNAME(a,b) strcpy(_terminal, b)
data/tin-2.4.5~20200522/src/feed.c:304:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), _(txt_art_thread_regex_tag),
data/tin-2.4.5~20200522/src/feed.c:372:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(what, sizeof(what), _(txt_prefix_hot), PLURAL(fed, txt_article));
data/tin-2.4.5~20200522/src/feed.c:376:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(what, sizeof(what), _(txt_prefix_tagged), PLURAL(fed, txt_article));
data/tin-2.4.5~20200522/src/feed.c:397:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), _(txt_saved_to),
data/tin-2.4.5~20200522/src/feed.c:400:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), _(txt_saved_to_range),
data/tin-2.4.5~20200522/src/feed.c:656:19: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((pipe_fp = popen(tinrc.default_pipe_command, "w")) == NULL) {
data/tin-2.4.5~20200522/src/feed.c:735:6: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), _(txt_supersede_article),
data/tin-2.4.5~20200522/src/feed.c:1074:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(file, sizeof(file), TIN_PRINTFILE, respnum);
data/tin-2.4.5~20200522/src/feed.c:1077:12: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((fp = popen(command, "w")) == NULL)
data/tin-2.4.5~20200522/src/filter.c:387:8: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ptr[i].from, from);
data/tin-2.4.5~20200522/src/filter.c:465:8: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ptr[i].msgid, msgid);
data/tin-2.4.5~20200522/src/filter.c:480:8: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ptr[i].msgid, msgid);
data/tin-2.4.5~20200522/src/filter.c:495:8: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ptr[i].msgid, msgid);
data/tin-2.4.5~20200522/src/filter.c:513:8: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ptr[i].path, path);
data/tin-2.4.5~20200522/src/filter.c:529:8: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ptr[i].msgid, msgid);
data/tin-2.4.5~20200522/src/filter.c:546:8: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ptr[i].subj, subj);
data/tin-2.4.5~20200522/src/filter.c:620:8: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ptr[i].xref, xref);
data/tin-2.4.5~20200522/src/filter.c:1044:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(dest, dest_len, fmt_str, buf);
data/tin-2.4.5~20200522/src/filter.c:1144:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(text_time, sizeof(text_time), _(txt_time_default_days), tinrc.filter_days);
data/tin-2.4.5~20200522/src/filter.c:1146:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(text_score, sizeof(text_score), _(txt_filter_score), (type == GLOBAL_MENU_FILTER_KILL ? -tinrc.score_kill : tinrc.score_select));
data/tin-2.4.5~20200522/src/filter.c:1349:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), _(txt_filter_score_help), SCORE_MAX);
data/tin-2.4.5~20200522/src/filter.c:1595:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rule.scope, group->name);
data/tin-2.4.5~20200522/src/filter.c:1709:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(acbuf, sizeof(acbuf), REGEX_FMT, quote_wild_whitespace(rule->text));
data/tin-2.4.5~20200522/src/filter.c:1744:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(acbuf, sizeof(acbuf), REGEX_FMT, (rule->check_string ? quote_wild(sbuf) : sbuf));
data/tin-2.4.5~20200522/src/filter.c:1749:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(acbuf, sizeof(acbuf), REGEX_FMT, quote_wild(sbuf));
data/tin-2.4.5~20200522/src/filter.c:1783:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(acbuf, sizeof(acbuf), REGEX_FMT, quote_wild(sbuf));
data/tin-2.4.5~20200522/src/getline.c:736:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(gl_buf, input_history[w][hist_pos[w]]);
data/tin-2.4.5~20200522/src/getline.c:769:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(gl_buf, input_history[w][hist_pos[w]]);
data/tin-2.4.5~20200522/src/group.c:833:7: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(pat, sizeof(pat), REGEX_FMT, tinrc.default_select_pattern);
data/tin-2.4.5~20200522/src/group.c:1217:8: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, tmp);
data/tin-2.4.5~20200522/src/group.c:1237:8: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, tmp);
data/tin-2.4.5~20200522/src/group.c:1257:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, tmp);
data/tin-2.4.5~20200522/src/group.c:1268:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, tin_ltoa(arts[j].line_count, grp_fmt.len_linecnt));
data/tin-2.4.5~20200522/src/group.c:1285:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, tmp_buf);
data/tin-2.4.5~20200522/src/group.c:1292:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, tmp);
data/tin-2.4.5~20200522/src/group.c:1302:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, tin_ltoa(i + 1, grp_fmt.len_linenumber));
data/tin-2.4.5~20200522/src/group.c:1308:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, tin_ltoa(n, grp_fmt.len_respcnt));
data/tin-2.4.5~20200522/src/group.c:1318:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, tin_ltoa(sbuf.score, grp_fmt.len_score));
data/tin-2.4.5~20200522/src/group.c:1333:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, tmp);
data/tin-2.4.5~20200522/src/group.c:1358:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strip_line(buffer), cCRLF);
data/tin-2.4.5~20200522/src/group.c:1424:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, tmp);
data/tin-2.4.5~20200522/src/group.c:1435:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, tmp);
data/tin-2.4.5~20200522/src/group.c:1443:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, tmp);
data/tin-2.4.5~20200522/src/group.c:1450:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, tmp);
data/tin-2.4.5~20200522/src/group.c:1458:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, tmp);
data/tin-2.4.5~20200522/src/group.c:1625:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), _(txt_mark_arts_read), (func == CATCHUP_NEXT_UNREAD) ? _(txt_enter_next_unread_group) : "");
data/tin-2.4.5~20200522/src/hashstr.c:116:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p->txt, s); /* Copy in the text */
data/tin-2.4.5~20200522/src/header.c:99:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(domain, DOMAIN_NAME);
data/tin-2.4.5~20200522/src/header.c:110:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(domain, buff);
data/tin-2.4.5~20200522/src/header.c:231:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(full_name, ptr);
data/tin-2.4.5~20200522/src/header.c:233:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(user_name, ptr);
data/tin-2.4.5~20200522/src/header.c:314:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(from_name, thisgrp->attribute->from);
data/tin-2.4.5~20200522/src/header.c:318:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(from_name, ((strpbrk(get_full_name(), "!()<>@,;:\\\".[]")) ? "\"%s\" <%s@%s>" : "%s <%s@%s>"), BlankIfNull(get_full_name()), BlankIfNull(get_user_name()), BlankIfNull(fromhost));
data/tin-2.4.5~20200522/src/header.c:342:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(sender, sizeof(sender), ((strpbrk(ptr, "\".:;<>@[]()\\")) ? "\"%s\"" : "%s "), ptr);
data/tin-2.4.5~20200522/src/help.c:774:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, bufs, _(txt_mini_attachment_1),
data/tin-2.4.5~20200522/src/help.c:781:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, bufs, _(txt_mini_attachment_2),
data/tin-2.4.5~20200522/src/help.c:790:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, bufs, _(txt_mini_attachment_2),
data/tin-2.4.5~20200522/src/help.c:798:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, bufs, _(txt_mini_attachment_3),
data/tin-2.4.5~20200522/src/help.c:807:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, bufs, _(txt_mini_scope_1),
data/tin-2.4.5~20200522/src/help.c:813:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, bufs, _(txt_mini_scope_2),
data/tin-2.4.5~20200522/src/help.c:822:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, bufs, _(txt_mini_select_1),
data/tin-2.4.5~20200522/src/help.c:828:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, bufs, _(txt_mini_select_2),
data/tin-2.4.5~20200522/src/help.c:836:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, bufs, _(txt_mini_select_3),
data/tin-2.4.5~20200522/src/help.c:846:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, bufs, _(txt_mini_group_1),
data/tin-2.4.5~20200522/src/help.c:851:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, bufs, _(txt_mini_group_2),
data/tin-2.4.5~20200522/src/help.c:861:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, bufs, _(txt_mini_group_3),
data/tin-2.4.5~20200522/src/help.c:869:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, bufs, _(txt_mini_group_3),
data/tin-2.4.5~20200522/src/help.c:879:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, bufs, _(txt_mini_group_3),
data/tin-2.4.5~20200522/src/help.c:888:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, bufs, _(txt_mini_group_3),
data/tin-2.4.5~20200522/src/help.c:905:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, bufs, _(txt_mini_thread_1),
data/tin-2.4.5~20200522/src/help.c:910:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, bufs, _(txt_mini_thread_2),
data/tin-2.4.5~20200522/src/help.c:921:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, bufs, _(txt_mini_page_1),
data/tin-2.4.5~20200522/src/help.c:926:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, bufs, _(txt_mini_page_2),
data/tin-2.4.5~20200522/src/help.c:935:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, bufs, _(txt_mini_page_3),
data/tin-2.4.5~20200522/src/help.c:944:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, bufs, _(txt_mini_page_3),
data/tin-2.4.5~20200522/src/help.c:954:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, bufs, _(txt_mini_page_3),
data/tin-2.4.5~20200522/src/help.c:963:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, bufs, _(txt_mini_page_3),
data/tin-2.4.5~20200522/src/help.c:980:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, bufs, _(txt_mini_url_1),
data/tin-2.4.5~20200522/src/help.c:986:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, bufs, _(txt_mini_url_2),
data/tin-2.4.5~20200522/src/help.c:994:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, bufs, _(txt_mini_info_1),
data/tin-2.4.5~20200522/src/help.c:1002:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, bufs, _(txt_mini_info_2),
data/tin-2.4.5~20200522/src/inews.c:358:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(a_message_id, ptr); /* copy Message-ID */
data/tin-2.4.5~20200522/src/inews.c:371:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(a_message_id, message_id);
data/tin-2.4.5~20200522/src/inews.c:429:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tinrc.inews_prog, INTERNAL_CMD);
data/tin-2.4.5~20200522/src/init.c:739:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(cvers, sizeof(cvers), txt_copyright_notice, page_header);
data/tin-2.4.5~20200522/src/init.c:854:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tinrc.mailer_format, MAILER_FORMAT);
data/tin-2.4.5~20200522/src/init.c:857:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tinrc.printer, DEFAULT_PRINTER);
data/tin-2.4.5~20200522/src/init.c:859:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tinrc.inews_prog, PATH_INEWS);
data/tin-2.4.5~20200522/src/init.c:904:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tmp, sizeof(tmp), INDEX_LOCK, userid);
data/tin-2.4.5~20200522/src/init.c:928:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(txt_help_bug_report, sizeof(txt_help_bug_report), _(txt_help_bug), bug_addr);
data/tin-2.4.5~20200522/src/lock.c:274:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lockfile, filename);
data/tin-2.4.5~20200522/src/lock.c:275:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(lockfile, LOCK_SUFFIX);
data/tin-2.4.5~20200522/src/mail.c:623:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(artnum, sizeof(artnum), "%"T_ARTNUM_PFMT, article->artnum);
data/tin-2.4.5~20200522/src/mail.c:655:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), "%"T_ARTNUM_PFMT, article->artnum);
data/tin-2.4.5~20200522/src/main.c:974:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), _(txt_intro_page), PRODUCT, PRODUCT, PRODUCT, bug_addr);
data/tin-2.4.5~20200522/src/makecfg.c:92:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
return strcpy(buf, string);
data/tin-2.4.5~20200522/src/makecfg.c:248:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "%s,", is_opt ? p->type : "OPT_LIST");
data/tin-2.4.5~20200522/src/mimetypes.c:184:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(type, major);
data/tin-2.4.5~20200522/src/mimetypes.c:186:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(type, minor);
data/tin-2.4.5~20200522/src/misc.c:110:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_tmp, "%s.tmp", filename);
data/tin-2.4.5~20200522/src/misc.c:294:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, initl);
data/tin-2.4.5~20200522/src/misc.c:412:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fnameb, BACKUP_FILE_EXT);
data/tin-2.4.5~20200522/src/misc.c:724:3: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(buf);
data/tin-2.4.5~20200522/src/misc.c:826:8: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ret = system(nam);
data/tin-2.4.5~20200522/src/misc.c:891:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file, fullpath);
data/tin-2.4.5~20200522/src/misc.c:895:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file, fullpath + i + 1);
data/tin-2.4.5~20200522/src/misc.c:917:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dir, d);
data/tin-2.4.5~20200522/src/misc.c:1246:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, tbuf);
data/tin-2.4.5~20200522/src/misc.c:1329:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, tbuf);
data/tin-2.4.5~20200522/src/misc.c:1401:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, tbuf);
data/tin-2.4.5~20200522/src/misc.c:1440:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, tbuf);
data/tin-2.4.5~20200522/src/misc.c:1471:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, tbuf);
data/tin-2.4.5~20200522/src/misc.c:1560:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tbuf, "%s/", pwd->pw_dir);
data/tin-2.4.5~20200522/src/misc.c:1670:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, tbuf);
data/tin-2.4.5~20200522/src/misc.c:1690:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, pbuf);
data/tin-2.4.5~20200522/src/misc.c:2049:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s, tbuf);
data/tin-2.4.5~20200522/src/misc.c:2421:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(clocal_charset, local_charset);
data/tin-2.4.5~20200522/src/misc.c:2552:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*line, obuf);
data/tin-2.4.5~20200522/src/misc.c:2627:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(line, obuf); /* FIXME: here we assume that line is big enough to hold obuf */
data/tin-2.4.5~20200522/src/misc.c:3431:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(address, addr_begin + 1);
data/tin-2.4.5~20200522/src/misc.c:3446:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(realname, addr_begin);
data/tin-2.4.5~20200522/src/misc.c:3464:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(address, addr_begin);
data/tin-2.4.5~20200522/src/misc.c:3487:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(realname, addr_begin + 1);
data/tin-2.4.5~20200522/src/misc.c:3580:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(realname, decoded);
data/tin-2.4.5~20200522/src/misc.c:3855:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(t, "%s%s", out, s);
data/tin-2.4.5~20200522/src/misc.c:3878:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(t, s);
data/tin-2.4.5~20200522/src/misc.c:4209:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), "STAT %"T_ARTNUM_PFMT, art);
data/tin-2.4.5~20200522/src/misc.c:4218:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(&filename[strlen(filename)], sizeof(filename), "/%"T_ARTNUM_PFMT, art);
data/tin-2.4.5~20200522/src/my_tmpfile.c:99:12: [4] (tmpfile) mktemp:
Temporary file race condition (CWE-377).
if ((t = mktemp(filename)) != NULL)
data/tin-2.4.5~20200522/src/newsrc.c:444:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(line, "%"T_ARTNUM_SFMT" %"T_ARTNUM_SFMT" %"T_ARTNUM_SFMT, art_count, art_min, art_max) != 3) {
data/tin-2.4.5~20200522/src/newsrc.c:1144:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, "1-%"T_ARTNUM_PFMT, group->newsrc.xmax);
data/tin-2.4.5~20200522/src/newsrc.c:1161:6: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, ",%"T_ARTNUM_PFMT, i);
data/tin-2.4.5~20200522/src/newsrc.c:1171:6: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, "-%"T_ARTNUM_PFMT, i);
data/tin-2.4.5~20200522/src/newsrc.c:1179:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, "-%"T_ARTNUM_PFMT, group->newsrc.xmin - 1);
data/tin-2.4.5~20200522/src/newsrc.c:1194:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, "-%"T_ARTNUM_PFMT, group->newsrc.xmin - 1);
data/tin-2.4.5~20200522/src/nntplib.c:177:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
return strcpy(buf, NNTP_DEFAULT_SERVER);
data/tin-2.4.5~20200522/src/nntplib.c:867:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, last_put); /* Keep copy here, it will be clobbered a lot otherwise */
data/tin-2.4.5~20200522/src/nrctbl.c:74:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, _(txt_nrctbl_info), PRODUCT, VERSION);
data/tin-2.4.5~20200522/src/nrctbl.c:207:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(dir, X_OK)) {
data/tin-2.4.5~20200522/src/nrctbl.c:210:16: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
} else if (access(newsrc_name, F_OK)) {
data/tin-2.4.5~20200522/src/nrctbl.c:213:16: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
} else if (access(dir, R_OK)) {
data/tin-2.4.5~20200522/src/nrctbl.c:216:16: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
} else if (access(newsrc_name, R_OK)) {
data/tin-2.4.5~20200522/src/nrctbl.c:219:16: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
} else if (access(dir, W_OK)) {
data/tin-2.4.5~20200522/src/nrctbl.c:222:16: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
} else if (access(newsrc_name, W_OK)) {
data/tin-2.4.5~20200522/src/options_menu.c:2840:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strip_line(sptr), cCRLF);
data/tin-2.4.5~20200522/src/page.c:765:6: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), _(txt_mark_art_read), (func == CATCHUP_NEXT_UNREAD) ? _(txt_enter_next_unread_art) : "");
data/tin-2.4.5~20200522/src/page.c:767:6: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), _(txt_mark_thread_read), (func == CATCHUP_NEXT_UNREAD) ? _(txt_enter_next_thread) : "");
data/tin-2.4.5~20200522/src/page.c:1101:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(screen[i + scroll_region_top].col, cCOLS, "%s" cCRLF, line);
data/tin-2.4.5~20200522/src/page.c:1286:17: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((mime_fp = popen(ptr, "w")))
data/tin-2.4.5~20200522/src/page.c:1427:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, tin_ltoa(which_thread(this_resp) + 1, 4));
data/tin-2.4.5~20200522/src/page.c:1462:4: [4] (format) swprintf:
Potential format string problem (CWE-134). Make format string constant.
swprintf(wtmp, line_len, fmt, buf);
data/tin-2.4.5~20200522/src/page.c:1580:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, line_len, _(txt_at_s), note_h->org);
data/tin-2.4.5~20200522/src/page.c:1652:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, tin_ltoa(which_thread(this_resp) + 1, 4));
data/tin-2.4.5~20200522/src/page.c:1679:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tmp, line_len, _(txt_lines), buf);
data/tin-2.4.5~20200522/src/page.c:1768:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, line_len, _(txt_at_s), note_h->org);
data/tin-2.4.5~20200522/src/pgp.c:204:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tmp, sizeof(tmp), HEADERS, (long) process_id);
data/tin-2.4.5~20200522/src/pgp.c:206:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tmp, sizeof(tmp), PLAINTEXT, (long) process_id);
data/tin-2.4.5~20200522/src/pgp.c:208:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tmp, sizeof(tmp), CIPHERTEXT, (long) process_id);
data/tin-2.4.5~20200522/src/pgp.c:304:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tmp, sizeof(tmp), KEYFILE, (long) process_id);
data/tin-2.4.5~20200522/src/pgp.c:486:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(cmd, sizeof(cmd), CHECK_SIGN, PGPNAME, pgpopts, artfile, REDIRECT_PGP_OUTPUT);
data/tin-2.4.5~20200522/src/plp_snprintf.c:495:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dest,src);
data/tin-2.4.5~20200522/src/plp_snprintf.c:527:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf( convert, fmts, value );
data/tin-2.4.5~20200522/src/post.c:213:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), _(txt_quit_edit_send),
data/tin-2.4.5~20200522/src/post.c:221:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), _(txt_quit_edit_send),
data/tin-2.4.5~20200522/src/post.c:228:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), _(txt_quit_edit_send),
data/tin-2.4.5~20200522/src/post.c:234:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), _(txt_quit_edit_send),
data/tin-2.4.5~20200522/src/post.c:898:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cp, line);
data/tin-2.4.5~20200522/src/post.c:1290:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cp, line);
data/tin-2.4.5~20200522/src/post.c:1937:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), _(txt_quit_edit_xpost),
data/tin-2.4.5~20200522/src/post.c:1947:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), _(txt_quit_edit_xpost),
data/tin-2.4.5~20200522/src/post.c:1956:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), _(txt_quit_edit_xpost),
data/tin-2.4.5~20200522/src/post.c:1964:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), _(txt_quit_edit_xpost),
data/tin-2.4.5~20200522/src/post.c:2293:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), _(txt_post_newsgroups), tinrc.default_post_newsgroups);
data/tin-2.4.5~20200522/src/post.c:2489:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(question, sizeof(question), _(txt_prompt_see_postponed), count);
data/tin-2.4.5~20200522/src/post.c:2504:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), _(txt_postpone_repost),
data/tin-2.4.5~20200522/src/post.c:2815:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer, b);
data/tin-2.4.5~20200522/src/post.c:3440:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buff, line);
data/tin-2.4.5~20200522/src/post.c:3565:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tmesg, sizeof(tmesg), _(txt_mail_bug_report_confirm), bug_addr);
data/tin-2.4.5~20200522/src/post.c:3846:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buff, sizeof(buff), _(txt_cancel_article),
data/tin-2.4.5~20200522/src/post.c:3992:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buff, sizeof(buff), _(txt_quit_cancel),
data/tin-2.4.5~20200522/src/post.c:4275:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buff, sizeof(buff), _(txt_quit_edit_xpost),
data/tin-2.4.5~20200522/src/post.c:4285:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buff, sizeof(buff), _(txt_quit_edit_xpost),
data/tin-2.4.5~20200522/src/post.c:4294:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buff, sizeof(buff), _(txt_quit_edit_xpost),
data/tin-2.4.5~20200522/src/post.c:4302:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buff, sizeof(buff), _(txt_quit_edit_xpost),
data/tin-2.4.5~20200522/src/post.c:4354:14: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((fp = popen(file + 1, "r")) == NULL)
data/tin-2.4.5~20200522/src/post.c:4371:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(x_hdrs[num_x_hdrs - 1] + i, line);
data/tin-2.4.5~20200522/src/post.c:4665:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(from_addr, rfc1522_decode(tmp));
data/tin-2.4.5~20200522/src/post.c:4668:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(from_addr, ptr);
data/tin-2.4.5~20200522/src/post.c:4833:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "%s!%s", domain_name, user_name);
data/tin-2.4.5~20200522/src/post.c:5134:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, radix32(t));
data/tin-2.4.5~20200522/src/post.c:5136:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, radix32((unsigned long) process_id));
data/tin-2.4.5~20200522/src/post.c:5523:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ngs_list, this_group);
data/tin-2.4.5~20200522/src/post.c:5526:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ngs_list, this_group);
data/tin-2.4.5~20200522/src/prompt.c:123:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, p);
data/tin-2.4.5~20200522/src/prompt.c:152:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(var, p);
data/tin-2.4.5~20200522/src/prompt.c:686:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buf, sizeof(buf), fmt, ap);
data/tin-2.4.5~20200522/src/refs.c:51:44: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define DEBUG_PRINT(x) if (dbgfd != NULL) fprintf x
data/tin-2.4.5~20200522/src/refs.c:329:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ptr->txt, msgid);
data/tin-2.4.5~20200522/src/refs.c:521:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(refs + pos, "%s ", refptr->txt);
data/tin-2.4.5~20200522/src/refs.c:595:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ptr, "%3d %*s", msgid->article, 2*level, " ");
data/tin-2.4.5~20200522/src/rfc1524.c:84:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mailcaps, "%s:%s", ptr, DEFAULT_MAILCAPS);
data/tin-2.4.5~20200522/src/rfc1524.c:189:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s/%s", content_types[part->type], part->subtype);
data/tin-2.4.5~20200522/src/rfc1524.c:278:7: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system(tmailcap->test)) { /* test failed? */
data/tin-2.4.5~20200522/src/rfc1524.c:409:8: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(line, nptr);
data/tin-2.4.5~20200522/src/rfc1524.c:433:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(line, nptr);
data/tin-2.4.5~20200522/src/rfc1524.c:442:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(line, content_types[part->type]);
data/tin-2.4.5~20200522/src/rfc1524.c:444:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(line, nptr);
data/tin-2.4.5~20200522/src/rfc2046.c:627:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p_list->value, c_list->value);
data/tin-2.4.5~20200522/src/rfc2046.c:719:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(charsetheader, "charset=%s", curr_group->attribute->undeclared_charset);
data/tin-2.4.5~20200522/src/rfc2046.c:815:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(charsetheader, "charset=%s", curr_group->attribute->undeclared_charset);
data/tin-2.4.5~20200522/src/rfc2046.c:947:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ptr, "%s (%s)", addr, convert_to_printable(rfc1522_decode(name), keep_tab));
data/tin-2.4.5~20200522/src/rfc2046.c:949:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ptr, "%s <%s>", convert_to_printable(rfc1522_decode(name), keep_tab), addr);
data/tin-2.4.5~20200522/src/rfc2046.c:951:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ptr, addr);
data/tin-2.4.5~20200522/src/rfc2046.c:1515:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), "ARTICLE %"T_ARTNUM_PFMT, art);
data/tin-2.4.5~20200522/src/rfc2046.c:1527:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(fbuf, sizeof(fbuf), "%"T_ARTNUM_PFMT, art);
data/tin-2.4.5~20200522/src/rfc2047.c:1102:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(boundary, MIME_BOUNDARY_PREFIX);
data/tin-2.4.5~20200522/src/rfc2047.c:1103:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(boundary, MIME_BOUNDARY_DEFAULT_PART);
data/tin-2.4.5~20200522/src/save.c:210:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), _(txt_saved_groupname), group->name);
data/tin-2.4.5~20200522/src/save.c:270:7: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), "%"T_ARTNUM_PFMT, arts[j].artnum);
data/tin-2.4.5~20200522/src/save.c:275:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp_log, _(txt_cannot_open), savefile);
data/tin-2.4.5~20200522/src/save.c:358:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), _(txt_saved_summary), (function == MAIL_ANY_NEWS ? _(txt_mailed) : _(txt_saved)),
data/tin-2.4.5~20200522/src/save.c:934:11: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(s + 6, fmt, &mode, name) == 2) {
data/tin-2.4.5~20200522/src/save.c:1025:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(u, t); /* Keep tabs on the last two lines, which typically do not start with M */
data/tin-2.4.5~20200522/src/save.c:1026:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(t, s);
data/tin-2.4.5~20200522/src/save.c:1061:15: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((fp_in = popen(buf, "r")) != NULL) {
data/tin-2.4.5~20200522/src/save.c:1352:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), _(txt_view_attachment), savepath, content_types[part->type], part->subtype);
data/tin-2.4.5~20200522/src/save.c:1370:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), _(txt_save_attachment), savepath, content_types[part->type], part->subtype);
data/tin-2.4.5~20200522/src/save.c:1563:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), _(txt_attachment_lines), part->line_count);
data/tin-2.4.5~20200522/src/save.c:1860:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf2, sizeof(buf2), _(txt_attachment_lines), part->line_count);
data/tin-2.4.5~20200522/src/save.c:2037:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(pat, sizeof(pat), REGEX_FMT, tinrc.default_select_pattern);
data/tin-2.4.5~20200522/src/save.c:2410:17: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((pipe_fp = popen(tinrc.default_pipe_command, "w")) == NULL) {
data/tin-2.4.5~20200522/src/screen.c:84:10: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
used = vsnprintf(msg, size, fmt, aq);
data/tin-2.4.5~20200522/src/screen.c:526:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(display_format, DISPLAY_FMT);
data/tin-2.4.5~20200522/src/screen.c:530:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(display, sizeof(display), display_format, txt, ratio);
data/tin-2.4.5~20200522/src/screen.c:576:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(display, sizeof(display), display_format, txt, ratio);
data/tin-2.4.5~20200522/src/screen.c:583:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(display_format, _(txt_remaining));
data/tin-2.4.5~20200522/src/screen.c:584:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(display, sizeof(display), display_format, txt, ratio, secs_left / 60, secs_left % 60);
data/tin-2.4.5~20200522/src/screen.c:591:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(display, sizeof(display), DISPLAY_FMT, txt, ratio);
data/tin-2.4.5~20200522/src/search.c:92:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tmpbuf, sizeof(tmpbuf), (*forward ? fwd_msg : bwd_msg), def);
data/tin-2.4.5~20200522/src/search.c:123:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(def, quote_wild_whitespace(def));
data/tin-2.4.5~20200522/src/search.c:370:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(msg, sizeof(msg), _(txt_searching_body), ++curr_cnt, total_cnt);
data/tin-2.4.5~20200522/src/select.c:467:6: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), _(txt_remove_bogus), CURR_GROUP.name);
data/tin-2.4.5~20200522/src/select.c:496:6: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), _(txt_post_newsgroups), tinrc.default_post_newsgroups);
data/tin-2.4.5~20200522/src/select.c:503:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, tinrc.default_post_newsgroups);
data/tin-2.4.5~20200522/src/select.c:722:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(sptr, desc_buf);
data/tin-2.4.5~20200522/src/select.c:784:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(sptr, name_buf);
data/tin-2.4.5~20200522/src/select.c:795:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(sptr, active_name2);
data/tin-2.4.5~20200522/src/select.c:802:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(sptr, tin_ltoa(i + 1, sel_fmt.len_linenumber));
data/tin-2.4.5~20200522/src/select.c:820:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(sptr, tin_ltoa(num_unread, sel_fmt.len_ucnt));
data/tin-2.4.5~20200522/src/select.c:835:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strip_line(sptr), cCRLF);
data/tin-2.4.5~20200522/src/select.c:1075:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), _(txt_newsgroup_position), group->name,
data/tin-2.4.5~20200522/src/sigfile.c:116:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sigcmd, "%s", sigattr);
data/tin-2.4.5~20200522/src/sigfile.c:119:19: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((pipe_fp = popen(sigcmd, "r")) != NULL) {
data/tin-2.4.5~20200522/src/sigfile.c:311:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(sigfile, dp->d_name);
data/tin-2.4.5~20200522/src/strftime.c:131:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tbuf, days_a[timeptr->tm_wday]);
data/tin-2.4.5~20200522/src/strftime.c:135:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tbuf, days_l[timeptr->tm_wday]);
data/tin-2.4.5~20200522/src/strftime.c:142:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tbuf, months_a[timeptr->tm_mon]);
data/tin-2.4.5~20200522/src/strftime.c:146:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tbuf, months_l[timeptr->tm_mon]);
data/tin-2.4.5~20200522/src/strftime.c:190:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tbuf, ampm[((timeptr->tm_hour < 12) ? 0 : 1)]);
data/tin-2.4.5~20200522/src/strftime.c:265:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, tbuf);
data/tin-2.4.5~20200522/src/string.c:94:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buffer, sizeof(buffer), "%"T_ARTNUM_PFMT, value);
data/tin-2.4.5~20200522/src/string.c:119:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buffer, sizeof(buffer), "%*"T_ARTNUM_PFMT, digits, value);
data/tin-2.4.5~20200522/src/string.c:1136:3: [4] (buffer) wcscat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
wcscat(wtmp, tail);
data/tin-2.4.5~20200522/src/string.c:1390:10: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
used = vsnprintf(str, size, fmt, ap);
data/tin-2.4.5~20200522/src/string.c:1575:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fmt->date_str, tmp_date_str);
data/tin-2.4.5~20200522/src/tcurses.c:78:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buffer, sizeof(buffer), fmt, ap);
data/tin-2.4.5~20200522/src/tcurses.c:659:3: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf(fmt, ap);
data/tin-2.4.5~20200522/src/tcurses.c:683:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stream, fmt, ap);
data/tin-2.4.5~20200522/src/thread.c:174:8: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, tmp);
data/tin-2.4.5~20200522/src/thread.c:193:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, tmp);
data/tin-2.4.5~20200522/src/thread.c:214:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, tmp);
data/tin-2.4.5~20200522/src/thread.c:225:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, tin_ltoa(art->line_count, thrd_fmt.len_linecnt));
data/tin-2.4.5~20200522/src/thread.c:239:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, tin_ltoa(art->tagged, 3));
data/tin-2.4.5~20200522/src/thread.c:252:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, tmp);
data/tin-2.4.5~20200522/src/thread.c:262:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, tin_ltoa(l + 1, thrd_fmt.len_linenumber));
data/tin-2.4.5~20200522/src/thread.c:266:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, tin_ltoa(art->score, thrd_fmt.len_score));
data/tin-2.4.5~20200522/src/thread.c:304:12: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, tmp);
data/tin-2.4.5~20200522/src/thread.c:332:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, tmp);
data/tin-2.4.5~20200522/src/thread.c:368:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strip_line(buffer), cCRLF);
data/tin-2.4.5~20200522/src/thread.c:1429:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(prefix, result);
data/tin-2.4.5~20200522/src/thread.c:1466:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), _(txt_mark_art_read), (func == CATCHUP_NEXT_UNREAD) ? _(txt_enter_next_unread_art) : "");
data/tin-2.4.5~20200522/src/thread.c:1468:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), _(txt_mark_thread_read), (func == CATCHUP_NEXT_UNREAD) ? _(txt_enter_next_thread) : "");
data/tin-2.4.5~20200522/src/tmpfile.c:75:6: [4] (tmpfile) mktemp:
Temporary file race condition (CWE-377).
p = mktemp(buf);
data/tin-2.4.5~20200522/src/trace.c:67:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(fp, fmt, ap);
data/tin-2.4.5~20200522/src/version.c:89:6: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(line, format, &rc_majorv, &rc_minorv, &rc_subv) != 3) {
data/tin-2.4.5~20200522/src/version.c:99:6: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(lversion, fmt, &c_majorv, &c_minorv, &c_subv) != 3) {
data/tin-2.4.5~20200522/src/xface.c:172:4: [4] (shell) execlp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execlp("slrnface", "slrnface", fifo, NULL);
data/tin-2.4.5~20200522/include/extern.h:139:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
extern char *getenv(const char *);
data/tin-2.4.5~20200522/include/extern.h:151:13: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int, char * const*, const char *);
data/tin-2.4.5~20200522/include/extern.h:160:15: [3] (buffer) getwd:
This does not protect against buffer overflows by itself, so use with
caution (CWE-120, CWE-20). Use getcwd instead.
extern char *getwd(char *);
data/tin-2.4.5~20200522/intl/dcigettext.c:139:7: [3] (buffer) getwd:
This does not protect against buffer overflows by itself, so use with
caution (CWE-120, CWE-20). Use getcwd instead.
char *getwd ();
data/tin-2.4.5~20200522/intl/dcigettext.c:140:28: [3] (buffer) getwd:
This does not protect against buffer overflows by itself, so use with
caution (CWE-120, CWE-20). Use getcwd instead.
# define getcwd(buf, max) getwd (buf)
data/tin-2.4.5~20200522/intl/dcigettext.c:1167:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
language = getenv ("LANGUAGE");
data/tin-2.4.5~20200522/intl/dcigettext.c:1178:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
retval = getenv ("LC_ALL");
data/tin-2.4.5~20200522/intl/dcigettext.c:1182:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
retval = getenv (categoryname);
data/tin-2.4.5~20200522/intl/dcigettext.c:1186:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
retval = getenv ("LANG");
data/tin-2.4.5~20200522/intl/loadmsgcat.c:271:21: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
outcharset = getenv ("OUTPUT_CHARSET");
data/tin-2.4.5~20200522/intl/localcharset.c:229:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
locale = getenv ("LC_ALL");
data/tin-2.4.5~20200522/intl/localcharset.c:232:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
locale = getenv ("LC_CTYPE");
data/tin-2.4.5~20200522/intl/localcharset.c:234:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
locale = getenv ("LANG");
data/tin-2.4.5~20200522/libcanlock/test/shatest.c:1378:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((i = getopt(argc, argv,
data/tin-2.4.5~20200522/pcre/pcregrep.c:1748:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
locale = getenv("LC_ALL");
data/tin-2.4.5~20200522/pcre/pcregrep.c:1754:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
locale = getenv("LC_CTYPE");
data/tin-2.4.5~20200522/pcre/pcregrep.c:1786:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *cs = getenv("PCREGREP_COLOUR");
data/tin-2.4.5~20200522/pcre/pcregrep.c:1787:26: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (cs == NULL) cs = getenv("PCREGREP_COLOR");
data/tin-2.4.5~20200522/src/active.c:1006:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
autosubscribe = getenv("AUTOSUBSCRIBE");
data/tin-2.4.5~20200522/src/active.c:1007:21: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
autounsubscribe = getenv("AUTOUNSUBSCRIBE");
data/tin-2.4.5~20200522/src/config.c:2020:23: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!use_metamail || getenv("NOMETAMAIL") != NULL)
data/tin-2.4.5~20200522/src/curses.c:261:11: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((p = getenv("TERM")) == NULL) {
data/tin-2.4.5~20200522/src/envarg.c:84:11: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
envptr = getenv(envstr);
data/tin-2.4.5~20200522/src/header.c:68:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((ptr = getenv("HOST")) != NULL)
data/tin-2.4.5~20200522/src/header.c:71:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((ptr = getenv("HOSTNAME")) != NULL)
data/tin-2.4.5~20200522/src/header.c:271:11: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((p = getenv("NAME")) != NULL) {
data/tin-2.4.5~20200522/src/header.c:275:11: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((p = getenv("REALNAME")) != NULL) {
data/tin-2.4.5~20200522/src/init.c:698:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (((ptr = getenv("TIN_HOMEDIR")) != NULL) && strlen(ptr)) {
data/tin-2.4.5~20200522/src/init.c:700:21: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
} else if (((ptr = getenv("HOME")) != NULL) && strlen(ptr)) {
data/tin-2.4.5~20200522/src/init.c:887:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
ptr = getenv("MAIL");
data/tin-2.4.5~20200522/src/langinfo.c:63:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (((l = getenv("LC_ALL")) && *l) ||
data/tin-2.4.5~20200522/src/langinfo.c:64:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
((l = getenv("LC_CTYPE")) && *l) ||
data/tin-2.4.5~20200522/src/langinfo.c:65:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
((l = getenv("LANG")) && *l)) {
data/tin-2.4.5~20200522/src/main.c:464:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, OPTIONS)) != -1) {
data/tin-2.4.5~20200522/src/misc.c:367:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
return ((ptr = getenv(env)) != NULL ? ptr : def);
data/tin-2.4.5~20200522/src/misc.c:1592:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
envptr = getenv(tbuf);
data/tin-2.4.5~20200522/src/misc.c:2077:2: [3] (buffer) getwd:
This does not protect against buffer overflows by itself, so use with
caution (CWE-120, CWE-20). Use getcwd instead.
getwd(buf);
data/tin-2.4.5~20200522/src/misc.c:2184:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand((unsigned int) time(NULL));
data/tin-2.4.5~20200522/src/nntplib.c:152:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((cp = getenv("NNTPSERVER")) != NULL) {
data/tin-2.4.5~20200522/src/nntplib.c:319:20: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((env_device = getenv("DEV_TCP")) != NULL) /* SCO uses DEV_TCP, most other OS use /dev/tcp */
data/tin-2.4.5~20200522/src/page.c:1268:57: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((*ptr == '\0') || (!strcmp(ptr, INTERNAL_CMD)) || (getenv("NOMETAMAIL") != NULL))
data/tin-2.4.5~20200522/src/page.c:1902:38: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (*tinrc.metamail_prog == '\0' || getenv("NOMETAMAIL") != NULL) /* Viewer turned off */
data/tin-2.4.5~20200522/src/pgp.c:150:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((ptr = getenv("GNUPGHOME")) != NULL)
data/tin-2.4.5~20200522/src/pgp.c:155:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((ptr = getenv("PGPPATH")) != NULL)
data/tin-2.4.5~20200522/src/post.c:283:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((ptr = getenv("REPLYTO")) != NULL)
data/tin-2.4.5~20200522/src/post.c:290:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((ptr = getenv("DISTRIBUTION")) != NULL)
data/tin-2.4.5~20200522/src/post.c:5346:10: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("LC_ALL") != NULL) {
data/tin-2.4.5~20200522/src/rfc1524.c:82:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((ptr = getenv("MAILCAPS")) != NULL && strlen(ptr)) {
data/tin-2.4.5~20200522/src/rfc2047.c:1069:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand((unsigned int) time(NULL));
data/tin-2.4.5~20200522/src/sigfile.c:200:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand((unsigned int) time(NULL));
data/tin-2.4.5~20200522/src/xface.c:82:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!getenv("DISPLAY")) {
data/tin-2.4.5~20200522/src/xface.c:93:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!getenv("WINDOWID")) {
data/tin-2.4.5~20200522/include/extern.h:67:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
extern int atoi(const char *);
data/tin-2.4.5~20200522/include/extern.h:70:14: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
extern long atol(const char *);
data/tin-2.4.5~20200522/include/extern.h:83:14: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
extern int bcopy(char *, char *, int);
data/tin-2.4.5~20200522/include/extern.h:195:13: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
extern int mkstemp(char *);
data/tin-2.4.5~20200522/include/extern.h:270:15: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
extern FILE *tmpfile(void);
data/tin-2.4.5~20200522/include/extern.h:366:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char active_times_file[PATH_LEN];
data/tin-2.4.5~20200522/include/extern.h:367:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char article_name[PATH_LEN];
data/tin-2.4.5~20200522/include/extern.h:368:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char bug_addr[LEN];
data/tin-2.4.5~20200522/include/extern.h:369:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char bug_nntpserver1[PATH_LEN];
data/tin-2.4.5~20200522/include/extern.h:370:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char bug_nntpserver2[PATH_LEN];
data/tin-2.4.5~20200522/include/extern.h:371:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char cvers[LEN];
data/tin-2.4.5~20200522/include/extern.h:372:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char dead_article[PATH_LEN];
data/tin-2.4.5~20200522/include/extern.h:373:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char dead_articles[PATH_LEN];
data/tin-2.4.5~20200522/include/extern.h:374:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char default_organization[PATH_LEN];
data/tin-2.4.5~20200522/include/extern.h:375:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char default_signature[PATH_LEN];
data/tin-2.4.5~20200522/include/extern.h:376:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char global_attributes_file[PATH_LEN];
data/tin-2.4.5~20200522/include/extern.h:377:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char global_config_file[PATH_LEN];
data/tin-2.4.5~20200522/include/extern.h:378:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char homedir[PATH_LEN];
data/tin-2.4.5~20200522/include/extern.h:379:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char index_maildir[PATH_LEN];
data/tin-2.4.5~20200522/include/extern.h:380:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char index_newsdir[PATH_LEN];
data/tin-2.4.5~20200522/include/extern.h:381:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char index_savedir[PATH_LEN];
data/tin-2.4.5~20200522/include/extern.h:382:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char inewsdir[PATH_LEN];
data/tin-2.4.5~20200522/include/extern.h:383:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char local_attributes_file[PATH_LEN];
data/tin-2.4.5~20200522/include/extern.h:384:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char local_config_file[PATH_LEN];
data/tin-2.4.5~20200522/include/extern.h:385:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char filter_file[PATH_LEN];
data/tin-2.4.5~20200522/include/extern.h:386:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char local_input_history_file[PATH_LEN];
data/tin-2.4.5~20200522/include/extern.h:387:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char local_newsgroups_file[PATH_LEN];
data/tin-2.4.5~20200522/include/extern.h:388:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char local_newsrctable_file[PATH_LEN];
data/tin-2.4.5~20200522/include/extern.h:389:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char lock_file[PATH_LEN];
data/tin-2.4.5~20200522/include/extern.h:390:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char mail_news_user[LEN];
data/tin-2.4.5~20200522/include/extern.h:391:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char mailbox[PATH_LEN];
data/tin-2.4.5~20200522/include/extern.h:392:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char mailer[PATH_LEN];
data/tin-2.4.5~20200522/include/extern.h:394:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char mail_active_file[PATH_LEN];
data/tin-2.4.5~20200522/include/extern.h:395:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char mailgroups_file[PATH_LEN];
data/tin-2.4.5~20200522/include/extern.h:397:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char newnewsrc[PATH_LEN];
data/tin-2.4.5~20200522/include/extern.h:398:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char news_active_file[PATH_LEN];
data/tin-2.4.5~20200522/include/extern.h:399:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char newsgroups_file[PATH_LEN];
data/tin-2.4.5~20200522/include/extern.h:400:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char newsrc[PATH_LEN];
data/tin-2.4.5~20200522/include/extern.h:402:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char novrootdir[PATH_LEN];
data/tin-2.4.5~20200522/include/extern.h:403:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char novfilename[NAME_LEN + 1];
data/tin-2.4.5~20200522/include/extern.h:405:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char page_header[LEN];
data/tin-2.4.5~20200522/include/extern.h:406:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char posted_info_file[PATH_LEN];
data/tin-2.4.5~20200522/include/extern.h:407:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char postponed_articles_file[PATH_LEN];
data/tin-2.4.5~20200522/include/extern.h:408:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char rcdir[PATH_LEN];
data/tin-2.4.5~20200522/include/extern.h:409:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char save_active_file[PATH_LEN];
data/tin-2.4.5~20200522/include/extern.h:410:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char spooldir[PATH_LEN];
data/tin-2.4.5~20200522/include/extern.h:411:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char subscriptions_file[PATH_LEN];
data/tin-2.4.5~20200522/include/extern.h:412:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char overviewfmt_file[PATH_LEN];
data/tin-2.4.5~20200522/include/extern.h:413:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char txt_help_bug_report[LEN];
data/tin-2.4.5~20200522/include/extern.h:414:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char userid[PATH_LEN];
data/tin-2.4.5~20200522/include/extern.h:418:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char base64_alphabet[64];
data/tin-2.4.5~20200522/include/extern.h:1566:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char *input_history[HIST_MAXNUM + 1][HIST_SIZE + 1];
data/tin-2.4.5~20200522/include/policy.h:243:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char gnksa_country_codes[26*26] = {
data/tin-2.4.5~20200522/include/proto.h:680:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
extern int atoi(const char *s);
data/tin-2.4.5~20200522/include/proto.h:683:14: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
extern long atol(const char *s);
data/tin-2.4.5~20200522/include/proto.h:733:15: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
extern FILE *tmpfile(void);
data/tin-2.4.5~20200522/include/stpwatch.h:50:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg_tb[LEN];
data/tin-2.4.5~20200522/include/stpwatch.h:51:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_tb[LEN];
data/tin-2.4.5~20200522/include/stpwatch.h:73:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg_tb[LEN];
data/tin-2.4.5~20200522/include/stpwatch.h:74:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_tb[LEN];
data/tin-2.4.5~20200522/include/tin.h:233:20: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
# define atoartnum atol
data/tin-2.4.5~20200522/include/tin.h:492:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
# define memcpy(s1, s2, n) bcopy(s2, s1, n)
data/tin-2.4.5~20200522/include/tin.h:492:29: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
# define memcpy(s1, s2, n) bcopy(s2, s1, n)
data/tin-2.4.5~20200522/include/tin.h:1478:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char maildir[PATH_LEN]; /* maildir */
data/tin-2.4.5~20200522/include/tin.h:1479:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nntpserver[PATH_LEN]; /* nntpserver */
data/tin-2.4.5~20200522/include/tin.h:1480:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char savedir[PATH_LEN]; /* savedir */
data/tin-2.4.5~20200522/include/tin.h:1502:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txt[1]; /* The actual msgid */
data/tin-2.4.5~20200522/include/tin.h:1810:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txt[1]; /* stub for the string data, \0 terminated */
data/tin-2.4.5~20200522/include/tin.h:1820:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LEN];
data/tin-2.4.5~20200522/include/tin.h:1821:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date_str[LEN];
data/tin-2.4.5~20200522/include/tin.h:1907:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[PATH_LEN];
data/tin-2.4.5~20200522/include/tin.h:1908:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char scope[PATH_LEN];
data/tin-2.4.5~20200522/include/tin.h:1945:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date[10];
data/tin-2.4.5~20200522/include/tin.h:1946:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char group[80];
data/tin-2.4.5~20200522/include/tin.h:1948:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subj[120];
data/tin-2.4.5~20200522/include/tinrc.h:68:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char editor_format[PATH_LEN]; /* editor + parameters %E +%N %F */
data/tin-2.4.5~20200522/include/tinrc.h:69:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char default_goto_group[HEADER_LEN]; /* default for the 'g' command */
data/tin-2.4.5~20200522/include/tinrc.h:70:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char default_mail_address[HEADER_LEN];
data/tin-2.4.5~20200522/include/tinrc.h:71:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mailer_format[PATH_LEN]; /* mailer + parameters %M %S %T %F */
data/tin-2.4.5~20200522/include/tinrc.h:73:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char default_pipe_command[LEN];
data/tin-2.4.5~20200522/include/tinrc.h:75:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char default_post_newsgroups[HEADER_LEN]; /* default newsgroups to post to */
data/tin-2.4.5~20200522/include/tinrc.h:76:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char default_post_subject[LEN]; /* default subject when posting */
data/tin-2.4.5~20200522/include/tinrc.h:78:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char printer[LEN]; /* printer program specified from tinrc */
data/tin-2.4.5~20200522/include/tinrc.h:80:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char default_range_group[LEN];
data/tin-2.4.5~20200522/include/tinrc.h:81:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char default_range_select[LEN];
data/tin-2.4.5~20200522/include/tinrc.h:82:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char default_range_thread[LEN];
data/tin-2.4.5~20200522/include/tinrc.h:83:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char default_pattern[LEN];
data/tin-2.4.5~20200522/include/tinrc.h:84:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char default_repost_group[LEN]; /* default group to repost to */
data/tin-2.4.5~20200522/include/tinrc.h:85:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char default_save_file[PATH_LEN];
data/tin-2.4.5~20200522/include/tinrc.h:86:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char default_search_art[LEN]; /* default when searching in article */
data/tin-2.4.5~20200522/include/tinrc.h:87:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char default_search_author[HEADER_LEN]; /* default when searching for author */
data/tin-2.4.5~20200522/include/tinrc.h:88:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char default_search_config[LEN]; /* default when searching config menu */
data/tin-2.4.5~20200522/include/tinrc.h:89:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char default_search_group[HEADER_LEN]; /* default when searching select screen */
data/tin-2.4.5~20200522/include/tinrc.h:90:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char default_search_subject[LEN]; /* default when searching by subject */
data/tin-2.4.5~20200522/include/tinrc.h:91:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char default_select_pattern[LEN];
data/tin-2.4.5~20200522/include/tinrc.h:92:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char default_shell_command[LEN];
data/tin-2.4.5~20200522/include/tinrc.h:93:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mail_quote_format[LEN];
data/tin-2.4.5~20200522/include/tinrc.h:94:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char maildir[PATH_LEN]; /* mailbox dir where = saves are stored */
data/tin-2.4.5~20200522/include/tinrc.h:96:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mail_address[HEADER_LEN]; /* user's mail address */
data/tin-2.4.5~20200522/include/tinrc.h:97:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char metamail_prog[PATH_LEN]; /* name of MIME message viewer */
data/tin-2.4.5~20200522/include/tinrc.h:99:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mm_charset[LEN]; /* MIME charset */
data/tin-2.4.5~20200522/include/tinrc.h:103:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mm_local_charset[LEN]; /* display charset, not a rc/Menu-option anymore -> should be moved elsewhere */
data/tin-2.4.5~20200522/include/tinrc.h:107:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char news_headers_to_display[LEN]; /* which headers to display */
data/tin-2.4.5~20200522/include/tinrc.h:108:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char news_headers_to_not_display[LEN]; /* which headers to not display */
data/tin-2.4.5~20200522/include/tinrc.h:109:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char news_quote_format[LEN];
data/tin-2.4.5~20200522/include/tinrc.h:110:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char quote_chars[LEN]; /* quote chars for posting/mails ": " (size matches prefixbuf in copy_body() */
data/tin-2.4.5~20200522/include/tinrc.h:112:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char quote_regex[LEN]; /* regex used to determine quoted lines */
data/tin-2.4.5~20200522/include/tinrc.h:113:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char quote_regex2[LEN]; /* regex used to determine twice quoted lines */
data/tin-2.4.5~20200522/include/tinrc.h:114:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char quote_regex3[LEN]; /* regex used to determine >=3 times quoted lines */
data/tin-2.4.5~20200522/include/tinrc.h:115:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extquote_regex[LEN]; /* regex used to determine quoted lines from external sources */
data/tin-2.4.5~20200522/include/tinrc.h:117:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char slashes_regex[LEN]; /* regex used to highlight /slashes/ */
data/tin-2.4.5~20200522/include/tinrc.h:118:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stars_regex[LEN]; /* regex used to highlight *stars* */
data/tin-2.4.5~20200522/include/tinrc.h:119:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char underscores_regex[LEN]; /* regex used to highlight _underscores_ */
data/tin-2.4.5~20200522/include/tinrc.h:120:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strokes_regex[LEN]; /* regex used to highlight -strokes- */
data/tin-2.4.5~20200522/include/tinrc.h:121:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sigfile[PATH_LEN];
data/tin-2.4.5~20200522/include/tinrc.h:122:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strip_re_regex[LEN]; /* regex used to find and remove 'Re:'-like strings */
data/tin-2.4.5~20200522/include/tinrc.h:123:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strip_was_regex[LEN]; /* regex used to find and remove '(was:.*'-like strings */
data/tin-2.4.5~20200522/include/tinrc.h:124:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char verbatim_begin_regex[LEN]; /* regex used to find the begin of a verbatim block */
data/tin-2.4.5~20200522/include/tinrc.h:125:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char verbatim_end_regex[LEN]; /* regex used to find the end of a verbatim block */
data/tin-2.4.5~20200522/include/tinrc.h:126:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char savedir[PATH_LEN]; /* directory to save articles to */
data/tin-2.4.5~20200522/include/tinrc.h:127:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char spamtrap_warning_addresses[LEN];
data/tin-2.4.5~20200522/include/tinrc.h:128:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char url_handler[LEN]; /* Helper app for opening URL's */
data/tin-2.4.5~20200522/include/tinrc.h:129:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xpost_quote_format[LEN];
data/tin-2.4.5~20200522/include/tinrc.h:218:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char posted_articles_file[PATH_LEN]; /* if set, file in which to keep posted articles */
data/tin-2.4.5~20200522/include/tinrc.h:252:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inews_prog[PATH_LEN];
data/tin-2.4.5~20200522/include/tinrc.h:272:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char select_format[LEN]; /* format string for the selection level */
data/tin-2.4.5~20200522/include/tinrc.h:273:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char group_format[LEN]; /* format string for the group level */
data/tin-2.4.5~20200522/include/tinrc.h:274:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char thread_format[LEN]; /* format string for the thread level */
data/tin-2.4.5~20200522/include/tinrc.h:275:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date_format[LEN]; /* format string for the date display in the page header */
data/tin-2.4.5~20200522/include/tinrc.h:284:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attrib_undeclared_charset[LEN];
data/tin-2.4.5~20200522/include/tinrc.h:286:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attrib_editor_format[PATH_LEN];
data/tin-2.4.5~20200522/include/tinrc.h:287:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attrib_fcc[PATH_LEN];
data/tin-2.4.5~20200522/include/tinrc.h:288:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attrib_maildir[PATH_LEN];
data/tin-2.4.5~20200522/include/tinrc.h:289:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attrib_from[HEADER_LEN];
data/tin-2.4.5~20200522/include/tinrc.h:290:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attrib_mailing_list[HEADER_LEN];
data/tin-2.4.5~20200522/include/tinrc.h:291:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attrib_organization[LEN];
data/tin-2.4.5~20200522/include/tinrc.h:292:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attrib_followup_to[LEN];
data/tin-2.4.5~20200522/include/tinrc.h:293:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attrib_mime_types_to_save[LEN];
data/tin-2.4.5~20200522/include/tinrc.h:294:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attrib_news_headers_to_display[LEN];
data/tin-2.4.5~20200522/include/tinrc.h:295:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attrib_news_headers_to_not_display[LEN];
data/tin-2.4.5~20200522/include/tinrc.h:296:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attrib_news_quote_format[LEN];
data/tin-2.4.5~20200522/include/tinrc.h:297:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attrib_quote_chars[LEN];
data/tin-2.4.5~20200522/include/tinrc.h:298:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attrib_sigfile[PATH_LEN];
data/tin-2.4.5~20200522/include/tinrc.h:299:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attrib_savedir[PATH_LEN];
data/tin-2.4.5~20200522/include/tinrc.h:300:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attrib_savefile[PATH_LEN];
data/tin-2.4.5~20200522/include/tinrc.h:301:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attrib_x_body[LEN];
data/tin-2.4.5~20200522/include/tinrc.h:302:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attrib_x_headers[HEADER_LEN];
data/tin-2.4.5~20200522/include/tinrc.h:304:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attrib_ispell[PATH_LEN];
data/tin-2.4.5~20200522/include/tinrc.h:306:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attrib_quick_kill_scope[LEN];
data/tin-2.4.5~20200522/include/tinrc.h:307:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attrib_quick_select_scope[LEN];
data/tin-2.4.5~20200522/include/tinrc.h:308:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attrib_group_format[LEN];
data/tin-2.4.5~20200522/include/tinrc.h:309:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attrib_thread_format[LEN];
data/tin-2.4.5~20200522/include/tinrc.h:310:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attrib_date_format[LEN];
data/tin-2.4.5~20200522/intl/bindtextdom.c:159:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (result, dirname, len);
data/tin-2.4.5~20200522/intl/bindtextdom.c:197:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (result, codeset, len);
data/tin-2.4.5~20200522/intl/bindtextdom.c:233:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (new_binding->domainname, domainname, len);
data/tin-2.4.5~20200522/intl/bindtextdom.c:258:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (result, dirname, len);
data/tin-2.4.5~20200522/intl/bindtextdom.c:289:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (result, codeset, len);
data/tin-2.4.5~20200522/intl/dcigettext.c:237:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msgid[ZERO];
data/tin-2.4.5~20200522/intl/dcigettext.c:350:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[ZERO];
data/tin-2.4.5~20200522/intl/dcigettext.c:453:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (search->msgid, msgid1, msgid_len);
data/tin-2.4.5~20200522/intl/dcigettext.c:644:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (newp->domainname, domainname, domainname_len + 1);
data/tin-2.4.5~20200522/intl/dcigettext.c:1223:29: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
return (void *) ((char *) memcpy (dest, src, n) + n);
data/tin-2.4.5~20200522/intl/finddomain.c:133:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (locale, alias_value, len);
data/tin-2.4.5~20200522/intl/gettextP.h:161:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domainname[ZERO];
data/tin-2.4.5~20200522/intl/l10nflist.c:219:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (abs_filename, dirlist, dirlist_len);
data/tin-2.4.5~20200522/intl/loadmsgcat.c:100:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
# define open __open
data/tin-2.4.5~20200522/intl/loadmsgcat.c:258:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (charset, charsetstr, len);
data/tin-2.4.5~20200522/intl/loadmsgcat.c:300:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (tmp, outcharset, len);
data/tin-2.4.5~20200522/intl/loadmsgcat.c:301:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (tmp + len, "//TRANSLIT", 10 + 1);
data/tin-2.4.5~20200522/intl/loadmsgcat.c:375:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (domain_file->filename, O_RDONLY | O_BINARY);
data/tin-2.4.5~20200522/intl/localcharset.c:103:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (file_name, dir, dir_len);
data/tin-2.4.5~20200522/intl/localcharset.c:106:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (file_name + dir_len + add_slash, base, base_len + 1);
data/tin-2.4.5~20200522/intl/localcharset.c:110:38: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (file_name == NULL || (fp = fopen (file_name, "r")) == NULL)
data/tin-2.4.5~20200522/intl/localcharset.c:117:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[50+1];
data/tin-2.4.5~20200522/intl/localcharset.c:118:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[50+1];
data/tin-2.4.5~20200522/intl/localcharset.c:247:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[2 + 10 + 1];
data/tin-2.4.5~20200522/intl/localcharset.c:250:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "CP%u", GetACP ());
data/tin-2.4.5~20200522/intl/localealias.c:210:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (full_fname, fname, fname_len);
data/tin-2.4.5~20200522/intl/localealias.c:211:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&full_fname[fname_len], aliasfile, sizeof aliasfile);
data/tin-2.4.5~20200522/intl/localealias.c:214:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen (full_fname, "r");
data/tin-2.4.5~20200522/intl/localealias.c:227:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/tin-2.4.5~20200522/intl/localealias.c:240:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char altbuf[BUFSIZ];
data/tin-2.4.5~20200522/intl/localealias.c:320:26: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
map[nmap].alias = memcpy (&string_space[string_space_act],
data/tin-2.4.5~20200522/intl/localealias.c:324:26: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
map[nmap].value = memcpy (&string_space[string_space_act],
data/tin-2.4.5~20200522/intl/textdomain.c:116:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (new_domain, domainname, len);
data/tin-2.4.5~20200522/libcanlock/include/sha.h:216:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char k_opad[USHA_Max_Message_Block_Size];
data/tin-2.4.5~20200522/libcanlock/include/sha.h:231:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char prk[USHAMaxHashSize];
data/tin-2.4.5~20200522/libcanlock/include/sha.h:331:53: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern int hkdf(SHAversion whichSha, const unsigned char *salt,
data/tin-2.4.5~20200522/libcanlock/include/sha.h:332:46: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int salt_len, const unsigned char *ikm, int ikm_len,
data/tin-2.4.5~20200522/libcanlock/include/sha.h:333:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char *info, int info_len,
data/tin-2.4.5~20200522/libcanlock/include/sha.h:335:60: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern int hkdfExtract(SHAversion whichSha, const unsigned char *salt,
data/tin-2.4.5~20200522/libcanlock/include/sha.h:336:53: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int salt_len, const unsigned char *ikm,
data/tin-2.4.5~20200522/libcanlock/include/sha.h:339:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int prk_len, const unsigned char *info,
data/tin-2.4.5~20200522/libcanlock/include/sha.h:355:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char *info, int info_len,
data/tin-2.4.5~20200522/libcanlock/src/canlock.c:217:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *cankey[1], *tmp;
data/tin-2.4.5~20200522/libcanlock/src/canlock.c:294:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *canlock[1], *tmp, *junk;
data/tin-2.4.5~20200522/libcanlock/src/canlock.c:394:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *templock[1];
data/tin-2.4.5~20200522/libcanlock/src/hmac.c:46:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char *message_array, int length,
data/tin-2.4.5~20200522/libcanlock/src/hmac.c:47:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char *key, int key_len,
data/tin-2.4.5~20200522/libcanlock/src/hmac.c:88:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char k_ipad[USHA_Max_Message_Block_Size];
data/tin-2.4.5~20200522/libcanlock/src/hmac.c:91:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tempkey[USHAMaxHashSize];
data/tin-2.4.5~20200522/libcanlock/test/canlocktest.c:84:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keytype[BUFFSIZE], locktype[BUFFSIZE];
data/tin-2.4.5~20200522/libcanlock/test/canlocktest_legacy.c:56:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keytype[BUFFSIZE], locktype[BUFFSIZE];
data/tin-2.4.5~20200522/libcanlock/test/canlocktest_legacy.c:87:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cankey[256], canlock[256], *lkey, *llock;
data/tin-2.4.5~20200522/libcanlock/test/hkdf.c:57:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char *salt, int salt_len,
data/tin-2.4.5~20200522/libcanlock/test/hkdf.c:58:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char *ikm, int ikm_len,
data/tin-2.4.5~20200522/libcanlock/test/hkdf.c:59:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char *info, int info_len,
data/tin-2.4.5~20200522/libcanlock/test/hkdf.c:96:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char *salt, int salt_len,
data/tin-2.4.5~20200522/libcanlock/test/hkdf.c:97:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char *ikm, int ikm_len,
data/tin-2.4.5~20200522/libcanlock/test/hkdf.c:100:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char nullSalt[USHAMaxHashSize];
data/tin-2.4.5~20200522/libcanlock/test/hkdf.c:145:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char *info, int info_len,
data/tin-2.4.5~20200522/libcanlock/test/hkdf.c:149:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char T[USHAMaxHashSize];
data/tin-2.4.5~20200522/libcanlock/test/hkdf.c:178:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(okm + where, T,
data/tin-2.4.5~20200522/libcanlock/test/hkdf.c:213:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char nullSalt[USHAMaxHashSize];
data/tin-2.4.5~20200522/libcanlock/test/hkdf.c:317:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char *info, int info_len,
data/tin-2.4.5~20200522/libcanlock/test/shatest.c:242:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *randomresults[RANDOMCOUNT];
data/tin-2.4.5~20200522/libcanlock/test/shatest.c:424:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *keyarray[5];
data/tin-2.4.5~20200522/libcanlock/test/shatest.c:426:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *dataarray[5];
data/tin-2.4.5~20200522/libcanlock/test/shatest.c:428:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *resultarray[5];
data/tin-2.4.5~20200522/libcanlock/test/shatest.c:757:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char hexdigits[ ] = "0123456789ABCDEF";
data/tin-2.4.5~20200522/libcanlock/test/shatest.c:923:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/tin-2.4.5~20200522/libcanlock/test/shatest.c:1013:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char prk[USHAMaxHashSize+1];
data/tin-2.4.5~20200522/libcanlock/test/shatest.c:1015:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/tin-2.4.5~20200522/libcanlock/test/shatest.c:1099:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[4096];
data/tin-2.4.5~20200522/libcanlock/test/shatest.c:1104:5: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fopen(hashfilename, "r");
data/tin-2.4.5~20200522/libcanlock/test/shatest.c:1206:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/tin-2.4.5~20200522/libcanlock/test/shatest.c:1207:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char SEED[USHAMaxHashSize], MD[1003][USHAMaxHashSize];
data/tin-2.4.5~20200522/libcanlock/test/shatest.c:1210:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(SEED, seed, hashsize);
data/tin-2.4.5~20200522/libcanlock/test/shatest.c:1219:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(MD[0], SEED, hashsize);
data/tin-2.4.5~20200522/libcanlock/test/shatest.c:1220:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(MD[1], SEED, hashsize);
data/tin-2.4.5~20200522/libcanlock/test/shatest.c:1221:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(MD[2], SEED, hashsize);
data/tin-2.4.5~20200522/libcanlock/test/shatest.c:1235:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(SEED, MD[i-1], hashsize);
data/tin-2.4.5~20200522/libcanlock/test/shatest.c:1251:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *names[HASHCOUNT][2] = {
data/tin-2.4.5~20200522/libcanlock/test/shatest.c:1382:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
case 'B': numberExtrabits = atoi(optarg); break;
data/tin-2.4.5~20200522/libcanlock/test/shatest.c:1392:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
case 'l': loopnohigh = atoi(optarg); break;
data/tin-2.4.5~20200522/libcanlock/test/shatest.c:1397:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
case 'R': randomcount = atoi(optarg); break;
data/tin-2.4.5~20200522/libcanlock/test/shatest.c:1401:43: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
case 't': testnolow = ntestnohigh = atoi(optarg) - 1; break;
data/tin-2.4.5~20200522/libcanlock/test/shatest.c:1443:55: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
numberExtrabits, extrabits, (const unsigned char *)hmacKey,
data/tin-2.4.5~20200522/libcanlock/test/shatest.c:1454:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const unsigned char *)hmacKey, hmaclen,
data/tin-2.4.5~20200522/libcanlock/test/shatest.c:1462:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const unsigned char *)hmacKey, hmaclen,
data/tin-2.4.5~20200522/libcanlock/test/shatest.c:1483:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const unsigned char *)(
data/tin-2.4.5~20200522/libcanlock/util/canlock.c:150:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char buf[SEC_DATA_SIZE_MAX];
data/tin-2.4.5~20200522/pcre/dftables.c:69:5: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(argv[1], "w+");
data/tin-2.4.5~20200522/pcre/pcre_compile.c:670:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/tin-2.4.5~20200522/pcre/pcre_compile.c:1584:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
strncmp((const char *)ptr, posix_names[yield], len) == 0) return yield;
data/tin-2.4.5~20200522/pcre/pcre_compile.c:2410:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pbits, cbits + posix_class_maps[posix_class],
data/tin-2.4.5~20200522/pcre/pcre_compile.c:2864:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code, classbits, 32);
data/tin-2.4.5~20200522/pcre/pcre_compile.c:2890:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code, classbits, 32);
data/tin-2.4.5~20200522/pcre/pcre_compile.c:2983:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(utf8_char, lastchar, c); /* Save the char */
data/tin-2.4.5~20200522/pcre/pcre_compile.c:3132:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code, utf8_char, c & 7);
data/tin-2.4.5~20200522/pcre/pcre_compile.c:3157:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code, utf8_char, c & 7);
data/tin-2.4.5~20200522/pcre/pcre_compile.c:3187:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code, utf8_char, c & 7);
data/tin-2.4.5~20200522/pcre/pcre_compile.c:3371:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code, previous, len);
data/tin-2.4.5~20200522/pcre/pcre_compile.c:3425:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code, previous, len);
data/tin-2.4.5~20200522/pcre/pcre_compile.c:3915:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(slot + 2, name, namelen);
data/tin-2.4.5~20200522/pcre/pcre_dfa_exec.c:414:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_states, active_states, new_count * sizeof(stateblock));
data/tin-2.4.5~20200522/pcre/pcre_exec.c:937:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_recursive.offset_save, md->offset_vector,
data/tin-2.4.5~20200522/pcre/pcre_exec.c:966:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(md->offset_vector, new_recursive.offset_save,
data/tin-2.4.5~20200522/pcre/pcre_exec.c:1153:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(md->offset_vector, rec->offset_save,
data/tin-2.4.5~20200522/pcre/pcre_exec.c:4147:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(offsets + 2, md->offset_vector + 2,
data/tin-2.4.5~20200522/pcre/pcre_get.c:240:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, subject + ovector[stringnumber], yield);
data/tin-2.4.5~20200522/pcre/pcre_get.c:329:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, subject + ovector[i], len);
data/tin-2.4.5~20200522/pcre/pcre_get.c:397:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(substring, subject + ovector[stringnumber], yield);
data/tin-2.4.5~20200522/pcre/pcre_internal.h:193:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define memcpy(d,s,n) _memcpy(d,s,n)
data/tin-2.4.5~20200522/pcre/pcre_internal.h:208:26: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define memmove(a, b, c) bcopy(b, a, c)
data/tin-2.4.5~20200522/pcre/pcre_study.c:565:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(study->start_bits, start_bits, sizeof(start_bits));
data/tin-2.4.5~20200522/pcre/pcregrep.c:362:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pattern, filename, len);
data/tin-2.4.5~20200522/pcre/pcregrep.c:363:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(pattern[len]), "\\*", 3);
data/tin-2.4.5~20200522/pcre/pcregrep.c:765:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[3*MBUFTHIRD];
data/tin-2.4.5~20200522/pcre/pcregrep.c:1176:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/tin-2.4.5~20200522/pcre/pcregrep.c:1191:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%.512s%c%.128s", pathname, sep, nextfile);
data/tin-2.4.5~20200522/pcre/pcregrep.c:1223:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in = fopen(pathname, "r");
data/tin-2.4.5~20200522/pcre/pcregrep.c:1283:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[4];
data/tin-2.4.5~20200522/pcre/pcregrep.c:1284:25: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if (op->one_char > 0) sprintf(s, "-%c,", op->one_char); else strcpy(s, " ");
data/tin-2.4.5~20200522/pcre/pcregrep.c:1284:64: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if (op->one_char > 0) sprintf(s, "-%c,", op->one_char); else strcpy(s, " ");
data/tin-2.4.5~20200522/pcre/pcregrep.c:1356:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[8];
data/tin-2.4.5~20200522/pcre/pcregrep.c:1358:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(p, "%d", n);
data/tin-2.4.5~20200522/pcre/pcregrep.c:1362:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 1: strcpy(p, "st"); break;
data/tin-2.4.5~20200522/pcre/pcregrep.c:1363:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 2: strcpy(p, "nd"); break;
data/tin-2.4.5~20200522/pcre/pcregrep.c:1364:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 3: strcpy(p, "rd"); break;
data/tin-2.4.5~20200522/pcre/pcregrep.c:1365:12: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
default: strcpy(p, "th"); break;
data/tin-2.4.5~20200522/pcre/pcregrep.c:1393:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MBUFTHIRD + 16];
data/tin-2.4.5~20200522/pcre/pcregrep.c:1459:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MBUFTHIRD];
data/tin-2.4.5~20200522/pcre/pcregrep.c:1466:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%.*s", p - pattern - ellength, pattern);
data/tin-2.4.5~20200522/pcre/pcregrep.c:1492:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *patterns[MAX_PATTERN_COUNT];
data/tin-2.4.5~20200522/pcre/pcregrep.c:1579:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff1[24];
data/tin-2.4.5~20200522/pcre/pcregrep.c:1580:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff2[24];
data/tin-2.4.5~20200522/pcre/pcregrep.c:1582:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buff1, "%.*s", baselen, op->long_name);
data/tin-2.4.5~20200522/pcre/pcregrep.c:1897:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MBUFTHIRD];
data/tin-2.4.5~20200522/pcre/pcregrep.c:1906:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(pattern_filename, "r");
data/tin-2.4.5~20200522/pcre/pcregrep.c:1937:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[16];
data/tin-2.4.5~20200522/pcre/pcregrep.c:1938:44: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if (pattern_count == 1) s[0] = 0; else sprintf(s, " number %d", j);
data/tin-2.4.5~20200522/pcre/pcretest.c:214:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_buffer, buffer, buffer_size);
data/tin-2.4.5~20200522/pcre/pcretest.c:215:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_pbuffer, pbuffer, buffer_size);
data/tin-2.4.5~20200522/pcre/pcretest.c:786:44: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((size_offsets = get_value((unsigned char *)argv[op+1], &endptr)),
data/tin-2.4.5~20200522/pcre/pcretest.c:796:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (argc > 2 && (temp = get_value((unsigned char *)argv[op+1], &endptr),
data/tin-2.4.5~20200522/pcre/pcretest.c:807:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((stack_size = get_value((unsigned char *)argv[op+1], &endptr)),
data/tin-2.4.5~20200522/pcre/pcretest.c:889:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
infile = fopen(argv[op], INPUT_MODE);
data/tin-2.4.5~20200522/pcre/pcretest.c:900:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfile = fopen(argv[op+1], OUTPUT_MODE);
data/tin-2.4.5~20200522/pcre/pcretest.c:971:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen((char *)p, "rb");
data/tin-2.4.5~20200522/pcre/pcretest.c:1532:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen((char *)to_file, "wb");
data/tin-2.4.5~20200522/pcre/pcretest.c:1667:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buff8[8];
data/tin-2.4.5~20200522/pcre/pcretest.c:1689:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buff8[8];
data/tin-2.4.5~20200522/pcre/pcretest.c:2115:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char copybuffer[256];
data/tin-2.4.5~20200522/pcre/pcretest.c:2129:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char copybuffer[256];
data/tin-2.4.5~20200522/src/active.c:329:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moderated[PATH_LEN];
data/tin-2.4.5~20200522/src/active.c:333:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ngname[NNTP_GRPLEN + 1]; /* RFC 3977 3.1 limits group names to 497 octets */
data/tin-2.4.5~20200522/src/active.c:337:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ngnames[NUM_SIMULTANEOUS_GROUP_COMMAND];
data/tin-2.4.5~20200522/src/active.c:366:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[NNTP_STRLEN];
data/tin-2.4.5~20200522/src/active.c:367:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[NNTP_STRLEN];
data/tin-2.4.5~20200522/src/active.c:413:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmt[25];
data/tin-2.4.5~20200522/src/active.c:529:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(newsrc, "r")) == NULL)
data/tin-2.4.5~20200522/src/active.c:579:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return (fopen(news_active_file, "r"));
data/tin-2.4.5~20200522/src/active.c:592:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moderated[PATH_LEN];
data/tin-2.4.5~20200522/src/active.c:679:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moderated[PATH_LEN];
data/tin-2.4.5~20200522/src/active.c:765:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(newsrc, "r")) == NULL) {
data/tin-2.4.5~20200522/src/active.c:800:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[NNTP_STRLEN];
data/tin-2.4.5~20200522/src/active.c:802:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moderated[PATH_LEN];
data/tin-2.4.5~20200522/src/active.c:811:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(newsrc, "r")) != NULL) {
data/tin-2.4.5~20200522/src/active.c:931:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[NNTP_STRLEN];
data/tin-2.4.5~20200522/src/active.c:954:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return (fopen(active_times_file, "r"));
data/tin-2.4.5~20200522/src/active.c:973:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ptr, *line, buf[NNTP_STRLEN];
data/tin-2.4.5~20200522/src/active.c:974:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char old_newnews_host[PATH_LEN];
data/tin-2.4.5~20200522/src/active.c:1015:42: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!read_news_via_nntp && ((time_t) atol(ptr) < old_newnews_time || old_newnews_time == (time_t) 0))
data/tin-2.4.5~20200522/src/active.c:1123:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pattern[HEADER_LEN];
data/tin-2.4.5~20200522/src/active.c:1203:22: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
new_time = (time_t) atol(ptr);
data/tin-2.4.5~20200522/src/active.c:1275:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char group_path[PATH_LEN];
data/tin-2.4.5~20200522/src/active.c:1276:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char local_save_active_file[PATH_LEN];
data/tin-2.4.5~20200522/src/active.c:1307:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[PATH_LEN];
data/tin-2.4.5~20200522/src/active.c:1308:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_LEN];
data/tin-2.4.5~20200522/src/active.c:1363:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(active_file, "a+")) != NULL) {
data/tin-2.4.5~20200522/src/art.c:220:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[NNTP_STRLEN];
data/tin-2.4.5~20200522/src/art.c:221:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[NNTP_STRLEN];
data/tin-2.4.5~20200522/src/art.c:350:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char group_path[PATH_LEN];
data/tin-2.4.5~20200522/src/art.c:630:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[NNTP_STRLEN];
data/tin-2.4.5~20200522/src/art.c:707:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return (fopen(buf, "r"));
data/tin-2.4.5~20200522/src/art.c:730:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[PATH_LEN];
data/tin-2.4.5~20200522/src/art.c:731:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char group_msg[LEN];
data/tin-2.4.5~20200522/src/art.c:743:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_LEN];
data/tin-2.4.5~20200522/src/art.c:797:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_LEN];
data/tin-2.4.5~20200522/src/art.c:1393:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char art_from_addr[HEADER_LEN];
data/tin-2.4.5~20200522/src/art.c:1394:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char art_full_name[HEADER_LEN];
data/tin-2.4.5~20200522/src/art.c:1467:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
h->line_count = atoi(hdr);
data/tin-2.4.5~20200522/src/art.c:1730:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[NNTP_STRLEN];
data/tin-2.4.5~20200522/src/art.c:1864:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char art_full_name[HEADER_LEN];
data/tin-2.4.5~20200522/src/art.c:1865:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char art_from_addr[HEADER_LEN];
data/tin-2.4.5~20200522/src/art.c:2125:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
art->line_count = atoi(ptr);
data/tin-2.4.5~20200522/src/art.c:2215:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
art->line_count = atoi(ptr);
data/tin-2.4.5~20200522/src/art.c:2303:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cbuf[HEADER_LEN];
data/tin-2.4.5~20200522/src/art.c:2627:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_LEN];
data/tin-2.4.5~20200522/src/art.c:2631:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char nov_file[PATH_LEN];
data/tin-2.4.5~20200522/src/art.c:2748:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(nov_file, "r")) == NULL)
data/tin-2.4.5~20200522/src/art.c:3242:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char date[25];
data/tin-2.4.5~20200522/src/art.c:3269:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char from[PATH_LEN];
data/tin-2.4.5~20200522/src/art.c:3310:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[NNTP_STRLEN];
data/tin-2.4.5~20200522/src/art.c:3326:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(nov_file, mode)) != NULL)
data/tin-2.4.5~20200522/src/attrib.c:299:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LEN];
data/tin-2.4.5~20200522/src/attrib.c:300:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LEN];
data/tin-2.4.5~20200522/src/attrib.c:301:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char scope[LEN];
data/tin-2.4.5~20200522/src/attrib.c:325:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(file, "r")) != NULL) {
data/tin-2.4.5~20200522/src/attrib.c:557:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(gbuf, "%n %m %R %s %F");
data/tin-2.4.5~20200522/src/attrib.c:558:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(tbuf, "%n %m %T %F");
data/tin-2.4.5~20200522/src/attrib.c:562:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(gbuf, "%n %m %R %S %s %F");
data/tin-2.4.5~20200522/src/attrib.c:563:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(tbuf, "%n %m [%S] %T %F");
data/tin-2.4.5~20200522/src/attrib.c:567:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(gbuf, "%n %m %R %L %S %s %F");
data/tin-2.4.5~20200522/src/attrib.c:568:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(tbuf, "%n %m [%L,%S] %T %F");
data/tin-2.4.5~20200522/src/attrib.c:1188:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(new_file, "w+")) == NULL) {
data/tin-2.4.5~20200522/src/auth.c:81:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[PATH_LEN];
data/tin-2.4.5~20200522/src/auth.c:82:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[PATH_LEN];
data/tin-2.4.5~20200522/src/auth.c:89:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(filename, "r"))) {
data/tin-2.4.5~20200522/src/auth.c:183:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[PATH_LEN];
data/tin-2.4.5~20200522/src/auth.c:241:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char authusername[PATH_LEN] = "";
data/tin-2.4.5~20200522/src/auth.c:242:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char authpassword[PATH_LEN] = "";
data/tin-2.4.5~20200522/src/auth.c:243:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char last_server[PATH_LEN] = "";
data/tin-2.4.5~20200522/src/auth.c:438:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[NNTP_STRLEN];
data/tin-2.4.5~20200522/src/auth.c:465:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[PATH_LEN];
data/tin-2.4.5~20200522/src/charset.c:153:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *const tex_from[TEX_SUBST] =
data/tin-2.4.5~20200522/src/charset.c:267:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *tex_to[TEX_SUBST];
data/tin-2.4.5~20200522/src/charset.c:348:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LEN];
data/tin-2.4.5~20200522/src/color.c:317:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char octal[5];
data/tin-2.4.5~20200522/src/config.c:79:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LEN], tmp[LEN];
data/tin-2.4.5~20200522/src/config.c:86:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(file, "r")) == NULL)
data/tin-2.4.5~20200522/src/config.c:631:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[PATH_LEN];
data/tin-2.4.5~20200522/src/config.c:926:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(file_tmp, "w")) == NULL) {
data/tin-2.4.5~20200522/src/config.c:1471:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timestring[30];
data/tin-2.4.5~20200522/src/config.c:1549:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*dst = atoi(&line[patlen]);
data/tin-2.4.5~20200522/src/config.c:1582:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*dst = atoi(&line[patlen]);
data/tin-2.4.5~20200522/src/config.c:1605:10: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*dst = atol(&line[patlen]);
data/tin-2.4.5~20200522/src/config.c:1625:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[LEN];
data/tin-2.4.5~20200522/src/config.c:1720:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[PATH_LEN];
data/tin-2.4.5~20200522/src/config.c:1794:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LEN];
data/tin-2.4.5~20200522/src/config.c:1866:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[PATH_LEN];
data/tin-2.4.5~20200522/src/config.c:2043:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LEN];
data/tin-2.4.5~20200522/src/config.c:2100:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char length[LEN];
data/tin-2.4.5~20200522/src/config.c:2131:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[PATH_LEN];
data/tin-2.4.5~20200522/src/config.c:2132:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newnews_info[LEN];
data/tin-2.4.5~20200522/src/config.c:2133:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serverdir[PATH_LEN];
data/tin-2.4.5~20200522/src/config.c:2148:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(file, "r")) == NULL)
data/tin-2.4.5~20200522/src/config.c:2188:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[PATH_LEN];
data/tin-2.4.5~20200522/src/config.c:2189:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timestring[30];
data/tin-2.4.5~20200522/src/config.c:2190:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serverdir[PATH_LEN];
data/tin-2.4.5~20200522/src/config.c:2220:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(file_tmp, "w")) == NULL) {
data/tin-2.4.5~20200522/src/cook.c:846:22: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
if (!(art->cooked = tmpfile()))
data/tin-2.4.5~20200522/src/curses.c:221:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char capname[6];
data/tin-2.4.5~20200522/src/curses.c:248:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char _terminal[1024]; /* Storage for terminal entry */
data/tin-2.4.5~20200522/src/curses.c:251:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char _capabilities[1024]; /* String for cursor motion */
data/tin-2.4.5~20200522/src/curses.c:258:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char the_termname[40], *p;
data/tin-2.4.5~20200522/src/curses.c:738:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output[LEN];
data/tin-2.4.5~20200522/src/curses.c:748:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[LEN];
data/tin-2.4.5~20200522/src/curses.c:783:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *attributes[MAX_ATTR + 1];
data/tin-2.4.5~20200522/src/curses.c:785:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output[LEN];
data/tin-2.4.5~20200522/src/curses.c:809:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[LEN];
data/tin-2.4.5~20200522/src/debug.c:69:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[PATH_LEN];
data/tin-2.4.5~20200522/src/debug.c:136:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char file[PATH_LEN] = { '\0' };
data/tin-2.4.5~20200522/src/debug.c:145:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(file, "a")) != NULL) {
data/tin-2.4.5~20200522/src/debug.c:185:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char file[PATH_LEN] = { '\0' };
data/tin-2.4.5~20200522/src/debug.c:194:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(file, "w")) != NULL) {
data/tin-2.4.5~20200522/src/debug.c:269:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char file[PATH_LEN] = { '\0' };
data/tin-2.4.5~20200522/src/debug.c:276:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(file, "a")) != NULL) {
data/tin-2.4.5~20200522/src/debug.c:331:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char file[PATH_LEN] = { '\0' };
data/tin-2.4.5~20200522/src/debug.c:338:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(file, "w")) != NULL) {
data/tin-2.4.5~20200522/src/debug.c:371:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[PATH_LEN];
data/tin-2.4.5~20200522/src/debug.c:383:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(file, "a")) != NULL) {
data/tin-2.4.5~20200522/src/debug.c:415:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[PATH_LEN];
data/tin-2.4.5~20200522/src/debug.c:422:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(file, "a")) != NULL) {
data/tin-2.4.5~20200522/src/debug.c:486:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char out[40];
data/tin-2.4.5~20200522/src/debug.c:490:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(out + 11, "%09ld", log_time.tv_nsec); /* strlen(" [hh:mm:ss.") */
data/tin-2.4.5~20200522/src/debug.c:492:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(out, "] ");
data/tin-2.4.5~20200522/src/feed.c:99:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char default_savefile[PATH_LEN];
data/tin-2.4.5~20200522/src/feed.c:166:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_LEN];
data/tin-2.4.5~20200522/src/feed.c:188:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyno[MAXKEYLEN], keyyes[MAXKEYLEN], keyquit[MAXKEYLEN];
data/tin-2.4.5~20200522/src/feed.c:189:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyshar[MAXKEYLEN];
data/tin-2.4.5~20200522/src/feed.c:300:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LEN];
data/tin-2.4.5~20200522/src/feed.c:301:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyart[MAXKEYLEN], keythread[MAXKEYLEN], keyrange[MAXKEYLEN], keyhot[MAXKEYLEN];
data/tin-2.4.5~20200522/src/feed.c:302:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keypat[MAXKEYLEN], keytag[MAXKEYLEN], keyquit[MAXKEYLEN];
data/tin-2.4.5~20200522/src/feed.c:364:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LEN];
data/tin-2.4.5~20200522/src/feed.c:365:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char what[LEN];
data/tin-2.4.5~20200522/src/feed.c:579:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outpath[PATH_LEN];
data/tin-2.4.5~20200522/src/feed.c:682:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char savefile[PATH_LEN];
data/tin-2.4.5~20200522/src/feed.c:722:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char from_name[PATH_LEN];
data/tin-2.4.5~20200522/src/feed.c:729:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LEN];
data/tin-2.4.5~20200522/src/feed.c:730:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyrepost[MAXKEYLEN], keysupersede[MAXKEYLEN];
data/tin-2.4.5~20200522/src/feed.c:731:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyquit[MAXKEYLEN];
data/tin-2.4.5~20200522/src/feed.c:1069:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[PATH_LEN], file[PATH_LEN];
data/tin-2.4.5~20200522/src/feed.c:1075:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(file, "w")) == NULL) /* TODO: issue a more correct error message here */
data/tin-2.4.5~20200522/src/filter.c:312:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[HEADER_LEN];
data/tin-2.4.5~20200522/src/filter.c:313:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char scope[HEADER_LEN];
data/tin-2.4.5~20200522/src/filter.c:314:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment_line[LEN]; /* one line of comment */
data/tin-2.4.5~20200522/src/filter.c:315:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subj[HEADER_LEN];
data/tin-2.4.5~20200522/src/filter.c:316:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char from[HEADER_LEN];
data/tin-2.4.5~20200522/src/filter.c:317:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msgid[HEADER_LEN];
data/tin-2.4.5~20200522/src/filter.c:318:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[HEADER_LEN];
data/tin-2.4.5~20200522/src/filter.c:319:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gnksa[HEADER_LEN];
data/tin-2.4.5~20200522/src/filter.c:320:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xref[HEADER_LEN];
data/tin-2.4.5~20200522/src/filter.c:321:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[HEADER_LEN];
data/tin-2.4.5~20200522/src/filter.c:322:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char scbuf[PATH_LEN];
data/tin-2.4.5~20200522/src/filter.c:335:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(file, "r")) == NULL)
data/tin-2.4.5~20200522/src/filter.c:429:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ptr[i].gnksa_num = atoi(&gnksa[1]);
data/tin-2.4.5~20200522/src/filter.c:432:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ptr[i].gnksa_num = atoi(&gnksa[1]);
data/tin-2.4.5~20200522/src/filter.c:435:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ptr[i].gnksa_num = atoi(gnksa);
data/tin-2.4.5~20200522/src/filter.c:446:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ptr[i].lines_num = atoi(&buffer[1]);
data/tin-2.4.5~20200522/src/filter.c:449:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ptr[i].lines_num = atoi(&buffer[1]);
data/tin-2.4.5~20200522/src/filter.c:452:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ptr[i].lines_num = atoi(buffer);
data/tin-2.4.5~20200522/src/filter.c:563:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
score = atoi(scbuf);
data/tin-2.4.5~20200522/src/filter.c:629:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char foo[HEADER_LEN];
data/tin-2.4.5~20200522/src/filter.c:694:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(filename, "w+")) == NULL) {
data/tin-2.4.5~20200522/src/filter.c:876:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timestring[25];
data/tin-2.4.5~20200522/src/filter.c:960:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text_subj[PATH_LEN];
data/tin-2.4.5~20200522/src/filter.c:961:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text_from[PATH_LEN];
data/tin-2.4.5~20200522/src/filter.c:962:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text_msgid[PATH_LEN];
data/tin-2.4.5~20200522/src/filter.c:963:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text_score[PATH_LEN];
data/tin-2.4.5~20200522/src/filter.c:1066:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment_line[LEN];
data/tin-2.4.5~20200522/src/filter.c:1067:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LEN];
data/tin-2.4.5~20200522/src/filter.c:1068:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyedit[MAXKEYLEN], keyquit[MAXKEYLEN], keysave[MAXKEYLEN];
data/tin-2.4.5~20200522/src/filter.c:1069:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text_time[PATH_LEN];
data/tin-2.4.5~20200522/src/filter.c:1070:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char double_time[PATH_LEN];
data/tin-2.4.5~20200522/src/filter.c:1071:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char quat_time[PATH_LEN];
data/tin-2.4.5~20200522/src/filter.c:1338:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
rule.lines_num = abs(atoi(ptr));
data/tin-2.4.5~20200522/src/filter.c:1361:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
rule.score = atoi(buf);
data/tin-2.4.5~20200522/src/filter.c:1495:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txt[LEN];
data/tin-2.4.5~20200522/src/filter.c:1565:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txt[LEN];
data/tin-2.4.5~20200522/src/filter.c:1614:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txt[HEADER_LEN];
data/tin-2.4.5~20200522/src/filter.c:1650:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char acbuf[PATH_LEN];
data/tin-2.4.5~20200522/src/filter.c:1651:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sbuf[(sizeof(acbuf) / 2)]; /* half as big as acbuf so quote_wild(sbuf) fits into acbuf */
data/tin-2.4.5~20200522/src/filter.c:1839:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LEN];
data/tin-2.4.5~20200522/src/filter.c:2282:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[NNTP_STRLEN];
data/tin-2.4.5~20200522/src/getline.c:45:9: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t gl_buf[BUF_SIZE]; /* wide-character input buffer */
data/tin-2.4.5~20200522/src/getline.c:46:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[BUF_SIZE];
data/tin-2.4.5~20200522/src/getline.c:48:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char gl_buf[BUF_SIZE]; /* input buffer */
data/tin-2.4.5~20200522/src/group.c:145:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[MAXKEYLEN];
data/tin-2.4.5~20200522/src/group.c:816:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pat[128];
data/tin-2.4.5~20200522/src/group.c:1153:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arts_sub[HEADER_LEN];
data/tin-2.4.5~20200522/src/group.c:1154:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_buf[8];
data/tin-2.4.5~20200522/src/group.c:1155:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[LEN];
data/tin-2.4.5~20200522/src/group.c:1195:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, " ");
data/tin-2.4.5~20200522/src/group.c:1375:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LEN], tmp[LEN], flag;
data/tin-2.4.5~20200522/src/group.c:1619:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LEN];
data/tin-2.4.5~20200522/src/group.c:1673:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tinrc.getart_limit = atoi(p);
data/tin-2.4.5~20200522/src/header.c:56:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char hostname[MAXHOSTNAMELEN + 1]; /* need space for '\0' */
data/tin-2.4.5~20200522/src/header.c:93:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[MAXHOSTNAMELEN + 1];
data/tin-2.4.5~20200522/src/header.c:94:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char domain[8192];
data/tin-2.4.5~20200522/src/header.c:103:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(domain, "r")) != NULL) {
data/tin-2.4.5~20200522/src/header.c:135:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXLINELEN + 1];
data/tin-2.4.5~20200522/src/header.c:136:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAXHOSTNAMELEN + 1];
data/tin-2.4.5~20200522/src/header.c:137:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char fqdn[1024];
data/tin-2.4.5~20200522/src/header.c:187:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((inf = fopen("/etc/resolv.conf", "r")) != NULL) {
data/tin-2.4.5~20200522/src/header.c:241:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char username[128];
data/tin-2.4.5~20200522/src/header.c:262:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char fullname[128];
data/tin-2.4.5~20200522/src/header.c:264:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/tin-2.4.5~20200522/src/header.c:265:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[128];
data/tin-2.4.5~20200522/src/header.c:337:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char sender[8192];
data/tin-2.4.5~20200522/src/help.c:641:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[MAXKEYLEN];
data/tin-2.4.5~20200522/src/help.c:700:13: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
if (!(fp = tmpfile()))
data/tin-2.4.5~20200522/src/help.c:757:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LEN];
data/tin-2.4.5~20200522/src/help.c:758:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[20][MAXKEYLEN];
data/tin-2.4.5~20200522/src/inews.c:92:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[HEADER_LEN];
data/tin-2.4.5~20200522/src/inews.c:93:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char from_name[HEADER_LEN];
data/tin-2.4.5~20200522/src/inews.c:94:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message_id[HEADER_LEN];
data/tin-2.4.5~20200522/src/inews.c:95:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char response[NNTP_STRLEN];
data/tin-2.4.5~20200522/src/inews.c:102:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sender_hdr[HEADER_LEN];
data/tin-2.4.5~20200522/src/inews.c:110:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(name, "r")) == NULL) {
data/tin-2.4.5~20200522/src/inews.c:264:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lock[1024];
data/tin-2.4.5~20200522/src/inews.c:390:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_LEN];
data/tin-2.4.5~20200522/src/inews.c:416:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, "inews -h");
data/tin-2.4.5~20200522/src/inews.c:456:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char from_addr[HEADER_LEN];
data/tin-2.4.5~20200522/src/inews.c:457:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sender_addr[HEADER_LEN];
data/tin-2.4.5~20200522/src/inews.c:458:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sender_line[HEADER_LEN];
data/tin-2.4.5~20200522/src/inews.c:459:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sender_name[HEADER_LEN];
data/tin-2.4.5~20200522/src/init.c:66:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char active_times_file[PATH_LEN];
data/tin-2.4.5~20200522/src/init.c:67:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char article_name[PATH_LEN]; /* ~/TIN_ARTICLE_NAME file */
data/tin-2.4.5~20200522/src/init.c:68:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bug_nntpserver1[PATH_LEN]; /* welcome message of NNTP server used */
data/tin-2.4.5~20200522/src/init.c:69:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bug_nntpserver2[PATH_LEN]; /* welcome message of NNTP server used */
data/tin-2.4.5~20200522/src/init.c:70:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cvers[LEN];
data/tin-2.4.5~20200522/src/init.c:71:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dead_article[PATH_LEN]; /* ~/dead.article file */
data/tin-2.4.5~20200522/src/init.c:72:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dead_articles[PATH_LEN]; /* ~/dead.articles file */
data/tin-2.4.5~20200522/src/init.c:73:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char default_organization[PATH_LEN]; /* Organization: */
data/tin-2.4.5~20200522/src/init.c:74:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char default_signature[PATH_LEN];
data/tin-2.4.5~20200522/src/init.c:75:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain_name[MAXHOSTNAMELEN + 1];
data/tin-2.4.5~20200522/src/init.c:76:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char global_attributes_file[PATH_LEN];
data/tin-2.4.5~20200522/src/init.c:77:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char global_config_file[PATH_LEN];
data/tin-2.4.5~20200522/src/init.c:78:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char homedir[PATH_LEN];
data/tin-2.4.5~20200522/src/init.c:79:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char index_maildir[PATH_LEN];
data/tin-2.4.5~20200522/src/init.c:80:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char index_newsdir[PATH_LEN]; /* directory for private overview data */
data/tin-2.4.5~20200522/src/init.c:81:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char index_savedir[PATH_LEN];
data/tin-2.4.5~20200522/src/init.c:82:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inewsdir[PATH_LEN];
data/tin-2.4.5~20200522/src/init.c:83:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char local_attributes_file[PATH_LEN];
data/tin-2.4.5~20200522/src/init.c:84:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char local_config_file[PATH_LEN];
data/tin-2.4.5~20200522/src/init.c:85:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char local_input_history_file[PATH_LEN];
data/tin-2.4.5~20200522/src/init.c:86:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char local_newsgroups_file[PATH_LEN]; /* local copy of NNTP newsgroups file */
data/tin-2.4.5~20200522/src/init.c:87:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char local_newsrctable_file[PATH_LEN];
data/tin-2.4.5~20200522/src/init.c:88:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lock_file[PATH_LEN]; /* contains name of index lock file */
data/tin-2.4.5~20200522/src/init.c:89:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filter_file[PATH_LEN];
data/tin-2.4.5~20200522/src/init.c:90:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mail_news_user[LEN]; /* mail new news to this user address */
data/tin-2.4.5~20200522/src/init.c:91:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mailbox[PATH_LEN]; /* system mailbox for each user */
data/tin-2.4.5~20200522/src/init.c:92:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mailer[PATH_LEN]; /* mail program */
data/tin-2.4.5~20200522/src/init.c:93:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newnewsrc[PATH_LEN];
data/tin-2.4.5~20200522/src/init.c:94:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char news_active_file[PATH_LEN];
data/tin-2.4.5~20200522/src/init.c:95:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newsgroups_file[PATH_LEN];
data/tin-2.4.5~20200522/src/init.c:96:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newsrc[PATH_LEN];
data/tin-2.4.5~20200522/src/init.c:97:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char page_header[LEN]; /* page header of pgm name and version */
data/tin-2.4.5~20200522/src/init.c:98:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char posted_info_file[PATH_LEN];
data/tin-2.4.5~20200522/src/init.c:99:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char postponed_articles_file[PATH_LEN]; /* ~/.tin/postponed.articles file */
data/tin-2.4.5~20200522/src/init.c:100:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rcdir[PATH_LEN];
data/tin-2.4.5~20200522/src/init.c:101:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char save_active_file[PATH_LEN];
data/tin-2.4.5~20200522/src/init.c:102:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char spooldir[PATH_LEN]; /* directory where news is */
data/tin-2.4.5~20200522/src/init.c:103:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char overviewfmt_file[PATH_LEN]; /* full path to overview.fmt */
data/tin-2.4.5~20200522/src/init.c:104:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subscriptions_file[PATH_LEN]; /* full path to subscriptions */
data/tin-2.4.5~20200522/src/init.c:106:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txt_help_bug_report[LEN]; /* address to send bug reports to */
data/tin-2.4.5~20200522/src/init.c:107:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userid[PATH_LEN];
data/tin-2.4.5~20200522/src/init.c:109:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mail_active_file[PATH_LEN];
data/tin-2.4.5~20200522/src/init.c:110:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mailgroups_file[PATH_LEN];
data/tin-2.4.5~20200522/src/init.c:113:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char novfilename[NAME_LEN + 1]; /* file name of a single nov index file */
data/tin-2.4.5~20200522/src/init.c:114:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char novrootdir[PATH_LEN]; /* root directory of nov index files */
data/tin-2.4.5~20200522/src/init.c:168:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *input_history[HIST_MAXNUM + 1][HIST_SIZE + 1];
data/tin-2.4.5~20200522/src/init.c:561:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char libdir[PATH_LEN]; /* directory where news config files are (ie. active) */
data/tin-2.4.5~20200522/src/init.c:651:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[PATH_LEN];
data/tin-2.4.5~20200522/src/init.c:665:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(system_info.sysname, "unknown");
data/tin-2.4.5~20200522/src/init.c:711:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
iso2asc_supported = atoi(get_val("ISO2ASC", DEFAULT_ISO2ASC));
data/tin-2.4.5~20200522/src/init.c:806:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LEN];
data/tin-2.4.5~20200522/src/init.c:809:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(tmp, "r")) != NULL) {
data/tin-2.4.5~20200522/src/init.c:908:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nntp_tcp_port = (unsigned short) atoi(get_val("NNTPPORT", NNTP_TCP_PORT));
data/tin-2.4.5~20200522/src/init.c:911:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(posted_info_file, "a")) != NULL) {
data/tin-2.4.5~20200522/src/init.c:950:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LEN], filename[PATH_LEN];
data/tin-2.4.5~20200522/src/init.c:959:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(filename, "r")) != NULL)
data/tin-2.4.5~20200522/src/keymap.c:313:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, "???"); /* Never happens? */
data/tin-2.4.5~20200522/src/keymap.c:331:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LEN], buff[NAME_LEN + 1], filename[PATH_LEN];
data/tin-2.4.5~20200522/src/keymap.c:350:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r");
data/tin-2.4.5~20200522/src/keymap.c:354:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r");
data/tin-2.4.5~20200522/src/keymap.c:359:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r");
data/tin-2.4.5~20200522/src/keymap.c:363:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r");
data/tin-2.4.5~20200522/src/keymap.c:384:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(map, "r"))) { /* TODO: issue error message? */
data/tin-2.4.5~20200522/src/keymap.c:1886:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newk[NAME_LEN + 1], buf[LEN];
data/tin-2.4.5~20200522/src/keymap.c:1887:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *bugreport[3] = { NULL, NULL, NULL };
data/tin-2.4.5~20200522/src/keymap.c:1888:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *catchup[4] = { NULL, NULL, NULL, NULL };
data/tin-2.4.5~20200522/src/keymap.c:1889:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *catchup_next_unread[4] = { NULL, NULL, NULL, NULL };
data/tin-2.4.5~20200522/src/keymap.c:1890:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *config_select[2] = { NULL, NULL };
data/tin-2.4.5~20200522/src/keymap.c:1891:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *edit_filter[2] = { NULL, NULL };
data/tin-2.4.5~20200522/src/keymap.c:1892:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *down[2] = { NULL, NULL };
data/tin-2.4.5~20200522/src/keymap.c:1893:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *groupreadbasenote[2] = { NULL, NULL };
data/tin-2.4.5~20200522/src/keymap.c:1894:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *mark_article_unread[3] = { NULL, NULL, NULL };
data/tin-2.4.5~20200522/src/keymap.c:1895:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *mark_thread_unread[3] = { NULL, NULL, NULL };
data/tin-2.4.5~20200522/src/keymap.c:1896:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *menu_filter_kill[3] = { NULL, NULL, NULL };
data/tin-2.4.5~20200522/src/keymap.c:1897:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *menu_filter_select[3] = { NULL, NULL, NULL };
data/tin-2.4.5~20200522/src/keymap.c:1898:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *pagedown[3] = { NULL, NULL, NULL };
data/tin-2.4.5~20200522/src/keymap.c:1899:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *pagenextthd[2] = { NULL, NULL };
data/tin-2.4.5~20200522/src/keymap.c:1900:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *pageup[3] = { NULL, NULL, NULL };
data/tin-2.4.5~20200522/src/keymap.c:1901:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *postponed[2] = { NULL, NULL };
data/tin-2.4.5~20200522/src/keymap.c:1902:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *postpost[3] = { NULL, NULL, NULL };
data/tin-2.4.5~20200522/src/keymap.c:1903:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *postsend[2] = { NULL, NULL };
data/tin-2.4.5~20200522/src/keymap.c:1904:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *quick_filter_kill[2] = { NULL, NULL };
data/tin-2.4.5~20200522/src/keymap.c:1905:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *quick_filter_select[2] = { NULL, NULL };
data/tin-2.4.5~20200522/src/keymap.c:1906:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *selectentergroup[2] = { NULL, NULL };
data/tin-2.4.5~20200522/src/keymap.c:1907:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *selectmarkgrpunread[2] = { NULL, NULL };
data/tin-2.4.5~20200522/src/keymap.c:1908:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *selectreadgrp[2] = { NULL, NULL };
data/tin-2.4.5~20200522/src/keymap.c:1909:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *threadreadart[2] = { NULL, NULL };
data/tin-2.4.5~20200522/src/keymap.c:1910:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *up[2] = { NULL, NULL };
data/tin-2.4.5~20200522/src/keymap.c:1912:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((oldfp = fopen(old, "r")) == NULL)
data/tin-2.4.5~20200522/src/keymap.c:1916:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((newfp = fopen(newk, "w")) == NULL) {
data/tin-2.4.5~20200522/src/langinfo.c:52:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[16];
data/tin-2.4.5~20200522/src/langinfo.c:73:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, "ISO-8859-\0\0", 12);
data/tin-2.4.5~20200522/src/lock.c:223:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempfile[PATH_LEN];
data/tin-2.4.5~20200522/src/lock.c:224:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lockfile[PATH_LEN];
data/tin-2.4.5~20200522/src/lock.c:225:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char base_dir[PATH_LEN];
data/tin-2.4.5~20200522/src/mail.c:73:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return fopen(mail_active_file, mode);
data/tin-2.4.5~20200522/src/mail.c:84:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return fopen(mailgroups_file, "r");
data/tin-2.4.5~20200522/src/mail.c:97:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char my_spooldir[PATH_LEN];
data/tin-2.4.5~20200522/src/mail.c:98:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[PATH_LEN];
data/tin-2.4.5~20200522/src/mail.c:183:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char group_path[PATH_LEN];
data/tin-2.4.5~20200522/src/mail.c:278:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((result = fopen(local_newsgroups_file, "r")) != NULL) {
data/tin-2.4.5~20200522/src/mail.c:301:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[NNTP_STRLEN];
data/tin-2.4.5~20200522/src/mail.c:302:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[NNTP_STRLEN];
data/tin-2.4.5~20200522/src/mail.c:303:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[PATH_LEN];
data/tin-2.4.5~20200522/src/mail.c:304:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serverdir[PATH_LEN];
data/tin-2.4.5~20200522/src/mail.c:316:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((result = fopen(file, "w")) != NULL) {
data/tin-2.4.5~20200522/src/mail.c:384:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
result = fopen(file, "r");
data/tin-2.4.5~20200522/src/mail.c:398:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return fopen(newsgroups_file, "r");
data/tin-2.4.5~20200522/src/mail.c:418:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp_save = fopen(local_newsgroups_file, "w");
data/tin-2.4.5~20200522/src/mail.c:539:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(active_file, "w")) != NULL) {
data/tin-2.4.5~20200522/src/mail.c:607:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char article_filename[PATH_LEN];
data/tin-2.4.5~20200522/src/mail.c:608:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char group_path[PATH_LEN];
data/tin-2.4.5~20200522/src/mail.c:609:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char artnum[LEN];
data/tin-2.4.5~20200522/src/mail.c:644:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char article_filename[PATH_LEN];
data/tin-2.4.5~20200522/src/mail.c:645:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp_filename[PATH_LEN];
data/tin-2.4.5~20200522/src/mail.c:646:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_LEN];
data/tin-2.4.5~20200522/src/main.c:537:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
debug = atoi(optarg) & 0xff;
data/tin-2.4.5~20200522/src/main.c:554:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cmdline.getart_limit = atoi(optarg);
data/tin-2.4.5~20200522/src/main.c:628:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(optarg) != 0)
data/tin-2.4.5~20200522/src/main.c:629:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nntp_tcp_port = (unsigned short) atoi(optarg);
data/tin-2.4.5~20200522/src/main.c:751:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nodenamebuf[256]; /* SUSv2 limit; better use HOST_NAME_MAX */
data/tin-2.4.5~20200522/src/main.c:965:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/tin-2.4.5~20200522/src/main.c:1029:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_LEN];
data/tin-2.4.5~20200522/src/makecfg.c:76:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, mode);
data/tin-2.4.5~20200522/src/makecfg.c:229:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[BUFSIZ];
data/tin-2.4.5~20200522/src/makecfg.c:397:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFSIZ];
data/tin-2.4.5~20200522/src/mimetypes.c:66:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_LEN];
data/tin-2.4.5~20200522/src/mimetypes.c:69:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(file, "r")) == NULL)
data/tin-2.4.5~20200522/src/mimetypes.c:109:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_LEN];
data/tin-2.4.5~20200522/src/mimetypes.c:138:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8192];
data/tin-2.4.5~20200522/src/mimetypes.c:140:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(file, "r")) == NULL)
data/tin-2.4.5~20200522/src/mimetypes.c:176:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_LEN];
data/tin-2.4.5~20200522/src/misc.c:126:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp_old = fopen(old_filename, "r")) == NULL) {
data/tin-2.4.5~20200522/src/misc.c:130:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp_new = fopen(new_filename, "a")) == NULL) {
data/tin-2.4.5~20200522/src/misc.c:183:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8192];
data/tin-2.4.5~20200522/src/misc.c:223:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp_in = fopen(filename, "r")) == NULL) /* a missing sourcefile is not a real bug */
data/tin-2.4.5~20200522/src/misc.c:228:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp_out = fopen(backupname, "w")) == NULL) {
data/tin-2.4.5~20200522/src/misc.c:270:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8192];
data/tin-2.4.5~20200522/src/misc.c:271:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[8192];
data/tin-2.4.5~20200522/src/misc.c:272:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefixbuf[256];
data/tin-2.4.5~20200522/src/misc.c:383:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_LEN];
data/tin-2.4.5~20200522/src/misc.c:384:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char editor_format[PATH_LEN];
data/tin-2.4.5~20200522/src/misc.c:385:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char editor[PATH_LEN];
data/tin-2.4.5~20200522/src/misc.c:389:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fnameb[PATH_LEN];
data/tin-2.4.5~20200522/src/misc.c:427:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_LEN], nam_body[PATH_LEN], nam_head[PATH_LEN];
data/tin-2.4.5~20200522/src/misc.c:428:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ispell[PATH_LEN];
data/tin-2.4.5~20200522/src/misc.c:448:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp_all = fopen(nam, "r")) == NULL) {
data/tin-2.4.5~20200522/src/misc.c:453:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp_head = fopen(nam_head, "w")) == NULL) {
data/tin-2.4.5~20200522/src/misc.c:459:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp_body = fopen(nam_body, "w")) == NULL) {
data/tin-2.4.5~20200522/src/misc.c:501:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shell[LEN];
data/tin-2.4.5~20200522/src/misc.c:719:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LEN];
data/tin-2.4.5~20200522/src/misc.c:762:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp_old = fopen(old_filename, "r")) == NULL) {
data/tin-2.4.5~20200522/src/misc.c:766:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp_new = fopen(new_filename, "w")) == NULL) {
data/tin-2.4.5~20200522/src/misc.c:858:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32]; /* should be big enough */
data/tin-2.4.5~20200522/src/misc.c:1148:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/tin-2.4.5~20200522/src/misc.c:1152:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(the_lock_file, "r")) != NULL) {
data/tin-2.4.5~20200522/src/misc.c:1155:84: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
error_message(2, "\n%s: Already started pid=[%d] on %s", tin_progname, err ? 0 : atoi(buf), err ? "-" : buf + 8);
data/tin-2.4.5~20200522/src/misc.c:1159:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(the_lock_file, "w")) != NULL) {
data/tin-2.4.5~20200522/src/misc.c:1202:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[LEN];
data/tin-2.4.5~20200522/src/misc.c:1362:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[PATH_LEN];
data/tin-2.4.5~20200522/src/misc.c:1428:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tbuf, "%d", linenum);
data/tin-2.4.5~20200522/src/misc.c:1516:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char defbuf[PATH_LEN];
data/tin-2.4.5~20200522/src/misc.c:1517:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[PATH_LEN];
data/tin-2.4.5~20200522/src/misc.c:1613:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_LEN];
data/tin-2.4.5~20200522/src/misc.c:1639:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_LEN];
data/tin-2.4.5~20200522/src/misc.c:1645:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[PATH_LEN];
data/tin-2.4.5~20200522/src/misc.c:1736:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_LEN];
data/tin-2.4.5~20200522/src/misc.c:1754:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[PATH_LEN];
data/tin-2.4.5~20200522/src/misc.c:1829:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[PATH_LEN];
data/tin-2.4.5~20200522/src/misc.c:2023:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[PATH_LEN];
data/tin-2.4.5~20200522/src/misc.c:2177:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char selorg[512];
data/tin-2.4.5~20200522/src/misc.c:2186:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((orgfp = fopen(in_org, "r")) == NULL)
data/tin-2.4.5~20200522/src/misc.c:2216:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[HEADER_LEN];
data/tin-2.4.5~20200522/src/misc.c:2220:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(local_input_history_file, "r")) == NULL)
data/tin-2.4.5~20200522/src/misc.c:2282:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(file_tmp, "w")) == NULL) {
data/tin-2.4.5~20200522/src/misc.c:2336:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buff[2 * LEN]; /* on the safe side */
data/tin-2.4.5~20200522/src/misc.c:2372:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buff[2 * LEN]; /* on the safe side */
data/tin-2.4.5~20200522/src/misc.c:2400:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[HEADER_LEN];
data/tin-2.4.5~20200522/src/misc.c:2424:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(clocal_charset, "//TRANSLIT");
data/tin-2.4.5~20200522/src/misc.c:2441:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unknown_ucs4[4];
data/tin-2.4.5~20200522/src/misc.c:2474:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmpbuf, unknown_ucs4, 4);
data/tin-2.4.5~20200522/src/misc.c:2763:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char gnksa_legal_fqdn_chars[256] = {
data/tin-2.4.5~20200522/src/misc.c:2788:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char gnksa_legal_localpart_chars[256] = {
data/tin-2.4.5~20200522/src/misc.c:2814:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char gnksa_legal_realname_chars[256] = {
data/tin-2.4.5~20200522/src/misc.c:3394:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char work[HEADER_LEN];
data/tin-2.4.5~20200522/src/misc.c:3518:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char decoded[HEADER_LEN];
data/tin-2.4.5~20200522/src/misc.c:3602:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char address[HEADER_LEN]; /* will be initialised in gnksa_split_from() */
data/tin-2.4.5~20200522/src/misc.c:3603:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char realname[HEADER_LEN]; /* which is called by gnksa_do_check_from() */
data/tin-2.4.5~20200522/src/misc.c:4207:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[NNTP_STRLEN];
data/tin-2.4.5~20200522/src/misc.c:4214:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[PATH_LEN];
data/tin-2.4.5~20200522/src/my_tmpfile.c:63:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_LEN];
data/tin-2.4.5~20200522/src/my_tmpfile.c:91:8: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
fd = mkstemp(filename);
data/tin-2.4.5~20200522/src/my_tmpfile.c:100:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(t, (O_WRONLY|O_CREAT|O_EXCL), (mode_t) (S_IRUSR|S_IWUSR));
data/tin-2.4.5~20200522/src/newsrc.c:106:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(newsrc_file, "r")) != NULL) {
data/tin-2.4.5~20200522/src/newsrc.c:211:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp_ip = fopen(newsrc, "r")) == NULL)
data/tin-2.4.5~20200522/src/newsrc.c:225:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp_op = fopen(newnewsrc, "w")) != NULL) {
data/tin-2.4.5~20200522/src/newsrc.c:277:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(newsrc_file, "w")) != NULL) {
data/tin-2.4.5~20200522/src/newsrc.c:314:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return (fopen(subscriptions_file, "r"));
data/tin-2.4.5~20200522/src/newsrc.c:344:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp_newsrc = fopen(newsrc_file, "w")) == NULL) {
data/tin-2.4.5~20200522/src/newsrc.c:387:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirbuf[PATH_LEN];
data/tin-2.4.5~20200522/src/newsrc.c:388:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filebuf[PATH_LEN];
data/tin-2.4.5~20200522/src/newsrc.c:433:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[NNTP_STRLEN];
data/tin-2.4.5~20200522/src/newsrc.c:476:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char group_path[PATH_LEN];
data/tin-2.4.5~20200522/src/newsrc.c:564:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((newfp = fopen(newnewsrc, "w")) == NULL)
data/tin-2.4.5~20200522/src/newsrc.c:576:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(newsrc, "r")) != NULL) {
data/tin-2.4.5~20200522/src/newsrc.c:631:28: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!no_write && (newfp = fopen(newnewsrc, "w")) != NULL) {
data/tin-2.4.5~20200522/src/newsrc.c:641:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(newsrc, "r")) != NULL) {
data/tin-2.4.5~20200522/src/newsrc.c:680:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((newfp = fopen(newnewsrc, "w")) != NULL) {
data/tin-2.4.5~20200522/src/newsrc.c:690:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(newsrc, "r")) != NULL) {
data/tin-2.4.5~20200522/src/newsrc.c:842:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[NEWSRC_LINE];
data/tin-2.4.5~20200522/src/newsrc.c:968:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newbitmap, group->newsrc.xbitmap, BITS_TO_BYTES(group->newsrc.xbitlen));
data/tin-2.4.5~20200522/src/newsrc.c:998:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newbitmap, group->newsrc.xbitmap, BITS_TO_BYTES(group->newsrc.xbitlen));
data/tin-2.4.5~20200522/src/newsrc.c:1219:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[PATH_LEN];
data/tin-2.4.5~20200522/src/newsrc.c:1220:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sub[PATH_LEN];
data/tin-2.4.5~20200522/src/newsrc.c:1221:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unsub[PATH_LEN];
data/tin-2.4.5~20200522/src/newsrc.c:1237:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp_in = fopen(newsrc, "r")) == NULL)
data/tin-2.4.5~20200522/src/newsrc.c:1240:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp_out = fopen(newnewsrc, "w")) == NULL)
data/tin-2.4.5~20200522/src/newsrc.c:1260:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp_sub = fopen(sub, "w")) == NULL)
data/tin-2.4.5~20200522/src/newsrc.c:1265:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp_unsub = fopen(unsub, "w")) == NULL)
data/tin-2.4.5~20200522/src/newsrc.c:1325:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp_sub = fopen(sub, "r")) == NULL)
data/tin-2.4.5~20200522/src/newsrc.c:1353:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp_unsub = fopen(unsub, "r")) == NULL)
data/tin-2.4.5~20200522/src/newsrc.c:1567:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newbitmap + (group->newsrc.xmin - first) / NBITS, group->newsrc.xbitmap, BITS_TO_BYTES(group->newsrc.xbitlen));
data/tin-2.4.5~20200522/src/nntplib.c:47:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char last_put[NNTP_STRLEN];
data/tin-2.4.5~20200522/src/nntplib.c:114:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[256];
data/tin-2.4.5~20200522/src/nntplib.c:119:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[256];
data/tin-2.4.5~20200522/src/nntplib.c:160:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(file, "r")) != NULL) {
data/tin-2.4.5~20200522/src/nntplib.c:210:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[256];
data/tin-2.4.5~20200522/src/nntplib.c:309:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char device[20];
data/tin-2.4.5~20200522/src/nntplib.c:322:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(device, "/dev/tcp");
data/tin-2.4.5~20200522/src/nntplib.c:351:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *) &sock_in.sin_addr, hp->h_addr_list[0], hp->h_length);
data/tin-2.4.5~20200522/src/nntplib.c:413:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *alist[2] = {0, 0};
data/tin-2.4.5~20200522/src/nntplib.c:417:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char namebuf[256];
data/tin-2.4.5~20200522/src/nntplib.c:495:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *) &sock_in.sin_addr, *cp, hp->h_length);
data/tin-2.4.5~20200522/src/nntplib.c:567:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *) &sock_in.sin_addr, hp->h_addr_list[0], hp->h_length);
data/tin-2.4.5~20200522/src/nntplib.c:569:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *) &sock_in.sin_addr, hp->h_addr, hp->h_length);
data/tin-2.4.5~20200522/src/nntplib.c:605:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mymachine[MAXHOSTNAMELEN + 1];
data/tin-2.4.5~20200522/src/nntplib.c:606:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char myport[12];
data/tin-2.4.5~20200522/src/nntplib.c:706:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *) sdn.sdn_add.a_addr, np->n_addr, np->n_length);
data/tin-2.4.5~20200522/src/nntplib.c:715:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&sdn.sdn_objname[0], "NNTP", sdn.sdn_objnamel);
data/tin-2.4.5~20200522/src/nntplib.c:817:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[NNTP_STRLEN];
data/tin-2.4.5~20200522/src/nntplib.c:958:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(last_put, "MODE READER");
data/tin-2.4.5~20200522/src/nntplib.c:969:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "\r\n"); /* tin_fgets() needs CRLF */
data/tin-2.4.5~20200522/src/nntplib.c:1031:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[NNTP_STRLEN];
data/tin-2.4.5~20200522/src/nntplib.c:1097:43: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nntp_caps.version = (unsigned int) atoi(d);
data/tin-2.4.5~20200522/src/nntplib.c:1285:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[NNTP_STRLEN];
data/tin-2.4.5~20200522/src/nntplib.c:1354:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[NNTP_STRLEN]= { '\0' };
data/tin-2.4.5~20200522/src/nntplib.c:1464:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[NNTP_STRLEN];
data/tin-2.4.5~20200522/src/nntplib.c:1549:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
j = atoi(get_val("COLUMNS", "80"));
data/tin-2.4.5~20200522/src/nntplib.c:1839:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char savebuf[NNTP_STRLEN];
data/tin-2.4.5~20200522/src/nntplib.c:1988:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[NNTP_STRLEN];
data/tin-2.4.5~20200522/src/nrctbl.c:71:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(local_newsrctable_file, "w")) == NULL)
data/tin-2.4.5~20200522/src/nrctbl.c:102:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LEN];
data/tin-2.4.5~20200522/src/nrctbl.c:103:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_found[PATH_LEN];
data/tin-2.4.5~20200522/src/nrctbl.c:107:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(local_newsrctable_file, "r")) != NULL) {
data/tin-2.4.5~20200522/src/nrctbl.c:147:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LEN];
data/tin-2.4.5~20200522/src/nrctbl.c:148:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_found[PATH_LEN];
data/tin-2.4.5~20200522/src/nrctbl.c:153:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(local_newsrctable_file, "r")) != NULL) {
data/tin-2.4.5~20200522/src/nrctbl.c:179:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[PATH_LEN];
data/tin-2.4.5~20200522/src/nrctbl.c:180:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_newsrc[PATH_LEN];
data/tin-2.4.5~20200522/src/options_menu.c:453:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[LEN], *ptr, *ptr2;
data/tin-2.4.5~20200522/src/options_menu.c:925:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[MAXKEYLEN];
data/tin-2.4.5~20200522/src/options_menu.c:2171:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_LEN];
data/tin-2.4.5~20200522/src/options_menu.c:2644:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[MAXKEYLEN];
data/tin-2.4.5~20200522/src/options_menu.c:2858:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LEN];
data/tin-2.4.5~20200522/src/options_menu.c:2900:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LEN];
data/tin-2.4.5~20200522/src/options_menu.c:2948:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
new_pos = atoi(p);
data/tin-2.4.5~20200522/src/page.c:310:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LEN];
data/tin-2.4.5~20200522/src/page.c:311:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[MAXKEYLEN];
data/tin-2.4.5~20200522/src/page.c:1224:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LEN], *buf2;
data/tin-2.4.5~20200522/src/page.c:1260:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LEN];
data/tin-2.4.5~20200522/src/page.c:1264:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mimefile[PATH_LEN];
data/tin-2.4.5~20200522/src/page.c:2401:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[MAXKEYLEN];
data/tin-2.4.5~20200522/src/pgp.c:136:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pgp_data[PATH_LEN];
data/tin-2.4.5~20200522/src/pgp.c:137:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char hdr[PATH_LEN], pt[PATH_LEN], ct[PATH_LEN];
data/tin-2.4.5~20200522/src/pgp.c:173:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((header = fopen(hdr, "r")) != NULL) {
data/tin-2.4.5~20200522/src/pgp.c:174:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((text = fopen(ct, "r")) != NULL) {
data/tin-2.4.5~20200522/src/pgp.c:175:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((art = fopen(file, "w")) != NULL) {
data/tin-2.4.5~20200522/src/pgp.c:200:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LEN];
data/tin-2.4.5~20200522/src/pgp.c:201:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[PATH_LEN];
data/tin-2.4.5~20200522/src/pgp.c:211:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((art = fopen(file, "r")) == NULL)
data/tin-2.4.5~20200522/src/pgp.c:216:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((header = fopen(hdr, "w")) == NULL)
data/tin-2.4.5~20200522/src/pgp.c:219:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((plaintext = fopen(pt, "w")) == NULL)
data/tin-2.4.5~20200522/src/pgp.c:245:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[LEN];
data/tin-2.4.5~20200522/src/pgp.c:246:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mailfrom[LEN];
data/tin-2.4.5~20200522/src/pgp.c:296:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[LEN], buf[LEN];
data/tin-2.4.5~20200522/src/pgp.c:297:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyfile[PATH_LEN], tmp[PATH_LEN];
data/tin-2.4.5~20200522/src/pgp.c:313:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(file, "a")) != NULL) {
data/tin-2.4.5~20200522/src/pgp.c:314:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((key = fopen(keyfile, "r")) != NULL) {
data/tin-2.4.5~20200522/src/pgp.c:334:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyring[PATH_LEN];
data/tin-2.4.5~20200522/src/pgp.c:337:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(keyring, "r")) == NULL) {
data/tin-2.4.5~20200522/src/pgp.c:352:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyboth[MAXKEYLEN], keyencrypt[MAXKEYLEN], keyquit[MAXKEYLEN];
data/tin-2.4.5~20200522/src/pgp.c:353:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keysign[MAXKEYLEN];
data/tin-2.4.5~20200522/src/pgp.c:397:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyinclude[MAXKEYLEN], keyquit[MAXKEYLEN], keysign[MAXKEYLEN];
data/tin-2.4.5~20200522/src/pgp.c:442:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char artfile[PATH_LEN], buf[LEN], cmd[LEN];
data/tin-2.4.5~20200522/src/pgp.c:453:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((art = fopen(artfile, "w")) == NULL) {
data/tin-2.4.5~20200522/src/plp_snprintf.c:351:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char b[2];
data/tin-2.4.5~20200522/src/plp_snprintf.c:437:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char convert[64];
data/tin-2.4.5~20200522/src/plp_snprintf.c:502:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char convert[128];
data/tin-2.4.5~20200522/src/plp_snprintf.c:503:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmts[128];
data/tin-2.4.5~20200522/src/plp_snprintf.c:520:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( fmts+strlen(fmts), "%d", len );
data/tin-2.4.5~20200522/src/plp_snprintf.c:522:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( fmts+strlen(fmts), ".%d", precision );
data/tin-2.4.5~20200522/src/plp_snprintf.c:587:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char msgbuf[32]; /* holds "errno=%d". */
data/tin-2.4.5~20200522/src/plp_snprintf.c:589:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(msgbuf, "errno=%d", err);
data/tin-2.4.5~20200522/src/plp_snprintf.c:600:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[128];
data/tin-2.4.5~20200522/src/post.c:55:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[1024]; \
data/tin-2.4.5~20200522/src/post.c:75:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lock[1024]; \
data/tin-2.4.5~20200522/src/post.c:96:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mid[NNTP_STRLEN]; \
data/tin-2.4.5~20200522/src/post.c:124:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bug_addr[LEN]; /* address to add send bug reports to */
data/tin-2.4.5~20200522/src/post.c:125:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char my_distribution[LEN]; /* Distribution: */
data/tin-2.4.5~20200522/src/post.c:126:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char reply_to[LEN]; /* Reply-To: address */
data/tin-2.4.5~20200522/src/post.c:200:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LEN];
data/tin-2.4.5~20200522/src/post.c:201:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyedit[MAXKEYLEN];
data/tin-2.4.5~20200522/src/post.c:202:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyquit[MAXKEYLEN];
data/tin-2.4.5~20200522/src/post.c:203:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keysend[MAXKEYLEN];
data/tin-2.4.5~20200522/src/post.c:205:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyispell[MAXKEYLEN];
data/tin-2.4.5~20200522/src/post.c:208:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keypgp[MAXKEYLEN];
data/tin-2.4.5~20200522/src/post.c:253:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyedit[MAXKEYLEN], keypostpone[MAXKEYLEN], keyquit[MAXKEYLEN];
data/tin-2.4.5~20200522/src/post.c:304:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyedit[MAXKEYLEN], keymenu[MAXKEYLEN], keyquit[MAXKEYLEN];
data/tin-2.4.5~20200522/src/post.c:333:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char name[PATH_LEN];
data/tin-2.4.5~20200522/src/post.c:470:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LEN];
data/tin-2.4.5~20200522/src/post.c:475:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(posted_info_file, "r")) == NULL) {
data/tin-2.4.5~20200522/src/post.c:542:13: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
if (!(fp = tmpfile())) {
data/tin-2.4.5~20200522/src/post.c:587:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(posted_info_file, "a")) != NULL) {
data/tin-2.4.5~20200522/src/post.c:589:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char logdate[10];
data/tin-2.4.5~20200522/src/post.c:593:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(logdate, "NO DATE");
data/tin-2.4.5~20200522/src/post.c:595:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(logdate, "NO DATE");
data/tin-2.4.5~20200522/src/post.c:633:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LEN];
data/tin-2.4.5~20200522/src/post.c:645:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp_in = fopen(the_article, "r")) == NULL)
data/tin-2.4.5~20200522/src/post.c:648:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp_out = fopen(the_mailbox, "a+")) != NULL) {
data/tin-2.4.5~20200522/src/post.c:818:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char references[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:819:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subject[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:868:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(c_article, "r")) == NULL) {
data/tin-2.4.5~20200522/src/post.c:1040:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[HEADER_LEN], name[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:1753:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a_message_id[HEADER_LEN]; /* Message-ID of the article if known */
data/tin-2.4.5~20200522/src/post.c:1872:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyedit[MAXKEYLEN], keypost[MAXKEYLEN];
data/tin-2.4.5~20200522/src/post.c:1873:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keypostpone[MAXKEYLEN], keyquit[MAXKEYLEN];
data/tin-2.4.5~20200522/src/post.c:1874:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keymenu[MAXKEYLEN];
data/tin-2.4.5~20200522/src/post.c:1876:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyispell[MAXKEYLEN];
data/tin-2.4.5~20200522/src/post.c:1879:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keypgp[MAXKEYLEN];
data/tin-2.4.5~20200522/src/post.c:1925:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LEN];
data/tin-2.4.5~20200522/src/post.c:1926:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyedit[MAXKEYLEN], keypost[MAXKEYLEN];
data/tin-2.4.5~20200522/src/post.c:1927:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keypostpone[MAXKEYLEN], keyquit[MAXKEYLEN];
data/tin-2.4.5~20200522/src/post.c:1928:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keymenu[MAXKEYLEN];
data/tin-2.4.5~20200522/src/post.c:1930:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyispell[MAXKEYLEN];
data/tin-2.4.5~20200522/src/post.c:1933:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keypgp[MAXKEYLEN];
data/tin-2.4.5~20200522/src/post.c:1990:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((art_fp = fopen(article_name, "r")) == NULL)
data/tin-2.4.5~20200522/src/post.c:2062:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a_mailbox[LEN];
data/tin-2.4.5~20200522/src/post.c:2063:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char posted_msgs_file[PATH_LEN];
data/tin-2.4.5~20200522/src/post.c:2103:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newsgroups[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:2179:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char from_name[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:2181:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:2198:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(article_name, "w")) == NULL) {
data/tin-2.4.5~20200522/src/post.c:2270:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:2324:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LEN];
data/tin-2.4.5~20200522/src/post.c:2349:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(postponed_articles_file, "r");
data/tin-2.4.5~20200522/src/post.c:2350:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:2377:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char postponed_tmp[PATH_LEN];
data/tin-2.4.5~20200522/src/post.c:2378:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:2384:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in = fopen(postponed_articles_file, "r");
data/tin-2.4.5~20200522/src/post.c:2385:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen(tmp_file, "w");
data/tin-2.4.5~20200522/src/post.c:2386:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tmp = fopen(postponed_tmp, "w");
data/tin-2.4.5~20200522/src/post.c:2476:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newsgroups[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:2477:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subject[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:2478:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char question[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:2500:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LEN];
data/tin-2.4.5~20200522/src/post.c:2501:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyall[MAXKEYLEN], keyno[MAXKEYLEN], keyoverride[MAXKEYLEN];
data/tin-2.4.5~20200522/src/post.c:2502:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyquit[MAXKEYLEN], keyyes[MAXKEYLEN];
data/tin-2.4.5~20200522/src/post.c:2796:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(c, d, strlen(c) + 1);
data/tin-2.4.5~20200522/src/post.c:2893:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bigbuf[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:2894:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:2895:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char from_name[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:2896:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char initials[64];
data/tin-2.4.5~20200522/src/post.c:2903:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:2926:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keymail[MAXKEYLEN], keypost[MAXKEYLEN], keyquit[MAXKEYLEN];
data/tin-2.4.5~20200522/src/post.c:2950:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyignore[MAXKEYLEN], keypost[MAXKEYLEN], keyquit[MAXKEYLEN];
data/tin-2.4.5~20200522/src/post.c:2976:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(article_name, "w")) == NULL) {
data/tin-2.4.5~20200522/src/post.c:3083:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[8192];
data/tin-2.4.5~20200522/src/post.c:3154:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(filename, "w")) == NULL) {
data/tin-2.4.5~20200522/src/post.c:3168:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char from_buf[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:3255:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mail_to[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:3278:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(filename, "r"))) { /* Oops */
data/tin-2.4.5~20200522/src/post.c:3303:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(filename, "r"))) { /* Oops */
data/tin-2.4.5~20200522/src/post.c:3362:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:3389:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nam[PATH_LEN];
data/tin-2.4.5~20200522/src/post.c:3390:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subject[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:3457:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:3486:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LEN], nam[PATH_LEN];
data/tin-2.4.5~20200522/src/post.c:3487:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmesg[LEN];
data/tin-2.4.5~20200522/src/post.c:3488:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subject[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:3584:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char from_addr[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:3585:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nam[PATH_LEN];
data/tin-2.4.5~20200522/src/post.c:3586:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subject[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:3587:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char initials[64];
data/tin-2.4.5~20200522/src/post.c:3599:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyabort[MAXKEYLEN], keycont[MAXKEYLEN];
data/tin-2.4.5~20200522/src/post.c:3644:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[8192];
data/tin-2.4.5~20200522/src/post.c:3683:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mail_to[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:3688:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:3798:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:3799:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cancel[PATH_LEN];
data/tin-2.4.5~20200522/src/post.c:3800:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char from_name[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:3801:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a_message_id[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:3803:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:3843:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[LEN];
data/tin-2.4.5~20200522/src/post.c:3844:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keycancel[MAXKEYLEN], keyquit[MAXKEYLEN], keysupersede[MAXKEYLEN];
data/tin-2.4.5~20200522/src/post.c:3874:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(cancel, "w")) == NULL) {
data/tin-2.4.5~20200522/src/post.c:3889:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line2[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:3976:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(cancel, "r"))) {
data/tin-2.4.5~20200522/src/post.c:3988:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[LEN];
data/tin-2.4.5~20200522/src/post.c:3989:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keycancel[MAXKEYLEN], keyedit[MAXKEYLEN], keyquit[MAXKEYLEN];
data/tin-2.4.5~20200522/src/post.c:4007:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(cancel, "r"))) {
data/tin-2.4.5~20200522/src/post.c:4069:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:4070:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char from_name[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:4071:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char full_name[128];
data/tin-2.4.5~20200522/src/post.c:4072:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char user_name[128];
data/tin-2.4.5~20200522/src/post.c:4079:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:4107:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(article_name, "w")) == NULL) {
data/tin-2.4.5~20200522/src/post.c:4263:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[LEN];
data/tin-2.4.5~20200522/src/post.c:4264:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyedit[MAXKEYLEN], keypost[MAXKEYLEN];
data/tin-2.4.5~20200522/src/post.c:4265:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keypostpone[MAXKEYLEN], keyquit[MAXKEYLEN];
data/tin-2.4.5~20200522/src/post.c:4266:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keymenu[MAXKEYLEN];
data/tin-2.4.5~20200522/src/post.c:4268:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyispell[MAXKEYLEN];
data/tin-2.4.5~20200522/src/post.c:4271:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keypgp[MAXKEYLEN];
data/tin-2.4.5~20200522/src/post.c:4327:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[PATH_LEN];
data/tin-2.4.5~20200522/src/post.c:4328:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:4358:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fp && ((fp = fopen(file, "r")) == NULL))
data/tin-2.4.5~20200522/src/post.c:4409:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[PATH_LEN];
data/tin-2.4.5~20200522/src/post.c:4410:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:4427:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(file, "r")) != NULL) {
data/tin-2.4.5~20200522/src/post.c:4459:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newsgroups[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:4460:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:4461:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outfile[PATH_LEN];
data/tin-2.4.5~20200522/src/post.c:4465:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp_in = fopen(infile, "r")) == NULL)
data/tin-2.4.5~20200522/src/post.c:4470:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp_out = fopen(outfile, "w")) == NULL) {
data/tin-2.4.5~20200522/src/post.c:4503:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char suffix[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:4550:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char from_name[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:4551:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outfile[PATH_LEN];
data/tin-2.4.5~20200522/src/post.c:4555:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp_in = fopen(infile, "r")) != NULL) {
data/tin-2.4.5~20200522/src/post.c:4557:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp_out = fopen(outfile, "w")) != NULL) {
data/tin-2.4.5~20200522/src/post.c:4558:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(from_name, "From: ");
data/tin-2.4.5~20200522/src/post.c:4571:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char from_buff[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:4646:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:4739:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char groupname[HEADER_LEN] = { '\0' };
data/tin-2.4.5~20200522/src/post.c:4778:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:4779:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mail_to[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:4786:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(file, "r"))) {
data/tin-2.4.5~20200522/src/post.c:4810:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a_mailbox[PATH_LEN];
data/tin-2.4.5~20200522/src/post.c:4829:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char full_name[128];
data/tin-2.4.5~20200522/src/post.c:4830:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char user_name[128];
data/tin-2.4.5~20200522/src/post.c:5124:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[NNTP_STRLEN]; /* Message-IDs are limited to 250 octets as of RFC 5536 3.1.3 and RFC 3977 3.6 */
data/tin-2.4.5~20200522/src/post.c:5145:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf2[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:5248:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path_secret[PATH_LEN];
data/tin-2.4.5~20200522/src/post.c:5249:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cancel_secret[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:5255:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp_secret = fopen(path_secret, "r")) == NULL) {
data/tin-2.4.5~20200522/src/post.c:5309:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outfile[PATH_LEN];
data/tin-2.4.5~20200522/src/post.c:5318:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp_in = fopen(infile, "r")) == NULL)
data/tin-2.4.5~20200522/src/post.c:5331:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msgidbuf[HEADER_LEN];
data/tin-2.4.5~20200522/src/post.c:5341:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dateheader[50];
data/tin-2.4.5~20200522/src/post.c:5425:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tmp[20]; /* 32^19-1 = 2^95-1 */
data/tin-2.4.5~20200522/src/prompt.c:70:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[LEN];
data/tin-2.4.5~20200522/src/prompt.c:77:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num = atoi(tmp);
data/tin-2.4.5~20200522/src/prompt.c:170:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyno[MAXKEYLEN], keyyes[MAXKEYLEN];
data/tin-2.4.5~20200522/src/prompt.c:425:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prompt[LEN];
data/tin-2.4.5~20200522/src/prompt.c:442:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prompt[LEN];
data/tin-2.4.5~20200522/src/prompt.c:468:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prompt[LEN];
data/tin-2.4.5~20200522/src/prompt.c:469:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char old_value[LEN];
data/tin-2.4.5~20200522/src/prompt.c:493:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prompt[LEN];
data/tin-2.4.5~20200522/src/prompt.c:494:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char number[LEN];
data/tin-2.4.5~20200522/src/prompt.c:507:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num = atoi(number);
data/tin-2.4.5~20200522/src/prompt.c:525:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prompt[LEN];
data/tin-2.4.5~20200522/src/prompt.c:526:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input[2];
data/tin-2.4.5~20200522/src/prompt.c:564:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pattern[LEN];
data/tin-2.4.5~20200522/src/prompt.c:595:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LEN];
data/tin-2.4.5~20200522/src/prompt.c:677:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LEN];
data/tin-2.4.5~20200522/src/prompt.c:693:3: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t wtmp[2] = { '\0', '\0' };
data/tin-2.4.5~20200522/src/refs.c:588:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[120]; /* This is _probably_ enough */
data/tin-2.4.5~20200522/src/refs.c:601:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ptr + len, "%-*.*s %-17.17s", i, i, arts[msgid->article].subject, (arts[msgid->article].name) ? arts[msgid->article].name : arts[msgid->article].from);
data/tin-2.4.5~20200522/src/refs.c:603:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ptr + len, "%-*.*s", i, i, _("[- Unavailable -]"));
data/tin-2.4.5~20200522/src/refs.c:863:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[PATH_LEN];
data/tin-2.4.5~20200522/src/refs.c:866:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((dbgfd = fopen(file, "w")) != NULL)
data/tin-2.4.5~20200522/src/refs.c:985:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char msg[LEN];
data/tin-2.4.5~20200522/src/refs.c:999:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[PATH_LEN];
data/tin-2.4.5~20200522/src/refs.c:1002:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((dbgfd = fopen(file, "w")) != NULL) {
data/tin-2.4.5~20200522/src/regex.c:157:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LEN];
data/tin-2.4.5~20200522/src/rfc1524.c:74:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LEN];
data/tin-2.4.5~20200522/src/rfc1524.c:75:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[LEN]; /* name of current mailcap file */
data/tin-2.4.5~20200522/src/rfc1524.c:76:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mailcap[LEN]; /* full match */
data/tin-2.4.5~20200522/src/rfc1524.c:78:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wildcap[LEN]; /* basetype match */
data/tin-2.4.5~20200522/src/rfc1524.c:98:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(filename, "r")) != NULL) {
data/tin-2.4.5~20200522/src/rfc1524.c:225:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmailcap->textualnewlines = atoi(ptr + 16);
data/tin-2.4.5~20200522/src/rfc2045.c:82:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[80];
data/tin-2.4.5~20200522/src/rfc2045.c:123:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[2050]; /* FIXME: this is sizeof(buffer)+2 from rfc15211522_encode() */
data/tin-2.4.5~20200522/src/rfc2046.c:483:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
idx = atoi(contp + 1);
data/tin-2.4.5~20200522/src/rfc2046.c:938:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[HEADER_LEN];
data/tin-2.4.5~20200522/src/rfc2046.c:939:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[HEADER_LEN];
data/tin-2.4.5~20200522/src/rfc2046.c:1451:45: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
if (read_news_via_nntp && !(artinfo->raw = tmpfile()))
data/tin-2.4.5~20200522/src/rfc2046.c:1514:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[NNTP_STRLEN];
data/tin-2.4.5~20200522/src/rfc2046.c:1519:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_LEN];
data/tin-2.4.5~20200522/src/rfc2046.c:1520:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pbuf[PATH_LEN];
data/tin-2.4.5~20200522/src/rfc2046.c:1521:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fbuf[NAME_LEN + 1];
data/tin-2.4.5~20200522/src/rfc2046.c:1530:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
art_fp = fopen(pbuf, "r");
data/tin-2.4.5~20200522/src/rfc2047.c:73:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char base64_alphabet[64] =
data/tin-2.4.5~20200522/src/rfc2047.c:80:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char base64_rank[256];
data/tin-2.4.5~20200522/src/rfc2047.c:241:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char charset[1024];
data/tin-2.4.5~20200522/src/rfc2047.c:394:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[60]; /* strings to be B encoded */
data/tin-2.4.5~20200522/src/rfc2047.c:564:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[80]; /* buffer for this and that */
data/tin-2.4.5~20200522/src/rfc2047.c:900:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[2048];
data/tin-2.4.5~20200522/src/rfc2047.c:913:11: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
if ((g = tmpfile()) == NULL)
data/tin-2.4.5~20200522/src/rfc2047.c:1047:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(filename, "r+")) == NULL)
data/tin-2.4.5~20200522/src/rfc2047.c:1139:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(filename, "r")) == NULL)
data/tin-2.4.5~20200522/src/rfc2047.c:1143:19: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
if ((*headerfp = tmpfile()) == NULL) {
data/tin-2.4.5~20200522/src/rfc2047.c:1157:18: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
if ((*textfp = tmpfile()) == NULL) {
data/tin-2.4.5~20200522/src/rfc2047.c:1230:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(filename, "w")) == NULL) {
data/tin-2.4.5~20200522/src/rfc2047.c:1267:12: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
if ((fp = tmpfile()) == NULL)
data/tin-2.4.5~20200522/src/rfc2047.c:1297:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char boundary[MIME_BOUNDARY_SIZE];
data/tin-2.4.5~20200522/src/rfc2047.c:1300:12: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
if ((fp = tmpfile()) == NULL)
data/tin-2.4.5~20200522/src/save.c:140:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LEN];
data/tin-2.4.5~20200522/src/save.c:141:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_LEN];
data/tin-2.4.5~20200522/src/save.c:142:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char logfile[PATH_LEN], savefile[PATH_LEN];
data/tin-2.4.5~20200522/src/save.c:143:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subject[HEADER_LEN];
data/tin-2.4.5~20200522/src/save.c:172:30: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (no_write || (fp_log = fopen(logfile, "w")) == NULL) {
data/tin-2.4.5~20200522/src/save.c:216:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[PATH_LEN];
data/tin-2.4.5~20200522/src/save.c:274:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((savefp = fopen(savefile, "w")) == NULL) {
data/tin-2.4.5~20200522/src/save.c:392:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyappend[MAXKEYLEN], keyoverwrite[MAXKEYLEN], keyquit[MAXKEYLEN];
data/tin-2.4.5~20200522/src/save.c:393:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mode[3];
data/tin-2.4.5~20200522/src/save.c:397:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(mode, "a+");
data/tin-2.4.5~20200522/src/save.c:439:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(path, mode)) == NULL) {
data/tin-2.4.5~20200522/src/save.c:478:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char from[HEADER_LEN];
data/tin-2.4.5~20200522/src/save.c:479:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_LEN];
data/tin-2.4.5~20200522/src/save.c:499:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char archpath[PATH_LEN];
data/tin-2.4.5~20200522/src/save.c:500:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[NAME_LEN + 1];
data/tin-2.4.5~20200522/src/save.c:535:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&path[strlen(path)], "%c%03d", suffixsep, num_save + 1);
data/tin-2.4.5~20200522/src/save.c:666:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2048];
data/tin-2.4.5~20200522/src/save.c:676:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extension[NAME_LEN + 1];
data/tin-2.4.5~20200522/src/save.c:715:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char base_filename[PATH_LEN];
data/tin-2.4.5~20200522/src/save.c:716:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_LEN];
data/tin-2.4.5~20200522/src/save.c:717:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf_path[PATH_LEN];
data/tin-2.4.5~20200522/src/save.c:813:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_out_dir[PATH_LEN];
data/tin-2.4.5~20200522/src/save.c:829:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp_in = fopen(save[i].path, "r")) != NULL) {
data/tin-2.4.5~20200522/src/save.c:853:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_LEN];
data/tin-2.4.5~20200522/src/save.c:906:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_out_dir[PATH_LEN];
data/tin-2.4.5~20200522/src/save.c:907:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_LEN];
data/tin-2.4.5~20200522/src/save.c:908:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[LEN], t[LEN], u[LEN];
data/tin-2.4.5~20200522/src/save.c:922:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp_in = fopen(save[i].path, "r")) == NULL)
data/tin-2.4.5~20200522/src/save.c:929:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmt[15];
data/tin-2.4.5~20200522/src/save.c:930:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[PATH_LEN];
data/tin-2.4.5~20200522/src/save.c:931:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_LEN];
data/tin-2.4.5~20200522/src/save.c:953:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp_out = fopen(path, "w")) == NULL) {
data/tin-2.4.5~20200522/src/save.c:1058:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LEN];
data/tin-2.4.5~20200522/src/save.c:1168:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LEN];
data/tin-2.4.5~20200522/src/save.c:1169:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_out[PATH_LEN];
data/tin-2.4.5~20200522/src/save.c:1170:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_out_dir[PATH_LEN];
data/tin-2.4.5~20200522/src/save.c:1180:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp_in = fopen(save[i].path, "r")) == NULL)
data/tin-2.4.5~20200522/src/save.c:1188:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp_out = fopen(file_out, "w");
data/tin-2.4.5~20200522/src/save.c:1285:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2048], buf2[2048];
data/tin-2.4.5~20200522/src/save.c:1548:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/tin-2.4.5~20200522/src/save.c:1601:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[MAXKEYLEN];
data/tin-2.4.5~20200522/src/save.c:1830:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/tin-2.4.5~20200522/src/save.c:1831:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZ];
data/tin-2.4.5~20200522/src/save.c:2010:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/tin-2.4.5~20200522/src/save.c:2011:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pat[128];
data/tin-2.4.5~20200522/src/save.c:2278:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2048], buf2[2048];
data/tin-2.4.5~20200522/src/save.c:2403:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(savepath, "r")) == NULL)
data/tin-2.4.5~20200522/src/screen.c:319:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFSIZ];
data/tin-2.4.5~20200522/src/screen.c:369:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFSIZ];
data/tin-2.4.5~20200522/src/screen.c:482:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char display[LEN];
data/tin-2.4.5~20200522/src/screen.c:485:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char last_display[LEN];
data/tin-2.4.5~20200522/src/search.c:84:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tmpbuf[LEN]; /* Hold the last pattern used */
data/tin-2.4.5~20200522/src/search.c:85:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char last_pattern[LEN]; /* last search pattern used; for repeated search */
data/tin-2.4.5~20200522/src/search.c:204:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/tin-2.4.5~20200522/src/search.c:278:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[LEN];
data/tin-2.4.5~20200522/src/search.c:342:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char msg[LEN]; /* show_progress needs a constant message buffer */
data/tin-2.4.5~20200522/src/select.c:113:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LEN];
data/tin-2.4.5~20200522/src/select.c:114:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[MAXKEYLEN];
data/tin-2.4.5~20200522/src/select.c:581:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LEN];
data/tin-2.4.5~20200522/src/select.c:695:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(sptr, " ");
data/tin-2.4.5~20200522/src/select.c:1069:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LEN];
data/tin-2.4.5~20200522/src/select.c:1070:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pos[LEN];
data/tin-2.4.5~20200522/src/select.c:1082:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pos_num = ((pos[0] == '$') ? selmenu.max : atoi(pos));
data/tin-2.4.5~20200522/src/select.c:1138:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LEN];
data/tin-2.4.5~20200522/src/select.c:1259:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[NEWSRC_LINE];
data/tin-2.4.5~20200522/src/select.c:1305:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(newsrc, "r")) == NULL)
data/tin-2.4.5~20200522/src/select.c:1339:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LEN];
data/tin-2.4.5~20200522/src/select.c:1444:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[NNTP_STRLEN];
data/tin-2.4.5~20200522/src/select.c:1568:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[NNTP_STRLEN]; /* still way too big; RFC 3977 3.6 & RFC 5536 3.1.3 limit Message-ID to max 250 octets */
data/tin-2.4.5~20200522/src/sigfile.c:49:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char sigfile[PATH_LEN];
data/tin-2.4.5~20200522/src/sigfile.c:63:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cwd[PATH_LEN];
data/tin-2.4.5~20200522/src/sigfile.c:64:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_LEN];
data/tin-2.4.5~20200522/src/sigfile.c:65:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathfixed[PATH_LEN];
data/tin-2.4.5~20200522/src/sigfile.c:84:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[PATH_LEN];
data/tin-2.4.5~20200522/src/sigfile.c:154:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fixfp = fopen(pathfixed, "r")) != NULL) {
data/tin-2.4.5~20200522/src/sigfile.c:163:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fixfp = fopen(pathfixed, "r")) != NULL) {
data/tin-2.4.5~20200522/src/sigfile.c:174:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((sigfp = fopen(path, "r")) != NULL) {
data/tin-2.4.5~20200522/src/sigfile.c:185:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((sigfp = fopen(default_signature, "r")) != NULL) {
data/tin-2.4.5~20200522/src/sigfile.c:214:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return fopen(sigfile, "r");
data/tin-2.4.5~20200522/src/strftime.c:75:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[100];
data/tin-2.4.5~20200522/src/string.c:84:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[64];
data/tin-2.4.5~20200522/src/string.c:144:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, str, len);
data/tin-2.4.5~20200522/src/string.c:385:1: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atol(
data/tin-2.4.5~20200522/src/string.c:677:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[20];
data/tin-2.4.5~20200522/src/string.c:772:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char temp[32];
data/tin-2.4.5~20200522/src/string.c:1154:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, wstr, sizeof(wchar_t) * len);
data/tin-2.4.5~20200522/src/string.c:1434:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_date_str[LEN];
data/tin-2.4.5~20200522/src/string.c:1461:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[BUFSIZ];
data/tin-2.4.5~20200522/src/string.c:1509:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
len = atoi(in);
data/tin-2.4.5~20200522/src/string.c:1515:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
len2 = atoi(in);
data/tin-2.4.5~20200522/src/string.c:1522:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
min_cols = atoi(in);
data/tin-2.4.5~20200522/src/tags.c:477:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*range_end = atoi(ptr);
data/tin-2.4.5~20200522/src/tags.c:480:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*range_start = atoi(ptr);
data/tin-2.4.5~20200522/src/tcurses.c:74:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFSIZ]; /* FIXME */
data/tin-2.4.5~20200522/src/tcurses.c:378:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[LEN];
data/tin-2.4.5~20200522/src/tcurses.c:431:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[LEN];
data/tin-2.4.5~20200522/src/tcurses.c:739:3: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t wstr[2];
data/tin-2.4.5~20200522/src/thread.c:130:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[LEN];
data/tin-2.4.5~20200522/src/thread.c:152:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, " ");
data/tin-2.4.5~20200522/src/thread.c:242:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, " ");
data/tin-2.4.5~20200522/src/thread.c:430:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[MAXKEYLEN];
data/tin-2.4.5~20200522/src/thread.c:1453:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LEN];
data/tin-2.4.5~20200522/src/tmpfile.c:53:1: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
tmpfile(
data/tin-2.4.5~20200522/src/tmpfile.c:57:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[sizeof(_PATH_TMP) + sizeof(TRAILER)];
data/tin-2.4.5~20200522/src/tmpfile.c:64:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(buf, _PATH_TMP, sizeof(_PATH_TMP) - 1);
data/tin-2.4.5~20200522/src/tmpfile.c:65:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(buf + sizeof(_PATH_TMP) - 1, TRAILER, sizeof(TRAILER));
data/tin-2.4.5~20200522/src/tmpfile.c:72:7: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
fd = mkstemp(buf);
data/tin-2.4.5~20200522/src/tmpfile.c:76:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(p, (O_WRONLY|O_CREAT|O_EXCL), (mode_t) (S_IRUSR|S_IWUSR));
data/tin-2.4.5~20200522/src/trace.c:61:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen("trace.out", "w");
data/tin-2.4.5~20200522/src/trace.c:90:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char result[2];
data/tin-2.4.5~20200522/src/version.c:73:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmt[10];
data/tin-2.4.5~20200522/src/version.c:83:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fmt, "%d.%d.%d"); /* we are expecting dotted triples */
data/tin-2.4.5~20200522/src/xface.c:129:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(fifo, "w")) != NULL) {
data/tin-2.4.5~20200522/src/xface.c:189:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
slrnface_fd = open(fifo, O_WRONLY, (S_IRUSR|S_IWUSR));
data/tin-2.4.5~20200522/src/xface.c:260:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2000]; /* slrnface will ignore X-Faces larger than approx. 2000 chars. */
data/tin-2.4.5~20200522/src/xref.c:74:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return (fopen(overviewfmt_file, "r"));
data/tin-2.4.5~20200522/include/extern.h:109:13: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
extern int fgetc(FILE *);
data/tin-2.4.5~20200522/include/extern.h:317:15: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
extern void usleep(unsigned long);
data/tin-2.4.5~20200522/include/tin.h:777:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define IS_LOCAL_CHARSET(c) (!strncasecmp(tinrc.mm_local_charset, c, strlen(c)))
data/tin-2.4.5~20200522/include/tin.h:779:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define IS_LOCAL_CHARSET(c) (!strncasecmp(tinrc.mm_charset, c, strlen(c)))
data/tin-2.4.5~20200522/include/tin.h:817:56: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
#define STRCPY(dst, src) (dst[sizeof(dst) - 1] = '\0', strncpy(dst, src, sizeof(dst) - 1))
data/tin-2.4.5~20200522/include/tin.h:2348:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
extern size_t read(int, char *, size_t);
data/tin-2.4.5~20200522/intl/bindtextdom.c:156:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen (dirname) + 1;
data/tin-2.4.5~20200522/intl/bindtextdom.c:194:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen (codeset) + 1;
data/tin-2.4.5~20200522/intl/bindtextdom.c:226:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen (domainname) + 1;
data/tin-2.4.5~20200522/intl/bindtextdom.c:254:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen (dirname) + 1;
data/tin-2.4.5~20200522/intl/bindtextdom.c:285:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen (codeset) + 1;
data/tin-2.4.5~20200522/intl/dcigettext.c:447:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msgid_len = strlen (msgid1) + 1;
data/tin-2.4.5~20200522/intl/dcigettext.c:500:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t dirname_len = strlen (binding->dirname) + 1;
data/tin-2.4.5~20200522/intl/dcigettext.c:541:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
domainname_len = strlen (domainname);
data/tin-2.4.5~20200522/intl/dcigettext.c:542:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
xdomainname = (char *) alloca (strlen (categoryname)
data/tin-2.4.5~20200522/intl/dcigettext.c:551:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
single_locale = (char *) alloca (strlen (categoryvalue) + 1);
data/tin-2.4.5~20200522/intl/dcigettext.c:707:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nls_uint32 len = strlen (msgid);
data/tin-2.4.5~20200522/intl/dcigettext.c:1071:13: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
case equal:
data/tin-2.4.5~20200522/intl/finddomain.c:92:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (dirname) + 1, 0, locale, NULL, NULL,
data/tin-2.4.5~20200522/intl/finddomain.c:128:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen (alias_value) + 1;
data/tin-2.4.5~20200522/intl/finddomain.c:147:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (dirname) + 1, mask, language, territory,
data/tin-2.4.5~20200522/intl/gettextP.h:96:5: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
equal, /* Comparision for equality. */
data/tin-2.4.5~20200522/intl/l10nflist.c:84:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t part_len = strlen (argz);
data/tin-2.4.5~20200522/intl/l10nflist.c:108:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t part_len = strlen (argz);
data/tin-2.4.5~20200522/intl/l10nflist.c:192:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen (language)
data/tin-2.4.5~20200522/intl/l10nflist.c:194:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
? strlen (territory) + 1 : 0)
data/tin-2.4.5~20200522/intl/l10nflist.c:196:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
? strlen (codeset) + 1 : 0)
data/tin-2.4.5~20200522/intl/l10nflist.c:198:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
? strlen (normalized_codeset) + 1 : 0)
data/tin-2.4.5~20200522/intl/l10nflist.c:201:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
? strlen (modifier) + 1 : 0)
data/tin-2.4.5~20200522/intl/l10nflist.c:203:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
? strlen (special) + 1 : 0)
data/tin-2.4.5~20200522/intl/l10nflist.c:207:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
? strlen (sponsor) + 1 : 0)
data/tin-2.4.5~20200522/intl/l10nflist.c:209:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
? strlen (revision) + 1 : 0)) : 0)
data/tin-2.4.5~20200522/intl/l10nflist.c:210:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ 1 + strlen (filename) + 1);
data/tin-2.4.5~20200522/intl/l10nflist.c:333:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
= _nl_make_l10nflist (l10nfile_list, dir, strlen (dir) + 1, cnt,
data/tin-2.4.5~20200522/intl/loadmsgcat.c:102:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
# define read __read
data/tin-2.4.5~20200522/intl/loadmsgcat.c:251:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
charsetstr += strlen ("charset=");
data/tin-2.4.5~20200522/intl/loadmsgcat.c:297:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (outcharset);
data/tin-2.4.5~20200522/intl/loadmsgcat.c:426:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
long int nb = (long int) read (fd, read_ptr, to_read);
data/tin-2.4.5~20200522/intl/localcharset.c:97:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t dir_len = strlen (dir);
data/tin-2.4.5~20200522/intl/localcharset.c:98:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t base_len = strlen (base);
data/tin-2.4.5~20200522/intl/localcharset.c:125:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc (fp);
data/tin-2.4.5~20200522/intl/localcharset.c:134:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc (fp);
data/tin-2.4.5~20200522/intl/localcharset.c:141:12: [1] (buffer) fscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if (fscanf(fp, "%50s %50s", buf1, buf2) < 2)
data/tin-2.4.5~20200522/intl/localcharset.c:143:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l1 = strlen (buf1);
data/tin-2.4.5~20200522/intl/localcharset.c:144:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l2 = strlen (buf2);
data/tin-2.4.5~20200522/intl/localcharset.c:262:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aliases += strlen (aliases) + 1, aliases += strlen (aliases) + 1)
data/tin-2.4.5~20200522/intl/localcharset.c:262:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aliases += strlen (aliases) + 1, aliases += strlen (aliases) + 1)
data/tin-2.4.5~20200522/intl/localcharset.c:266:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
codeset = aliases + strlen (aliases) + 1;
data/tin-2.4.5~20200522/intl/localealias.c:292:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
alias_len = strlen (alias) + 1;
data/tin-2.4.5~20200522/intl/localealias.c:293:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value_len = strlen (value) + 1;
data/tin-2.4.5~20200522/intl/plural.c:617:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define yystrlen strlen
data/tin-2.4.5~20200522/intl/plural.c:1437:15: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
lval->op = equal;
data/tin-2.4.5~20200522/intl/textdomain.c:113:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen (domainname) + 1;
data/tin-2.4.5~20200522/libcanlock/src/base64.c:83:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(s);
data/tin-2.4.5~20200522/libcanlock/src/base64.c:108:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(token) < 4)
data/tin-2.4.5~20200522/libcanlock/src/canlock.c:87:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(s);
data/tin-2.4.5~20200522/libcanlock/src/canlock.c:91:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(res, s, len);
data/tin-2.4.5~20200522/libcanlock/src/canlock.c:176:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
scheme = (char *) malloc(strlen(input) + (size_t) 1);
data/tin-2.4.5~20200522/libcanlock/src/canlock.c:257:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
scheme_len = strlen(scheme);
data/tin-2.4.5~20200522/libcanlock/src/canlock.c:268:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(*cankey, scheme, scheme_len);
data/tin-2.4.5~20200522/libcanlock/src/canlock.c:325:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (USHAInput(&hash_ctx, cankey, (unsigned int) strlen((char *) cankey))
data/tin-2.4.5~20200522/libcanlock/src/canlock.c:361:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
scheme_len = strlen(scheme);
data/tin-2.4.5~20200522/libcanlock/src/canlock.c:372:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(*canlock, scheme, scheme_len);
data/tin-2.4.5~20200522/libcanlock/src/canlock.c:409:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
key_size = strlen(key);
data/tin-2.4.5~20200522/libcanlock/test/canlocktest.c:135:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c_key = cl_get_key(CL_SHA256, (const unsigned char *) sec, strlen(sec),
data/tin-2.4.5~20200522/libcanlock/test/canlocktest.c:136:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(const unsigned char *) mid, strlen(mid));
data/tin-2.4.5~20200522/libcanlock/test/canlocktest.c:137:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c_lock = cl_get_lock(CL_SHA256, (const unsigned char *) sec, strlen(sec),
data/tin-2.4.5~20200522/libcanlock/test/canlocktest.c:138:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(const unsigned char *) mid, strlen(mid));
data/tin-2.4.5~20200522/libcanlock/test/canlocktest.c:171:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uid_mid = (char *) malloc(strlen(uid) + strlen(mid) + (size_t) 1);
data/tin-2.4.5~20200522/libcanlock/test/canlocktest.c:171:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uid_mid = (char *) malloc(strlen(uid) + strlen(mid) + (size_t) 1);
data/tin-2.4.5~20200522/libcanlock/test/canlocktest.c:174:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c_key = cl_get_key(CL_SHA256, (const unsigned char *) sec2, strlen(sec2),
data/tin-2.4.5~20200522/libcanlock/test/canlocktest.c:175:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(const unsigned char *) uid_mid, strlen(uid_mid));
data/tin-2.4.5~20200522/libcanlock/test/canlocktest.c:176:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c_lock = cl_get_lock(CL_SHA256, (const unsigned char *) sec2, strlen(sec2),
data/tin-2.4.5~20200522/libcanlock/test/canlocktest.c:177:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(const unsigned char *) uid_mid, strlen(uid_mid));
data/tin-2.4.5~20200522/libcanlock/test/canlocktest_legacy.c:96:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
llock = sha_lock(secret, strlen((char *) secret),
data/tin-2.4.5~20200522/libcanlock/test/canlocktest_legacy.c:97:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
message, strlen((char *) message));
data/tin-2.4.5~20200522/libcanlock/test/canlocktest_legacy.c:98:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lkey = sha_key(secret, strlen((char *) secret),
data/tin-2.4.5~20200522/libcanlock/test/canlocktest_legacy.c:99:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
message, strlen((char *)message));
data/tin-2.4.5~20200522/libcanlock/test/shatest.c:1129:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = getc(hashfp)) != EOF) {
data/tin-2.4.5~20200522/libcanlock/test/shatest.c:1390:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case 'i': info = optarg; infolen = strlen(optarg); break;
data/tin-2.4.5~20200522/libcanlock/test/shatest.c:1391:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case 'k': hmacKey = optarg; hmaclen = strlen(optarg); break;
data/tin-2.4.5~20200522/libcanlock/test/shatest.c:1399:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case 's': hashstr = optarg; hashlen = strlen(hashstr); break;
data/tin-2.4.5~20200522/libcanlock/util/canlock.c:162:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rv = fgetc(stdin);
data/tin-2.4.5~20200522/libcanlock/util/canlock.c:229:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
out = cl_get_key(hash, sec, sec_size, mid, strlen(opt_value));
data/tin-2.4.5~20200522/libcanlock/util/canlock.c:233:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
out = cl_get_lock(hash, sec, sec_size, mid, strlen(opt_value));
data/tin-2.4.5~20200522/libcanlock/util/canlock.c:257:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
key = (char *) malloc(strlen(opt_value) + (size_t) 1);
data/tin-2.4.5~20200522/pcre/pcre_compile.c:5197:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cd->end_pattern = (const uschar *)(pattern + strlen(pattern));
data/tin-2.4.5~20200522/pcre/pcre_dfa_exec.c:460:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pchars((uschar *)ptr, strlen((char *)ptr), stdout);
data/tin-2.4.5~20200522/pcre/pcredemo.c:68:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
subject_length = (int)strlen(subject);
data/tin-2.4.5~20200522/pcre/pcregrep.c:354:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(filename);
data/tin-2.4.5~20200522/pcre/pcregrep.c:813:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned long newlen = length * jfriedl_XT + strlen(jfriedl_prefix) + strlen(jfriedl_postfix);
data/tin-2.4.5~20200522/pcre/pcregrep.c:813:81: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned long newlen = length * jfriedl_XT + strlen(jfriedl_prefix) + strlen(jfriedl_postfix);
data/tin-2.4.5~20200522/pcre/pcregrep.c:821:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(endptr, jfriedl_prefix); endptr += strlen(jfriedl_prefix);
data/tin-2.4.5~20200522/pcre/pcregrep.c:823:19: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(endptr, orig, length);
data/tin-2.4.5~20200522/pcre/pcregrep.c:826:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(endptr, jfriedl_postfix); endptr += strlen(jfriedl_postfix);
data/tin-2.4.5~20200522/pcre/pcregrep.c:1192:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
blen = strlen(buffer);
data/tin-2.4.5~20200522/pcre/pcregrep.c:1412:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
errptr -= (int)strlen(prefix[process_options]);
data/tin-2.4.5~20200522/pcre/pcregrep.c:1413:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (errptr > (int)strlen(pattern)) errptr = (int)strlen(pattern);
data/tin-2.4.5~20200522/pcre/pcregrep.c:1413:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (errptr > (int)strlen(pattern)) errptr = (int)strlen(pattern);
data/tin-2.4.5~20200522/pcre/pcregrep.c:1458:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *eop = pattern + strlen(pattern);
data/tin-2.4.5~20200522/pcre/pcregrep.c:1564:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int arglen = (argequals == NULL)? strlen(arg) : argequals - arg;
data/tin-2.4.5~20200522/pcre/pcregrep.c:1583:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(buff2, "%s%.*s", buff1, strlen(op->long_name) - baselen - 2,
data/tin-2.4.5~20200522/pcre/pcregrep.c:1720:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nlen = (equals == NULL)? (int)strlen(op->long_name) :
data/tin-2.4.5~20200522/pcre/pcregrep.c:1918:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *s = buffer + (int)strlen(buffer);
data/tin-2.4.5~20200522/pcre/pcreposix.c:152:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(message) + 1;
data/tin-2.4.5~20200522/pcre/pcreposix.c:156:3: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(addmessage) + 6 : 0;
data/tin-2.4.5~20200522/pcre/pcreposix.c:164:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(errbuf, message, errbuf_size - 1);
data/tin-2.4.5~20200522/pcre/pcreposix.c:281:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = pcre_exec((const pcre *)preg->re_pcre, NULL, string, (int)strlen(string),
data/tin-2.4.5~20200522/pcre/pcretest.c:196:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dlen = (int)strlen((char *)here);
data/tin-2.4.5~20200522/pcre/pcretest.c:967:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pp = p + (int)strlen((char *)p);
data/tin-2.4.5~20200522/pcre/pcretest.c:1245:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int)strlen((char *)buffer);
data/tin-2.4.5~20200522/pcre/pcretest.c:1388:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nameentrysize - 3 - (int)strlen((char *)nametable + 2), "",
data/tin-2.4.5~20200522/pcre/pcretest.c:1630:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int)strlen((char *)buffer);
data/tin-2.4.5~20200522/pcre/pcretest.c:2127:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
copynamesptr += (int)strlen((char*)copynamesptr) + 1)
data/tin-2.4.5~20200522/pcre/pcretest.c:2157:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
getnamesptr += (int)strlen((char*)getnamesptr) + 1)
data/tin-2.4.5~20200522/src/active.c:470:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(moderated, "y");
data/tin-2.4.5~20200522/src/active.c:822:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*buff && ((strlen(buff) + strlen(ptr)) < (NNTP_GRPLEN - 1))) { /* append group name */
data/tin-2.4.5~20200522/src/active.c:822:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*buff && ((strlen(buff) + strlen(ptr)) < (NNTP_GRPLEN - 1))) { /* append group name */
data/tin-2.4.5~20200522/src/active.c:823:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(buff + strlen(buff), sizeof(buff) - strlen(buff), ",%s", ptr);
data/tin-2.4.5~20200522/src/active.c:823:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(buff + strlen(buff), sizeof(buff) - strlen(buff), ",%s", ptr);
data/tin-2.4.5~20200522/src/active.c:1127:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
list_len = strlen(group_list);
data/tin-2.4.5~20200522/src/active.c:1149:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(pattern, group_list, group_len);
data/tin-2.4.5~20200522/src/active.c:1287:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(group_path) && group_path[strlen(group_path) - 1] == '/')
data/tin-2.4.5~20200522/src/active.c:1287:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(group_path) && group_path[strlen(group_path) - 1] == '/')
data/tin-2.4.5~20200522/src/active.c:1288:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
group_path[strlen(group_path) - 1] = '\0';
data/tin-2.4.5~20200522/src/active.c:1332:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
append_group_line(active_file, group_path + strlen(fixed_base) + 1, art_max, art_min, fixed_base);
data/tin-2.4.5~20200522/src/art.c:949:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(slen = strlen(arts[base[root_num]].subject)))
data/tin-2.4.5~20200522/src/art.c:951:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unmatched += slen - strlen(arts[i].subject);
data/tin-2.4.5~20200522/src/art.c:1752:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nntp_caps.headers_range = my_realloc(nntp_caps.headers_range, strlen(nntp_caps.headers_range) + strlen(ptr) + 2);
data/tin-2.4.5~20200522/src/art.c:1752:102: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nntp_caps.headers_range = my_realloc(nntp_caps.headers_range, strlen(nntp_caps.headers_range) + strlen(ptr) + 2);
data/tin-2.4.5~20200522/src/art.c:1754:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(nntp_caps.headers_range, "\n");
data/tin-2.4.5~20200522/src/art.c:2327:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nntp_caps.headers_range = my_realloc(nntp_caps.headers_range, strlen(nntp_caps.headers_range) + strlen(ptr) + 2);
data/tin-2.4.5~20200522/src/art.c:2327:105: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nntp_caps.headers_range = my_realloc(nntp_caps.headers_range, strlen(nntp_caps.headers_range) + strlen(ptr) + 2);
data/tin-2.4.5~20200522/src/art.c:2329:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(nntp_caps.headers_range, "\n");
data/tin-2.4.5~20200522/src/art.c:2688:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t sp, ln = strlen(index_newsdir);
data/tin-2.4.5~20200522/src/art.c:2693:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(index_newsdir, "-");
data/tin-2.4.5~20200522/src/art.c:3282:100: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strpbrk(article->name, "\".:;<>@[]()\\") != NULL && article->name[0] != '"' && article->name[strlen(article->name)] != '"')
data/tin-2.4.5~20200522/src/attrib.c:270:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (match_string(line, pattern, buf, sizeof(buf) - strlen(pattern))) { \
data/tin-2.4.5~20200522/src/attrib.c:283:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(line, pattern, strlen(pattern))) { \
data/tin-2.4.5~20200522/src/attrib.c:1383:14: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((i = fgetc(fp)) != EOF) {
data/tin-2.4.5~20200522/src/charset.c:314:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(from);
data/tin-2.4.5~20200522/src/charset.c:320:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
subst_len = strlen(tex_from[i]);
data/tin-2.4.5~20200522/src/charset.c:323:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
spaces += subst_len - strlen(tex_to[i]);
data/tin-2.4.5~20200522/src/charset.c:330:4: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(to, from + col, 1);
data/tin-2.4.5~20200522/src/charset.c:332:4: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(to, SPACES, spaces);
data/tin-2.4.5~20200522/src/charset.c:370:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line) - 1;
data/tin-2.4.5~20200522/src/charset.c:394:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(buf) + 1;
data/tin-2.4.5~20200522/src/charset.c:403:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, buffer, len);
data/tin-2.4.5~20200522/src/color.c:279:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (tinrc.render_bidi && IS_LOCAL_CHARSET("UTF-8") && strlen(str) > 1) {
data/tin-2.4.5~20200522/src/color.c:292:36: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
visual_len = wcswidth(wline, wcslen(wline) + 1);
data/tin-2.4.5~20200522/src/config.c:630:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (tinrc.savedir[0] == '.' && strlen(tinrc.savedir) == 1) {
data/tin-2.4.5~20200522/src/config.c:1517:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t patlen = strlen(pat);
data/tin-2.4.5~20200522/src/config.c:1535:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t patlen = strlen(pat);
data/tin-2.4.5~20200522/src/config.c:1579:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t patlen = strlen(pat);
data/tin-2.4.5~20200522/src/config.c:1602:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t patlen = strlen(pat);
data/tin-2.4.5~20200522/src/config.c:1622:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t patlen = strlen(pat);
data/tin-2.4.5~20200522/src/config.c:1649:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t patlen = strlen(pat);
data/tin-2.4.5~20200522/src/config.c:1651:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (STRNCMPEQ(line, pat, patlen) && (strlen(line) > patlen)) {
data/tin-2.4.5~20200522/src/config.c:1670:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t patlen = strlen(pat);
data/tin-2.4.5~20200522/src/config.c:1677:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dst, &nline[patlen], dstlen);
data/tin-2.4.5~20200522/src/config.c:1865:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (tinrc.savedir[0] == '.' && strlen(tinrc.savedir) == 1) {
data/tin-2.4.5~20200522/src/config.c:1879:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(tinrc.sigfile);
data/tin-2.4.5~20200522/src/config.c:2080:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(tinrc.sigfile);
data/tin-2.4.5~20200522/src/config.c:2105:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
d = dest = my_malloc(strlen(tinrc.select_format) + strlen(length) + 1);
data/tin-2.4.5~20200522/src/config.c:2105:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
d = dest = my_malloc(strlen(tinrc.select_format) + strlen(length) + 1);
data/tin-2.4.5~20200522/src/config.c:2156:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t tmp_len = strlen(nntp_server) + strlen(newnews_info) + 2;
data/tin-2.4.5~20200522/src/config.c:2156:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t tmp_len = strlen(nntp_server) + strlen(newnews_info) + 2;
data/tin-2.4.5~20200522/src/cook.c:103:9: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wlen = wcslen(wline);
data/tin-2.4.5~20200522/src/cook.c:109:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*length = strlen(*line);
data/tin-2.4.5~20200522/src/cook.c:454:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (max_line_len < strlen(buf) + 2) {
data/tin-2.4.5~20200522/src/cook.c:455:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
max_line_len = strlen(buf) + 2;
data/tin-2.4.5~20200522/src/cook.c:465:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, "\n");
data/tin-2.4.5~20200522/src/cook.c:470:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(line && strlen(line))) {
data/tin-2.4.5~20200522/src/cook.c:484:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen(line);
data/tin-2.4.5~20200522/src/cook.c:728:81: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncasecmp(line, curr_group->attribute->headers_to_display->header[i], strlen(curr_group->attribute->headers_to_display->header[i]))) {
data/tin-2.4.5~20200522/src/cook.c:739:85: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncasecmp(line, curr_group->attribute->headers_to_not_display->header[i], strlen(curr_group->attribute->headers_to_not_display->header[i]))) {
data/tin-2.4.5~20200522/src/cook.c:794:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncasecmp(charset, *charsetptr, strlen(*charsetptr)))
data/tin-2.4.5~20200522/src/cook.c:877:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncasecmp(line, *strptr, strlen(*strptr))) {
data/tin-2.4.5~20200522/src/cook.c:898:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = my_calloc(1, strlen(bar) + strlen(*strptr) + 1);
data/tin-2.4.5~20200522/src/cook.c:898:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = my_calloc(1, strlen(bar) + strlen(*strptr) + 1);
data/tin-2.4.5~20200522/src/cook.c:899:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(l, line, strlen(*strptr));
data/tin-2.4.5~20200522/src/cook.c:899:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(l, line, strlen(*strptr));
data/tin-2.4.5~20200522/src/curses.c:754:25: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
col = wcswidth(wtmp, wcslen(wtmp) + 1);
data/tin-2.4.5~20200522/src/curses.c:814:25: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
col = wcswidth(wtmp, wcslen(wtmp) + 1);
data/tin-2.4.5~20200522/src/curses.c:819:26: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wsize = wcswidth(wtmp, wcslen(wtmp) + 1);
data/tin-2.4.5~20200522/src/curses.c:839:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(&(screen[row].col[byte_offset]), output, size - 2);
data/tin-2.4.5~20200522/src/curses.c:973:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep((unsigned long) (SECOND_CHARACTER_DELAY * 1000));
data/tin-2.4.5~20200522/src/curses.c:1120:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
# undef getc
data/tin-2.4.5~20200522/src/curses.c:1121:19: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((result = getc(stdin)) == EOF) {
data/tin-2.4.5~20200522/src/curses.c:1141:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((result = read(0, &ch, 1)) < 0 && errno == EINTR) { /* spin on signal interrupts */
data/tin-2.4.5~20200522/src/curses.c:1149:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
result = read(0, &ch, 1);
data/tin-2.4.5~20200522/src/curses.c:1195:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((result = read(0, mbs, 1)) < 0 && errno == EINTR) { /* spin on signal interrupts */
data/tin-2.4.5~20200522/src/curses.c:1203:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
result = read(0, mbs, 1);
data/tin-2.4.5~20200522/src/curses.c:1262:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((result = read(0, mbs + 1, to_read)) < 0 && errno == EINTR) { /* spin on signal interrupts */
data/tin-2.4.5~20200522/src/curses.c:1270:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
result = read(0, mbs + 1, to_read);
data/tin-2.4.5~20200522/src/filter.c:218:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
regex_errpos = pcre_exec(cache->re, cache->extra, string, strlen(string), 0, 0, NULL, 0);
data/tin-2.4.5~20200522/src/filter.c:385:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr[i].from = my_realloc(ptr[i].from, strlen(ptr[i].from) + strlen(from) + 2);
data/tin-2.4.5~20200522/src/filter.c:385:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr[i].from = my_realloc(ptr[i].from, strlen(ptr[i].from) + strlen(from) + 2);
data/tin-2.4.5~20200522/src/filter.c:386:8: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(ptr[i].from, "|");
data/tin-2.4.5~20200522/src/filter.c:463:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr[i].msgid = my_realloc(ptr[i].msgid, strlen(ptr[i].msgid) + strlen(msgid) + 2);
data/tin-2.4.5~20200522/src/filter.c:463:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr[i].msgid = my_realloc(ptr[i].msgid, strlen(ptr[i].msgid) + strlen(msgid) + 2);
data/tin-2.4.5~20200522/src/filter.c:464:8: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(ptr[i].msgid, "|");
data/tin-2.4.5~20200522/src/filter.c:478:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr[i].msgid = my_realloc(ptr[i].msgid, strlen(ptr[i].msgid) + strlen(msgid) + 2);
data/tin-2.4.5~20200522/src/filter.c:478:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr[i].msgid = my_realloc(ptr[i].msgid, strlen(ptr[i].msgid) + strlen(msgid) + 2);
data/tin-2.4.5~20200522/src/filter.c:479:8: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(ptr[i].msgid, "|");
data/tin-2.4.5~20200522/src/filter.c:493:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr[i].msgid = my_realloc(ptr[i].msgid, strlen(ptr[i].msgid) + strlen(msgid) + 2);
data/tin-2.4.5~20200522/src/filter.c:493:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr[i].msgid = my_realloc(ptr[i].msgid, strlen(ptr[i].msgid) + strlen(msgid) + 2);
data/tin-2.4.5~20200522/src/filter.c:494:8: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(ptr[i].msgid, "|");
data/tin-2.4.5~20200522/src/filter.c:511:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr[i].path = my_realloc(ptr[i].path, strlen(ptr[i].path) + strlen(path) + 2);
data/tin-2.4.5~20200522/src/filter.c:511:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr[i].path = my_realloc(ptr[i].path, strlen(ptr[i].path) + strlen(path) + 2);
data/tin-2.4.5~20200522/src/filter.c:512:8: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(ptr[i].path, "|");
data/tin-2.4.5~20200522/src/filter.c:527:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr[i].msgid = my_realloc(ptr[i].msgid, strlen(ptr[i].msgid) + strlen(msgid) + 2);
data/tin-2.4.5~20200522/src/filter.c:527:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr[i].msgid = my_realloc(ptr[i].msgid, strlen(ptr[i].msgid) + strlen(msgid) + 2);
data/tin-2.4.5~20200522/src/filter.c:528:8: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(ptr[i].msgid, "|");
data/tin-2.4.5~20200522/src/filter.c:544:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr[i].subj = my_realloc(ptr[i].subj, strlen(ptr[i].subj) + strlen(subj) + 2);
data/tin-2.4.5~20200522/src/filter.c:544:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr[i].subj = my_realloc(ptr[i].subj, strlen(ptr[i].subj) + strlen(subj) + 2);
data/tin-2.4.5~20200522/src/filter.c:545:8: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(ptr[i].subj, "|");
data/tin-2.4.5~20200522/src/filter.c:618:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr[i].xref = my_realloc(ptr[i].xref, strlen(ptr[i].xref) + strlen(xref) + 2);
data/tin-2.4.5~20200522/src/filter.c:618:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr[i].xref = my_realloc(ptr[i].xref, strlen(ptr[i].xref) + strlen(xref) + 2);
data/tin-2.4.5~20200522/src/filter.c:619:8: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(ptr[i].xref, "|");
data/tin-2.4.5~20200522/src/filter.c:717:15: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((i = fgetc(fp)) != EOF) {
data/tin-2.4.5~20200522/src/filter.c:1422:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
list[j][strlen(list[j]) - 2] = '\0';
data/tin-2.4.5~20200522/src/filter.c:1522:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(BlankIfNull(scope)) > (sizeof(rule.scope) - 1))
data/tin-2.4.5~20200522/src/filter.c:1575:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(group->name) > (sizeof(rule.scope) - 1)) /* groupname to long? */
data/tin-2.4.5~20200522/src/filter.c:2104:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s)) {
data/tin-2.4.5~20200522/src/filter.c:2106:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k = e = my_malloc(strlen(s) + 1);
data/tin-2.4.5~20200522/src/getline.c:286:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
loc = gl_tab_hook(gl_buf, strlen(gl_prompt), &tmp);
data/tin-2.4.5~20200522/src/getline.c:399:9: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wcslen(gl_buf);
data/tin-2.4.5~20200522/src/getline.c:401:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(gl_buf);
data/tin-2.4.5~20200522/src/getline.c:557:12: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gl_cnt = wcslen(gl_buf);
data/tin-2.4.5~20200522/src/getline.c:559:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gl_cnt = strlen(gl_buf);
data/tin-2.4.5~20200522/src/getline.c:660:8: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wcslen(wbuf);
data/tin-2.4.5~20200522/src/getline.c:667:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf);
data/tin-2.4.5~20200522/src/group.c:1129:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dest, src, maxlen);
data/tin-2.4.5~20200522/src/group.c:1131:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dest, src, cmplen);
data/tin-2.4.5~20200522/src/group.c:1199:4: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(buffer, fmt, 1);
data/tin-2.4.5~20200522/src/group.c:1207:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(buffer, fmt, 1);
data/tin-2.4.5~20200522/src/group.c:1223:6: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(buffer, buf, grp_fmt.len_date_max);
data/tin-2.4.5~20200522/src/group.c:1244:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
get_author(FALSE, &arts[j], buffer + strlen(buffer), grp_fmt.len_from);
data/tin-2.4.5~20200522/src/group.c:1246:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gap = strlen(buffer);
data/tin-2.4.5~20200522/src/group.c:1259:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = buffer + strlen(buffer);
data/tin-2.4.5~20200522/src/group.c:1270:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = buffer + strlen(buffer);
data/tin-2.4.5~20200522/src/group.c:1290:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tmp, arts[j].refptr ? arts[j].refptr->txt : "", len);
data/tin-2.4.5~20200522/src/group.c:1294:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = buffer + strlen(buffer);
data/tin-2.4.5~20200522/src/group.c:1310:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = buffer + strlen(buffer);
data/tin-2.4.5~20200522/src/group.c:1340:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(buffer, arts_sub, len);
data/tin-2.4.5~20200522/src/group.c:1342:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gap = strlen(buffer);
data/tin-2.4.5~20200522/src/group.c:1423:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (sizeof(buf) > strlen(buf) + strlen(tmp))
data/tin-2.4.5~20200522/src/group.c:1423:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (sizeof(buf) > strlen(buf) + strlen(tmp))
data/tin-2.4.5~20200522/src/group.c:1434:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (sizeof(buf) > strlen(buf) + strlen(tmp))
data/tin-2.4.5~20200522/src/group.c:1434:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (sizeof(buf) > strlen(buf) + strlen(tmp))
data/tin-2.4.5~20200522/src/group.c:1442:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (sizeof(buf) > strlen(buf) + strlen(tmp))
data/tin-2.4.5~20200522/src/group.c:1442:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (sizeof(buf) > strlen(buf) + strlen(tmp))
data/tin-2.4.5~20200522/src/group.c:1449:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (sizeof(buf) > strlen(buf) + strlen(tmp))
data/tin-2.4.5~20200522/src/group.c:1449:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (sizeof(buf) > strlen(buf) + strlen(tmp))
data/tin-2.4.5~20200522/src/group.c:1457:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (sizeof(buf) > strlen(buf) + strlen(tmp))
data/tin-2.4.5~20200522/src/group.c:1457:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (sizeof(buf) > strlen(buf) + strlen(tmp))
data/tin-2.4.5~20200522/src/hashstr.c:111:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = my_malloc(sizeof(struct t_hashnode) + strlen(s));
data/tin-2.4.5~20200522/src/header.c:98:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(DOMAIN_NAME))
data/tin-2.4.5~20200522/src/header.c:182:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!*fqdn || (fqdn[strlen(fqdn) - 1] <= '9')) {
data/tin-2.4.5~20200522/src/header.c:344:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(sender + strlen(sender), sizeof(sender) - strlen(sender), "<%s@", ptr);
data/tin-2.4.5~20200522/src/header.c:344:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(sender + strlen(sender), sizeof(sender) - strlen(sender), "<%s@", ptr);
data/tin-2.4.5~20200522/src/header.c:351:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(sender + strlen(sender), sizeof(sender) - strlen(sender), "%s>", ptr);
data/tin-2.4.5~20200522/src/header.c:351:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(sender + strlen(sender), sizeof(sender) - strlen(sender), "%s>", ptr);
data/tin-2.4.5~20200522/src/help.c:665:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(helppage->helptext)) /* avoid translation of empty strings */
data/tin-2.4.5~20200522/src/help.c:666:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(buf, "\n");
data/tin-2.4.5~20200522/src/help.c:668:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, _(helppage->helptext), LEN);
data/tin-2.4.5~20200522/src/help.c:680:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(last, buf, LEN - 1);
data/tin-2.4.5~20200522/src/inews.c:291:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(line))
data/tin-2.4.5~20200522/src/inews.c:418:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cp += strlen(cp);
data/tin-2.4.5~20200522/src/init.c:687:15: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
real_umask = umask(0);
data/tin-2.4.5~20200522/src/init.c:688:9: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
(void) umask(real_umask);
data/tin-2.4.5~20200522/src/init.c:698:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (((ptr = getenv("TIN_HOMEDIR")) != NULL) && strlen(ptr)) {
data/tin-2.4.5~20200522/src/init.c:700:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (((ptr = getenv("HOME")) != NULL) && strlen(ptr)) {
data/tin-2.4.5~20200522/src/init.c:702:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strlen(myentry->pw_dir)) {
data/tin-2.4.5~20200522/src/init.c:703:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(homedir, myentry->pw_dir, sizeof(homedir) - 1);
data/tin-2.4.5~20200522/src/init.c:705:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(homedir, TMPDIR, sizeof(homedir) - 1);
data/tin-2.4.5~20200522/src/init.c:743:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(bug_addr, BUG_REPORT_ADDRESS, sizeof(bug_addr) - 1);
data/tin-2.4.5~20200522/src/init.c:749:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(inewsdir, INEWSDIR, sizeof(inewsdir) - 1);
data/tin-2.4.5~20200522/src/init.c:862:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(article_name + strlen(article_name), sizeof(article_name) - strlen(article_name), ".%ld", (long) process_id);
data/tin-2.4.5~20200522/src/init.c:862:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(article_name + strlen(article_name), sizeof(article_name) - strlen(article_name), ".%ld", (long) process_id);
data/tin-2.4.5~20200522/src/init.c:898:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(newnewsrc + strlen(newnewsrc), sizeof(newnewsrc) - strlen(newnewsrc), ".%d", (int) process_id);
data/tin-2.4.5~20200522/src/init.c:898:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(newnewsrc + strlen(newnewsrc), sizeof(newnewsrc) - strlen(newnewsrc), ".%d", (int) process_id);
data/tin-2.4.5~20200522/src/init.c:1027:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(tinrc.strip_re_regex))
data/tin-2.4.5~20200522/src/init.c:1031:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(tinrc.strip_was_regex)) {
data/tin-2.4.5~20200522/src/init.c:1061:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(tinrc.extquote_regex))
data/tin-2.4.5~20200522/src/init.c:1064:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(tinrc.quote_regex))
data/tin-2.4.5~20200522/src/init.c:1067:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(tinrc.quote_regex2))
data/tin-2.4.5~20200522/src/init.c:1070:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(tinrc.quote_regex3))
data/tin-2.4.5~20200522/src/init.c:1075:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(tinrc.slashes_regex))
data/tin-2.4.5~20200522/src/init.c:1078:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(tinrc.stars_regex))
data/tin-2.4.5~20200522/src/init.c:1081:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(tinrc.strokes_regex))
data/tin-2.4.5~20200522/src/init.c:1084:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(tinrc.underscores_regex))
data/tin-2.4.5~20200522/src/init.c:1088:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(tinrc.verbatim_begin_regex))
data/tin-2.4.5~20200522/src/init.c:1091:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(tinrc.verbatim_end_regex))
data/tin-2.4.5~20200522/src/joinpath.c:58:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy(result, dir, result_size - 1);
data/tin-2.4.5~20200522/src/joinpath.c:60:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result_len = strlen(result);
data/tin-2.4.5~20200522/src/joinpath.c:61:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((result_len < (result_size - 1)) && (result[0] == '\0' || result[strlen(result) - 1] != '/')) {
data/tin-2.4.5~20200522/src/joinpath.c:62:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
(void) strcat(result, "/");
data/tin-2.4.5~20200522/src/joinpath.c:66:10: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
(void) strncat(result, BlankIfNull(file), result_size - result_len - 1);
data/tin-2.4.5~20200522/src/keymap.c:345:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(map)) {
data/tin-2.4.5~20200522/src/keymap.c:357:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(map) && !fp) {
data/tin-2.4.5~20200522/src/keymap.c:409:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (keydef == NULL || !strlen(keydef)) {
data/tin-2.4.5~20200522/src/keymap.c:482:7: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (wcslen(wkeydef) > 1) {
data/tin-2.4.5~20200522/src/keymap.c:485:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(keydef) > 1) {
data/tin-2.4.5~20200522/src/keymap.c:2088:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(line, "# Keymap file V", strlen("# Keymap file V")) != 0)
data/tin-2.4.5~20200522/src/keymap.c:2229:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(keydef) == 1 && islower((int)(unsigned char) keydef[0]))
data/tin-2.4.5~20200522/src/lock.c:273:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lockfile = my_malloc(strlen(filename) + strlen(LOCK_SUFFIX) + 2);
data/tin-2.4.5~20200522/src/lock.c:273:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lockfile = my_malloc(strlen(filename) + strlen(LOCK_SUFFIX) + 2);
data/tin-2.4.5~20200522/src/mail.c:322:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buff) + strlen(active[i].name) + 1 < NNTP_GRPLEN) {
data/tin-2.4.5~20200522/src/mail.c:322:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buff) + strlen(active[i].name) + 1 < NNTP_GRPLEN) {
data/tin-2.4.5~20200522/src/mail.c:323:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(buff + strlen(buff), sizeof(buff) - strlen(buff), ",%s", active[i].name);
data/tin-2.4.5~20200522/src/mail.c:323:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(buff + strlen(buff), sizeof(buff) - strlen(buff), ",%s", active[i].name);
data/tin-2.4.5~20200522/src/mail.c:487:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
space = strlen(ptr) + 1;
data/tin-2.4.5~20200522/src/mail.c:490:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (space < strlen(ptr) + 1) { /* realloc needed? */
data/tin-2.4.5~20200522/src/mail.c:515:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r_len = strlen(r);
data/tin-2.4.5~20200522/src/main.c:123:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tin_progname = my_malloc(strlen(argv[0]) + 1);
data/tin-2.4.5~20200522/src/makecfg.c:89:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((buf = malloc(strlen(string) + 1)) == NULL)
data/tin-2.4.5~20200522/src/makecfg.c:123:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *t = s + strlen(s);
data/tin-2.4.5~20200522/src/makecfg.c:356:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MAXNAME - (int)(strlen(addr) + strlen(p->name)),
data/tin-2.4.5~20200522/src/makecfg.c:356:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MAXNAME - (int)(strlen(addr) + strlen(p->name)),
data/tin-2.4.5~20200522/src/mimetypes.c:143:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (buf[0] == '#' || buf[0] == '\n' || strncmp(buf, type, strlen(type)))
data/tin-2.4.5~20200522/src/mimetypes.c:146:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(p) != strlen(type))
data/tin-2.4.5~20200522/src/mimetypes.c:146:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(p) != strlen(type))
data/tin-2.4.5~20200522/src/mimetypes.c:183:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
type = my_malloc(strlen(major) + 1 + strlen(minor) + 1);
data/tin-2.4.5~20200522/src/mimetypes.c:183:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
type = my_malloc(strlen(major) + 1 + strlen(minor) + 1);
data/tin-2.4.5~20200522/src/mimetypes.c:185:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(type, "/");
data/tin-2.4.5~20200522/src/misc.c:107:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
file_tmp = my_malloc(strlen(filename) + 5);
data/tin-2.4.5~20200522/src/misc.c:278:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t ilen = strlen(initl);
data/tin-2.4.5~20200522/src/misc.c:308:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (prefixbuf[strlen(prefixbuf) - 1] == ' ')
data/tin-2.4.5~20200522/src/misc.c:309:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prefixbuf[strlen(prefixbuf) - 1] = '\0';
data/tin-2.4.5~20200522/src/misc.c:410:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(filename) + strlen(BACKUP_FILE_EXT) < sizeof(fnameb)) {
data/tin-2.4.5~20200522/src/misc.c:410:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(filename) + strlen(BACKUP_FILE_EXT) < sizeof(fnameb)) {
data/tin-2.4.5~20200522/src/misc.c:893:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen(fullpath) - 1; i; i--) {
data/tin-2.4.5~20200522/src/misc.c:936:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t maildir_box_len = strlen(mailbox_name) + strlen(MAILDIR_NEW) + 2;
data/tin-2.4.5~20200522/src/misc.c:936:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t maildir_box_len = strlen(mailbox_name) + strlen(MAILDIR_NEW) + 2;
data/tin-2.4.5~20200522/src/misc.c:986:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
data = pcre_exec(strip_re_regex.re, strip_re_regex.extra, s, strlen(s), 0, 0, offsets, size_offsets);
data/tin-2.4.5~20200522/src/misc.c:992:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
data = pcre_exec(strip_was_regex.re, strip_was_regex.extra, s, strlen(s), 0, 0, offsets, size_offsets);
data/tin-2.4.5~20200522/src/misc.c:1049:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(str, p, len);
data/tin-2.4.5~20200522/src/misc.c:1053:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(str, (art->name ? art->name : p), len);
data/tin-2.4.5~20200522/src/misc.c:1060:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(str, p, len);
data/tin-2.4.5~20200522/src/misc.c:1209:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strchr(format, '%') == NULL && strlen(format) + 1 >= maxsize)
data/tin-2.4.5~20200522/src/misc.c:1230:6: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tbuf, "\n");
data/tin-2.4.5~20200522/src/misc.c:1234:6: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tbuf, "\t");
data/tin-2.4.5~20200522/src/misc.c:1243:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(tbuf);
data/tin-2.4.5~20200522/src/misc.c:1326:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(tbuf);
data/tin-2.4.5~20200522/src/misc.c:1368:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strchr(format, '%') == NULL && strlen(format) + 1 >= maxsize)
data/tin-2.4.5~20200522/src/misc.c:1389:6: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tbuf, "\n");
data/tin-2.4.5~20200522/src/misc.c:1398:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(tbuf);
data/tin-2.4.5~20200522/src/misc.c:1437:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(tbuf);
data/tin-2.4.5~20200522/src/misc.c:1469:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((i = strlen(tbuf))) {
data/tin-2.4.5~20200522/src/misc.c:1526:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(format) + 1 >= maxsize)
data/tin-2.4.5~20200522/src/misc.c:1594:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tbuf, defbuf, sizeof(tbuf) - 1);
data/tin-2.4.5~20200522/src/misc.c:1596:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tbuf, envptr, sizeof(tbuf) - 1);
data/tin-2.4.5~20200522/src/misc.c:1668:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(tbuf);
data/tin-2.4.5~20200522/src/misc.c:1679:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *pbuf = my_malloc(strlen(group->name) + 2); /* trailing "/\0" */
data/tin-2.4.5~20200522/src/misc.c:1682:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((i = strlen(pbuf)))
data/tin-2.4.5~20200522/src/misc.c:1847:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strchr(format, '%') == NULL && strlen(format) + 1 >= maxsize)
data/tin-2.4.5~20200522/src/misc.c:1887:6: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tbuf, "\n");
data/tin-2.4.5~20200522/src/misc.c:1898:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dest += strlen(dest);
data/tin-2.4.5~20200522/src/misc.c:1939:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tbuf, escape_shell_meta(subject, quote_area), sizeof(tbuf) - 1);
data/tin-2.4.5~20200522/src/misc.c:1946:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tbuf, escape_shell_meta(p, quote_area), sizeof(tbuf) - 1);
data/tin-2.4.5~20200522/src/misc.c:1956:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tbuf, escape_shell_meta(to, quote_area), sizeof(tbuf) - 1);
data/tin-2.4.5~20200522/src/misc.c:1963:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tbuf, escape_shell_meta(p, quote_area), sizeof(tbuf) - 1);
data/tin-2.4.5~20200522/src/misc.c:1973:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tbuf, userid, sizeof(tbuf) - 1);
data/tin-2.4.5~20200522/src/misc.c:1980:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tbuf, p, sizeof(tbuf) - 1);
data/tin-2.4.5~20200522/src/misc.c:1995:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dest, tbuf, endp - dest);
data/tin-2.4.5~20200522/src/misc.c:1996:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dest += strlen(dest);
data/tin-2.4.5~20200522/src/misc.c:1999:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dest += strlen(dest);
data/tin-2.4.5~20200522/src/misc.c:2116:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *buf = my_malloc(strlen(group_name) + 2); /* trailing "/\0" */
data/tin-2.4.5~20200522/src/misc.c:2277:9: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
mask = umask((mode_t) (S_IRWXO|S_IRWXG));
data/tin-2.4.5~20200522/src/misc.c:2286:3: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(mask);
data/tin-2.4.5~20200522/src/misc.c:2323:2: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(mask);
data/tin-2.4.5~20200522/src/misc.c:2420:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
clocal_charset = my_malloc(strlen(local_charset) + strlen("//TRANSLIT") + 1);
data/tin-2.4.5~20200522/src/misc.c:2420:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
clocal_charset = my_malloc(strlen(local_charset) + strlen("//TRANSLIT") + 1);
data/tin-2.4.5~20200522/src/misc.c:2462:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
inbytesleft = strlen(*line);
data/tin-2.4.5~20200522/src/misc.c:2548:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*max_line_len < strlen(obuf) + 1) {
data/tin-2.4.5~20200522/src/misc.c:2549:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*max_line_len = strlen(obuf) + 1;
data/tin-2.4.5~20200522/src/misc.c:2591:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
inbytesleft = strlen(line);
data/tin-2.4.5~20200522/src/misc.c:3262:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((*domain == '.') || (*(domain + strlen(domain) - 1) == '.'))
data/tin-2.4.5~20200522/src/misc.c:3272:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
switch ((int) strlen(aux)) {
data/tin-2.4.5~20200522/src/misc.c:3364:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((*localpart == '.') || (*(localpart + strlen(localpart) - 1) == '.'))
data/tin-2.4.5~20200522/src/misc.c:3400:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(work, from, HEADER_LEN - 2);
data/tin-2.4.5~20200522/src/misc.c:3405:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
addr_end = work + strlen(work) - 1;
data/tin-2.4.5~20200522/src/misc.c:3468:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
addr_end = addr_begin + strlen(addr_begin) -1;
data/tin-2.4.5~20200522/src/misc.c:3630:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *ptr = line + strlen(line) - 1;
data/tin-2.4.5~20200522/src/misc.c:3681:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (c + numc > line + strlen(line)) { /* sequence runs past end of string */
data/tin-2.4.5~20200522/src/misc.c:3683:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
numc = line + strlen(line) - c;
data/tin-2.4.5~20200522/src/misc.c:3810:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((res = idn_decodename(IDN_DECODE_LOOKUP, r, q, out + strlen(out) - q + 1)) == idn_success)
data/tin-2.4.5~20200522/src/misc.c:3854:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = my_malloc(strlen(out) + strlen(s) + 1);
data/tin-2.4.5~20200522/src/misc.c:3854:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = my_malloc(strlen(out) + strlen(s) + 1);
data/tin-2.4.5~20200522/src/misc.c:4218:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(&filename[strlen(filename)], sizeof(filename), "/%"T_ARTNUM_PFMT, art);
data/tin-2.4.5~20200522/src/my_tmpfile.c:86:10: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
mask = umask((mode_t) (S_IRWXO|S_IRWXG));
data/tin-2.4.5~20200522/src/my_tmpfile.c:108:3: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(mask);
data/tin-2.4.5~20200522/src/newsrc.c:844:116: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(buf, sizeof(buf), "Parsing [%s%c %.*s]", group->name, SUB_CHAR(group->subscribed), (int) (NEWSRC_LINE - strlen(group->name) - 14), BlankIfNull(ptr));
data/tin-2.4.5~20200522/src/newsrc.c:1273:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
group_len = strlen(group->name);
data/tin-2.4.5~20200522/src/nntplib.c:211:18: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
char *service = strncpy(temp, cservice, sizeof(temp) - 1); /* ...calls non-const funcs */
data/tin-2.4.5~20200522/src/nntplib.c:714:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sdn.sdn_objnamel = strlen("NNTP");
data/tin-2.4.5~20200522/src/nntplib.c:779:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*string && strlen(string)) {
data/tin-2.4.5~20200522/src/nntplib.c:968:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(string, _(txt_nntp_ok_goodbye), size - 3);
data/tin-2.4.5~20200522/src/nntplib.c:1095:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (d != NULL && (d + 1 < (ptr + strlen(ptr)))) {
data/tin-2.4.5~20200522/src/nntplib.c:1110:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (d != NULL && (d + 1 < (ptr + strlen(ptr)))) {
data/tin-2.4.5~20200522/src/nntplib.c:1159:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncasecmp(ptr, &xover_cmds[1], strlen(&xover_cmds[1]))) {
data/tin-2.4.5~20200522/src/nntplib.c:1162:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
d = ptr + strlen(&xover_cmds[1]);
data/tin-2.4.5~20200522/src/nntplib.c:1164:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (d != NULL && (d + 1 < (ptr + strlen(ptr)))) {
data/tin-2.4.5~20200522/src/nntplib.c:1174:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncasecmp(ptr, &xhdr_cmds[1], strlen(&xhdr_cmds[1]))) {
data/tin-2.4.5~20200522/src/nntplib.c:1184:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (d != NULL && (d + 1 < (ptr + strlen(ptr)))) {
data/tin-2.4.5~20200522/src/nntplib.c:1195:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (d != NULL && (d + 1 < (ptr + strlen(ptr)))) {
data/tin-2.4.5~20200522/src/nntplib.c:1234:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (d != NULL && (d + 1 < (ptr + strlen(ptr)))) {
data/tin-2.4.5~20200522/src/nntplib.c:1552:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (((int) strlen(chr1)) >= j) {
data/tin-2.4.5~20200522/src/nntplib.c:1553:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
chr2 = chr1 + strlen(chr1) - 1;
data/tin-2.4.5~20200522/src/nntplib.c:1899:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(message, end, mlen - 1);
data/tin-2.4.5~20200522/src/nntplib.c:2016:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(p);
data/tin-2.4.5~20200522/src/nrctbl.c:124:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(nntpserver_name, (found ? name_found : nick_name), nntpserver_name_len);
data/tin-2.4.5~20200522/src/nrctbl.c:127:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(nntpserver_name, nick_name, nntpserver_name_len);
data/tin-2.4.5~20200522/src/nrctbl.c:188:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy(newsrc_name, tmp_newsrc, newsrc_name_len);
data/tin-2.4.5~20200522/src/options_menu.c:66:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(CAO(tinrc.attrib_, opt))) { \
data/tin-2.4.5~20200522/src/options_menu.c:417:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int) (strlen(buf) + option_width - wcswidth(wbuf2, option_width + 1)),
data/tin-2.4.5~20200522/src/options_menu.c:418:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int) (strlen(buf) + option_width - wcswidth(wbuf2, option_width + 1)), buf);
data/tin-2.4.5~20200522/src/options_menu.c:463:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr += strlen(temp);
data/tin-2.4.5~20200522/src/options_menu.c:464:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len -= strlen(temp);
data/tin-2.4.5~20200522/src/options_menu.c:475:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ptr, _(ptr2), len);
data/tin-2.4.5~20200522/src/options_menu.c:480:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ptr, OPT_STRING_list[option_table[option].var_index], len);
data/tin-2.4.5~20200522/src/options_menu.c:513:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(screen[row - INDEX_TOP].col, temp, cCOLS - 1);
data/tin-2.4.5~20200522/src/options_menu.c:2114:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(tinrc.editor_format))
data/tin-2.4.5~20200522/src/options_menu.c:2122:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(tinrc.group_format))
data/tin-2.4.5~20200522/src/options_menu.c:2184:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(tinrc.quote_regex))
data/tin-2.4.5~20200522/src/options_menu.c:2195:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(tinrc.quote_regex2))
data/tin-2.4.5~20200522/src/options_menu.c:2206:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(tinrc.quote_regex3))
data/tin-2.4.5~20200522/src/options_menu.c:2217:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(tinrc.extquote_regex))
data/tin-2.4.5~20200522/src/options_menu.c:2227:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(tinrc.select_format))
data/tin-2.4.5~20200522/src/options_menu.c:2237:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(tinrc.slashes_regex))
data/tin-2.4.5~20200522/src/options_menu.c:2248:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(tinrc.stars_regex))
data/tin-2.4.5~20200522/src/options_menu.c:2259:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(tinrc.strokes_regex))
data/tin-2.4.5~20200522/src/options_menu.c:2270:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(tinrc.underscores_regex))
data/tin-2.4.5~20200522/src/options_menu.c:2281:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(tinrc.strip_re_regex))
data/tin-2.4.5~20200522/src/options_menu.c:2292:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(tinrc.strip_was_regex)) {
data/tin-2.4.5~20200522/src/options_menu.c:2307:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(tinrc.thread_format))
data/tin-2.4.5~20200522/src/options_menu.c:2322:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(tinrc.verbatim_begin_regex))
data/tin-2.4.5~20200522/src/options_menu.c:2333:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(tinrc.verbatim_end_regex))
data/tin-2.4.5~20200522/src/options_menu.c:2342:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(tinrc.date_format))
data/tin-2.4.5~20200522/src/page.c:1345:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, BlankIfNull(note_h->date), line_len);
data/tin-2.4.5~20200522/src/page.c:1360:41: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
right_len = MAX((wcswidth(fmt_thread, wcslen(fmt_thread)) - 6 + 8), (wcswidth(fmt_resp, wcslen(fmt_resp)) - 6 + 8));
data/tin-2.4.5~20200522/src/page.c:1360:91: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
right_len = MAX((wcswidth(fmt_thread, wcslen(fmt_thread)) - 6 + 8), (wcswidth(fmt_resp, wcslen(fmt_resp)) - 6 + 8));
data/tin-2.4.5~20200522/src/page.c:1362:36: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
right_len = wcswidth(fmt_thread, wcslen(fmt_thread)) - 6 + 8;
data/tin-2.4.5~20200522/src/page.c:1364:34: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
right_len = wcswidth(fmt_resp, wcslen(fmt_resp)) - 6 + 8;
data/tin-2.4.5~20200522/src/page.c:1388:29: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cur_pos += wcswidth(wtmp, wcslen(wtmp));
data/tin-2.4.5~20200522/src/page.c:1406:28: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((i = wcswidth(wtmp2, wcslen(wtmp2))) < len)
data/tin-2.4.5~20200522/src/page.c:1416:30: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cur_pos += wcswidth(wtmp2, wcslen(wtmp2));
data/tin-2.4.5~20200522/src/page.c:1450:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(buf, "?");
data/tin-2.4.5~20200522/src/page.c:1464:30: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cur_pos += wcswidth(wtmp, wcslen(wtmp));
data/tin-2.4.5~20200522/src/page.c:1479:31: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cur_pos += wcswidth(wtmp2, wcslen(wtmp2));
data/tin-2.4.5~20200522/src/page.c:1491:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, (note_h->subj ? note_h->subj : arts[this_resp].subject), line_len);
data/tin-2.4.5~20200522/src/page.c:1496:41: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
center_pos = (cCOLS - wcswidth(wtmp2, wcslen(wtmp2))) / 2;
data/tin-2.4.5~20200522/src/page.c:1505:30: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cur_pos += wcswidth(wtmp2, wcslen(wtmp2));
data/tin-2.4.5~20200522/src/page.c:1559:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, p, line_len);
data/tin-2.4.5~20200522/src/page.c:1568:30: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cur_pos += wcswidth(wtmp2, wcslen(wtmp2));
data/tin-2.4.5~20200522/src/page.c:1586:32: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = cCOLS - wcswidth(wtmp2, wcslen(wtmp2)) - 1;
data/tin-2.4.5~20200522/src/page.c:1606:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
right_len = MAX((strlen(_(txt_thread_x_of_n)) - 6 + 8), (strlen(_(txt_art_x_of_n)) - 6 + 8));
data/tin-2.4.5~20200522/src/page.c:1606:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
right_len = MAX((strlen(_(txt_thread_x_of_n)) - 6 + 8), (strlen(_(txt_art_x_of_n)) - 6 + 8));
data/tin-2.4.5~20200522/src/page.c:1619:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cur_pos += strlen(buf);
data/tin-2.4.5~20200522/src/page.c:1633:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((i = strlen(tmp)) < len)
data/tin-2.4.5~20200522/src/page.c:1643:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cur_pos += strlen(tmp);
data/tin-2.4.5~20200522/src/page.c:1674:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(buf, "?");
data/tin-2.4.5~20200522/src/page.c:1681:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cur_pos += strlen(tmp);
data/tin-2.4.5~20200522/src/page.c:1691:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cur_pos += strlen(_(txt_tex));
data/tin-2.4.5~20200522/src/page.c:1700:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, (note_h->subj ? note_h->subj : arts[this_resp].subject), line_len);
data/tin-2.4.5~20200522/src/page.c:1706:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
center_pos = (cCOLS - strlen(tmp)) / 2;
data/tin-2.4.5~20200522/src/page.c:1715:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cur_pos += strlen(tmp);
data/tin-2.4.5~20200522/src/page.c:1757:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, arts[this_resp].from, line_len);
data/tin-2.4.5~20200522/src/page.c:1763:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cur_pos += strlen(tmp);
data/tin-2.4.5~20200522/src/page.c:1766:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (note_h->org && cCOLS - cur_pos - 1 >= (int) strlen(_(txt_at_s)) - 2 + 3) {
data/tin-2.4.5~20200522/src/page.c:1772:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = cCOLS - (int) strlen(tmp) - 1;
data/tin-2.4.5~20200522/src/page.c:2592:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(lptr->url) << 1; /* double size; room for editing URL */
data/tin-2.4.5~20200522/src/page.c:2601:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(url_esc) + strlen(tinrc.url_handler) + 2;
data/tin-2.4.5~20200522/src/page.c:2601:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(url_esc) + strlen(tinrc.url_handler) + 2;
data/tin-2.4.5~20200522/src/page.c:2641:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (pcre_exec(url_regex.re, url_regex.extra, ptr, strlen(ptr), 0, 0, offsets, offsets_size) == PCRE_ERROR_NOMATCH)
data/tin-2.4.5~20200522/src/page.c:2642:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (pcre_exec(mail_regex.re, mail_regex.extra, ptr, strlen(ptr), 0, 0, offsets, offsets_size) == PCRE_ERROR_NOMATCH)
data/tin-2.4.5~20200522/src/page.c:2643:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (pcre_exec(news_regex.re, news_regex.extra, ptr, strlen(ptr), 0, 0, offsets, offsets_size) == PCRE_ERROR_NOMATCH)
data/tin-2.4.5~20200522/src/pgp.c:214:9: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
mask = umask((mode_t) (S_IRWXO|S_IRWXG));
data/tin-2.4.5~20200522/src/pgp.c:235:2: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(mask);
data/tin-2.4.5~20200522/src/pgp.c:263:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(mailfrom))
data/tin-2.4.5~20200522/src/pgp.c:271:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(mailfrom))
data/tin-2.4.5~20200522/src/pgp.c:299:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((CURR_GROUP.attribute->from) != NULL && strlen(CURR_GROUP.attribute->from))
data/tin-2.4.5~20200522/src/pgp.c:451:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(artfile + strlen(artfile), sizeof(artfile) - strlen(artfile), ".%ld", (long) process_id);
data/tin-2.4.5~20200522/src/pgp.c:451:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(artfile + strlen(artfile), sizeof(artfile) - strlen(artfile), ".%ld", (long) process_id);
data/tin-2.4.5~20200522/src/plp_snprintf.c:217:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(str));
data/tin-2.4.5~20200522/src/plp_snprintf.c:240:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return( strlen( str ) );
data/tin-2.4.5~20200522/src/plp_snprintf.c:494:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dest += strlen(dest);
data/tin-2.4.5~20200522/src/plp_snprintf.c:514:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( fmts, "%" );
data/tin-2.4.5~20200522/src/plp_snprintf.c:520:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf( fmts+strlen(fmts), "%d", len );
data/tin-2.4.5~20200522/src/plp_snprintf.c:522:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf( fmts+strlen(fmts), ".%d", precision );
data/tin-2.4.5~20200522/src/plp_snprintf.c:523:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen( fmts );
data/tin-2.4.5~20200522/src/post.c:880:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!end_of_header && !strlen(line)) { /* end of header reached */
data/tin-2.4.5~20200522/src/post.c:897:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cp = my_malloc(strlen(line) * 4 + 1);
data/tin-2.4.5~20200522/src/post.c:922:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(subject, cp + 2, cCOLS - 6);
data/tin-2.4.5~20200522/src/post.c:1068:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(references))
data/tin-2.4.5~20200522/src/post.c:1161:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(cp)) /* Followup-To not empty */
data/tin-2.4.5~20200522/src/post.c:1274:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) == 3 && !strncmp(line, SIGDASHES, 3)) {
data/tin-2.4.5~20200522/src/post.c:1281:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) == 2 && !strncmp(line, SIGDASHES, 2) && !saw_sig_dashes) {
data/tin-2.4.5~20200522/src/post.c:1289:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cp = my_malloc(strlen(line) * 4 + 1);
data/tin-2.4.5~20200522/src/post.c:1337:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) > IMF_LINE_LEN && !must_break_line)
data/tin-2.4.5~20200522/src/post.c:2428:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) && line[strlen(line) - 1] == '\n') {
data/tin-2.4.5~20200522/src/post.c:2428:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) && line[strlen(line) - 1] == '\n') {
data/tin-2.4.5~20200522/src/post.c:2430:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line) - 1] = '\0';
data/tin-2.4.5~20200522/src/post.c:2741:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
b = my_malloc(strlen(oldrefs) + strlen(newref) + 64);
data/tin-2.4.5~20200522/src/post.c:2741:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
b = my_malloc(strlen(oldrefs) + strlen(newref) + 64);
data/tin-2.4.5~20200522/src/post.c:2780:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(b) > (MAXREFSIZE - strlen("References: ") - 2)) {
data/tin-2.4.5~20200522/src/post.c:2780:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(b) > (MAXREFSIZE - strlen("References: ") - 2)) {
data/tin-2.4.5~20200522/src/post.c:2793:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(d, c, strlen(c) + 1);
data/tin-2.4.5~20200522/src/post.c:2796:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bcopy(c, d, strlen(c) + 1);
data/tin-2.4.5~20200522/src/post.c:2799:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(c) + 1;
data/tin-2.4.5~20200522/src/post.c:3087:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
offset += strlen(buffer);
data/tin-2.4.5~20200522/src/post.c:3151:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(filename + strlen(filename), filename_len - strlen(filename), ".%ld", (long) process_id);
data/tin-2.4.5~20200522/src/post.c:3151:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(filename + strlen(filename), filename_len - strlen(filename), ".%ld", (long) process_id);
data/tin-2.4.5~20200522/src/post.c:3171:77: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (curr_group && curr_group->attribute && curr_group->attribute->from && strlen(curr_group->attribute->from))
data/tin-2.4.5~20200522/src/post.c:3176:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((from_address == NULL) || !strlen(from_address)) {
data/tin-2.4.5~20200522/src/post.c:3181:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(from_address))
data/tin-2.4.5~20200522/src/post.c:3197:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!address_in_list(to, strlen(from_address) ? from_address : userid)) {
data/tin-2.4.5~20200522/src/post.c:3199:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msg_add_header("Cc", strlen(from_address) ? from_address : userid);
data/tin-2.4.5~20200522/src/post.c:3202:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msg_add_header("Bcc", strlen(from_address) ? from_address : userid);
data/tin-2.4.5~20200522/src/post.c:3205:76: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (curr_group && curr_group->attribute && curr_group->attribute->fcc && strlen(curr_group->attribute->fcc))
data/tin-2.4.5~20200522/src/post.c:3224:82: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (curr_group && curr_group->attribute && curr_group->attribute->x_headers && strlen(curr_group->attribute->x_headers))
data/tin-2.4.5~20200522/src/post.c:3285:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(subject, hdr.subj, HEADER_LEN - 1);
data/tin-2.4.5~20200522/src/post.c:3435:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(line) * 4 + 4; /* should suffice for -> UTF-8 */
data/tin-2.4.5~20200522/src/post.c:3443:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buff, "\n");
data/tin-2.4.5~20200522/src/post.c:3444:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(buff, 1, strlen(buff), fp);
data/tin-2.4.5~20200522/src/post.c:3461:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
subject[strlen(subject) - 1] = '\0'; /* cut trailing '\n' */
data/tin-2.4.5~20200522/src/post.c:3560:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
subject[strlen(subject) - 1] = '\0'; /* cut trailing '\n' */
data/tin-2.4.5~20200522/src/post.c:3648:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
offset += strlen(buffer);
data/tin-2.4.5~20200522/src/post.c:3690:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
subject[strlen(subject) - 1] = '\0'; /* cut trailing '\n' */
data/tin-2.4.5~20200522/src/post.c:3735:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(tinrc.spamtrap_warning_addresses) || !addr || !*addr)
data/tin-2.4.5~20200522/src/post.c:3740:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(tmp)) {
data/tin-2.4.5~20200522/src/post.c:3748:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp += strlen(tmp);
data/tin-2.4.5~20200522/src/post.c:3872:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(cancel + strlen(cancel), sizeof(cancel) - strlen(cancel), ".%ld", (long) process_id);
data/tin-2.4.5~20200522/src/post.c:3872:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(cancel + strlen(cancel), sizeof(cancel) - strlen(cancel), ".%ld", (long) process_id);
data/tin-2.4.5~20200522/src/post.c:4221:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fprintf(fp, "[ %-*s ]\n", (int) (72 + strlen(_(txt_article_reposted)) - strwidth(_(txt_article_reposted))), _(txt_article_reposted));
data/tin-2.4.5~20200522/src/post.c:4222:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fprintf(fp, "[ From: %-*s ]\n", (int) (66 + strlen(note_h.from) - strwidth(note_h.from)), note_h.from);
data/tin-2.4.5~20200522/src/post.c:4223:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fprintf(fp, "[ Subject: %-*s ]\n", (int) (63 + strlen(note_h.subj) - strwidth(note_h.subj)), note_h.subj);
data/tin-2.4.5~20200522/src/post.c:4224:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fprintf(fp, "[ Newsgroups: %-*s ]\n", (int) (60 + strlen(note_h.newsgroups) - strwidth(note_h.newsgroups)), note_h.newsgroups);
data/tin-2.4.5~20200522/src/post.c:4369:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(x_hdrs[num_x_hdrs - 1]);
data/tin-2.4.5~20200522/src/post.c:4370:70: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
x_hdrs[num_x_hdrs - 1] = my_realloc(x_hdrs[num_x_hdrs - 1], i + strlen(line) + 1);
data/tin-2.4.5~20200522/src/post.c:4497:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ptr) > 2) /* skip empty headers ": \0" */
data/tin-2.4.5~20200522/src/post.c:4523:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!*suffix && strlen(SYSTEM_NAME))
data/tin-2.4.5~20200522/src/post.c:4809:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (mailed && strlen(fcc)) {
data/tin-2.4.5~20200522/src/post.c:4864:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(addresses);
data/tin-2.4.5~20200522/src/post.c:4972:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(addr, start, addr_len);
data/tin-2.4.5~20200522/src/post.c:5011:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
this_address = my_malloc(strlen(address) + 1);
data/tin-2.4.5~20200522/src/post.c:5015:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
curr_address = my_realloc(curr_address, strlen(addr_list[i]) + 1);
data/tin-2.4.5~20200522/src/post.c:5055:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
all_addresses[j] = my_malloc(strlen(to_addresses[i]) + 1);
data/tin-2.4.5~20200522/src/post.c:5059:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
all_addresses[j] = my_malloc(strlen(cc_addresses[i]) + 1);
data/tin-2.4.5~20200522/src/post.c:5063:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
all_addresses[j] = my_malloc(strlen(bcc_addresses[i]) + 1);
data/tin-2.4.5~20200522/src/post.c:5135:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, "I");
data/tin-2.4.5~20200522/src/post.c:5148:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(buf + strlen(buf), sizeof(buf) - strlen(buf), "N%s%%%s>", radix32(getuid()), buf2);
data/tin-2.4.5~20200522/src/post.c:5148:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(buf + strlen(buf), sizeof(buf) - strlen(buf), "N%s%%%s>", radix32(getuid()), buf2);
data/tin-2.4.5~20200522/src/post.c:5156:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(buf + strlen(buf), sizeof(buf) - strlen(buf), "N%s@%s>", radix32(getuid()), get_fqdn(get_host_name()));
data/tin-2.4.5~20200522/src/post.c:5156:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(buf + strlen(buf), sizeof(buf) - strlen(buf), "N%s@%s>", radix32(getuid()), get_fqdn(get_host_name()));
data/tin-2.4.5~20200522/src/post.c:5163:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((j = strlen(buf) - 9) > 0) { /* strlen(".invalid>") */
data/tin-2.4.5~20200522/src/post.c:5217:78: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return cl_get_lock(get_cancel_lock_algo(), (const unsigned char *) secret, strlen(secret), (const unsigned char *) messageid, strlen(messageid));
data/tin-2.4.5~20200522/src/post.c:5217:129: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return cl_get_lock(get_cancel_lock_algo(), (const unsigned char *) secret, strlen(secret), (const unsigned char *) messageid, strlen(messageid));
data/tin-2.4.5~20200522/src/post.c:5233:77: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return cl_get_key(get_cancel_lock_algo(), (const unsigned char *) secret, strlen(secret), (const unsigned char *) messageid, strlen(messageid));
data/tin-2.4.5~20200522/src/post.c:5233:128: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return cl_get_key(get_cancel_lock_algo(), (const unsigned char *) secret, strlen(secret), (const unsigned char *) messageid, strlen(messageid));
data/tin-2.4.5~20200522/src/post.c:5328:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) == 0) { /* End of headers */
data/tin-2.4.5~20200522/src/post.c:5334:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (write(fd_out, msgidbuf, strlen(msgidbuf)) == (ssize_t) -1) /* abort on write errors */ {
data/tin-2.4.5~20200522/src/post.c:5371:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (writesuccess && write(fd_out, dateheader, strlen(dateheader)) == (ssize_t) -1) /* abort on write errors */
data/tin-2.4.5~20200522/src/post.c:5401:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((write(fd_out, line, strlen(line)) == (ssize_t) -1) || (write(fd_out, "\n", 1) == (ssize_t) -1)) /* abort on write errors */ {
data/tin-2.4.5~20200522/src/post.c:5452:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
my_list = my_malloc(strlen(ngs_list) + 1);
data/tin-2.4.5~20200522/src/post.c:5525:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(ngs_list, ",");
data/tin-2.4.5~20200522/src/prompt.c:606:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, ">");
data/tin-2.4.5~20200522/src/prompt.c:689:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prompt_slk_message = my_malloc(strlen(buf) + 2);
data/tin-2.4.5~20200522/src/prompt.c:697:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(prompt_slk_message, strlen(buf) + 2, "%s%s", buf, tmp);
data/tin-2.4.5~20200522/src/prompt.c:701:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(prompt_slk_message, strlen(buf) + 2, "%s%c", buf, func_to_key(default_func, keys));
data/tin-2.4.5~20200522/src/read.c:245:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(buffer);
data/tin-2.4.5~20200522/src/read.c:273:15: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((c = fgetc(get_nntp_fp(fp))) == ' ' || c == '\t') {
data/tin-2.4.5~20200522/src/refs.c:327:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = my_malloc(sizeof(struct t_msgid) + strlen(msgid));
data/tin-2.4.5~20200522/src/refs.c:507:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(refptr->txt) + 1; /* msgid + space */
data/tin-2.4.5~20200522/src/refs.c:522:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos = strlen(refs);
data/tin-2.4.5~20200522/src/refs.c:542:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(refs);
data/tin-2.4.5~20200522/src/refs.c:597:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(ptr);
data/tin-2.4.5~20200522/src/regex.c:82:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((error = pcre_exec(ptr_cache->re, ptr_cache->extra, string, strlen(string), 0, 0, NULL, 0)) >= 0) {
data/tin-2.4.5~20200522/src/regex.c:171:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (pcre_exec(regex->re, regex->extra, ptr, strlen(ptr), 0, 0, offsets, offsets_size) >= 0) {
data/tin-2.4.5~20200522/src/rfc1524.c:82:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((ptr = getenv("MAILCAPS")) != NULL && strlen(ptr)) {
data/tin-2.4.5~20200522/src/rfc1524.c:83:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mailcaps = my_malloc(strlen(ptr) + strlen(DEFAULT_MAILCAPS) + 2);
data/tin-2.4.5~20200522/src/rfc1524.c:83:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mailcaps = my_malloc(strlen(ptr) + strlen(DEFAULT_MAILCAPS) + 2);
data/tin-2.4.5~20200522/src/rfc1524.c:99:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while ((fgets(ptr, sizeof(buf) - strlen(buf), fp)) != NULL) {
data/tin-2.4.5~20200522/src/rfc1524.c:103:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = buf + strlen(buf) - 1;
data/tin-2.4.5~20200522/src/rfc1524.c:114:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncasecmp(ptr, content_types[part->type], strlen(ptr) - strlen(ptr2))) {
data/tin-2.4.5~20200522/src/rfc1524.c:114:70: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncasecmp(ptr, content_types[part->type], strlen(ptr) - strlen(ptr2))) {
data/tin-2.4.5~20200522/src/rfc1524.c:115:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncasecmp(ptr + strlen(content_types[part->type]) + 1, part->subtype, strlen(part->subtype))) {
data/tin-2.4.5~20200522/src/rfc1524.c:115:85: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncasecmp(ptr + strlen(content_types[part->type]) + 1, part->subtype, strlen(part->subtype))) {
data/tin-2.4.5~20200522/src/rfc1524.c:127:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(wildcap)) { /* we don't already have a wildmat match */
data/tin-2.4.5~20200522/src/rfc1524.c:138:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(wildcap)) { /* we just had a wildmat match */
data/tin-2.4.5~20200522/src/rfc1524.c:188:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = my_calloc(1, strlen(content_types[part->type]) + strlen(part->subtype) + 2);
data/tin-2.4.5~20200522/src/rfc1524.c:188:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = my_calloc(1, strlen(content_types[part->type]) + strlen(part->subtype) + 2);
data/tin-2.4.5~20200522/src/rfc1524.c:191:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr += strlen(ptr) + 1;
data/tin-2.4.5~20200522/src/rfc1524.c:194:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr += strlen(ptr) + 1;
data/tin-2.4.5~20200522/src/rfc1524.c:206:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr += strlen(ptr) + 1;
data/tin-2.4.5~20200522/src/rfc1524.c:210:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr += strlen(ptr) + 1;
data/tin-2.4.5~20200522/src/rfc1524.c:214:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr += strlen(ptr) + 1;
data/tin-2.4.5~20200522/src/rfc1524.c:218:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr += strlen(ptr) + 1;
data/tin-2.4.5~20200522/src/rfc1524.c:222:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr += strlen(ptr) + 1;
data/tin-2.4.5~20200522/src/rfc1524.c:226:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr += strlen(ptr) + 1;
data/tin-2.4.5~20200522/src/rfc1524.c:230:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr += strlen(ptr) + 1;
data/tin-2.4.5~20200522/src/rfc1524.c:234:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr += strlen(ptr) + 1;
data/tin-2.4.5~20200522/src/rfc1524.c:238:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr += strlen(ptr) + 1;
data/tin-2.4.5~20200522/src/rfc1524.c:242:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr += strlen(ptr) + 1;
data/tin-2.4.5~20200522/src/rfc1524.c:246:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr += strlen(ptr) + 1;
data/tin-2.4.5~20200522/src/rfc1524.c:336:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
olen = strlen(line); \
data/tin-2.4.5~20200522/src/rfc1524.c:377:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
olen = strlen(line); /* get current length of string */
data/tin-2.4.5~20200522/src/rfc1524.c:404:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(parameter, ptr + 1, end - ptr - 1); /* extract parameter name */
data/tin-2.4.5~20200522/src/rfc1524.c:408:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CHECK_SPACE(strlen(nptr));
data/tin-2.4.5~20200522/src/rfc1524.c:410:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lptr = line + strlen(line);
data/tin-2.4.5~20200522/src/rfc1524.c:411:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
space -= strlen(line);
data/tin-2.4.5~20200522/src/rfc1524.c:432:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CHECK_SPACE(strlen(nptr) + 2);
data/tin-2.4.5~20200522/src/rfc1524.c:434:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lptr = line + strlen(line);
data/tin-2.4.5~20200522/src/rfc1524.c:435:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
space -= strlen(line);
data/tin-2.4.5~20200522/src/rfc1524.c:441:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CHECK_SPACE((strlen(content_types[part->type]) + 1 + strlen(nptr)));
data/tin-2.4.5~20200522/src/rfc1524.c:441:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CHECK_SPACE((strlen(content_types[part->type]) + 1 + strlen(nptr)));
data/tin-2.4.5~20200522/src/rfc1524.c:443:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, "/");
data/tin-2.4.5~20200522/src/rfc1524.c:445:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lptr = line + strlen(line);
data/tin-2.4.5~20200522/src/rfc1524.c:446:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
space -= strlen(line);
data/tin-2.4.5~20200522/src/rfc2045.c:122:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(line);
data/tin-2.4.5~20200522/src/rfc2045.c:233:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ptr == NULL || strlen(ptr) == 0) {
data/tin-2.4.5~20200522/src/rfc2045.c:267:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(my_rest) == 0) {
data/tin-2.4.5~20200522/src/rfc2045.c:397:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf2 = my_malloc(strlen(buf) + 1); /* decoded string is always shorter than encoded string, so this is safe */
data/tin-2.4.5~20200522/src/rfc2045.c:463:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((chars_to_add = strlen(buf2)) == 0) /* Empty line, leave loop. */
data/tin-2.4.5~20200522/src/rfc2045.c:492:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (chars_to_add > buflen - strlen(buf) - 2) {
data/tin-2.4.5~20200522/src/rfc2045.c:496:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(buf, buf2, buflen - 2);
data/tin-2.4.5~20200522/src/rfc2045.c:504:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, "\n");
data/tin-2.4.5~20200522/src/rfc2045.c:512:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf2 = my_malloc(strlen(buf) + 1); /* Don't use realloc here, tin_fgets relies on its internal state! */
data/tin-2.4.5~20200522/src/rfc2045.c:521:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*max_line_len < strlen(ptr) + 1) {
data/tin-2.4.5~20200522/src/rfc2045.c:522:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*max_line_len = strlen(ptr) + 1;
data/tin-2.4.5~20200522/src/rfc2045.c:525:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(*line, ptr, *max_line_len);
data/tin-2.4.5~20200522/src/rfc2046.c:142:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t blen = strlen(boundary);
data/tin-2.4.5~20200522/src/rfc2046.c:147:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((len = strlen(line)) == 0)
data/tin-2.4.5~20200522/src/rfc2046.c:159:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(l);
data/tin-2.4.5~20200522/src/rfc2046.c:308:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return my_realloc(dest, strlen(dest) + 1);
data/tin-2.4.5~20200522/src/rfc2046.c:320:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*dest = my_malloc(strlen(source) + 1);
data/tin-2.4.5~20200522/src/rfc2046.c:338:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*dest = my_realloc(*dest, strlen(*dest) + 1);
data/tin-2.4.5~20200522/src/rfc2046.c:380:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t max_line_len = strlen(part->value);
data/tin-2.4.5~20200522/src/rfc2046.c:417:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*value = my_realloc(newval, strlen(newval) + 1);
data/tin-2.4.5~20200522/src/rfc2046.c:467:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
param += strlen(name);
data/tin-2.4.5~20200522/src/rfc2046.c:498:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
param += strlen(value);
data/tin-2.4.5~20200522/src/rfc2046.c:615:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newlen += strlen(c_list->value);
data/tin-2.4.5~20200522/src/rfc2046.c:718:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
charsetheader = my_malloc(strlen(curr_group->attribute->undeclared_charset) + 9); /* 9=len('charset=\0') */
data/tin-2.4.5~20200522/src/rfc2046.c:814:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
charsetheader = my_malloc(strlen(curr_group->attribute->undeclared_charset) + 9); /* 9=len('charset=\0') */
data/tin-2.4.5~20200522/src/rfc2046.c:915:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t plen = strlen(pat);
data/tin-2.4.5~20200522/src/rfc2046.c:1522:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *group_path = my_malloc(strlen(group->name) + 2); /* tailing "/\0" */;
data/tin-2.4.5~20200522/src/rfc2047.c:252:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
max_len = strlen(c) + 1;
data/tin-2.4.5~20200522/src/rfc2047.c:328:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tmpbuf, t, i);
data/tin-2.4.5~20200522/src/rfc2047.c:331:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
chars_to_copy = strlen(tmpbuf);
data/tin-2.4.5~20200522/src/rfc2047.c:334:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(t, tmpbuf, chars_to_copy);
data/tin-2.4.5~20200522/src/rfc2047.c:587:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncasecmp(what, *strptr, strlen(*strptr))) {
data/tin-2.4.5~20200522/src/rfc2047.c:595:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ew_taken_len = strlen(charset) + 7 /* =?c?E?d?= */;
data/tin-2.4.5~20200522/src/rfc2047.c:608:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (t - buffer + strlen(buf2) >= bufferlen) {
data/tin-2.4.5~20200522/src/rfc2047.c:675:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!contains_nonprintables(what, isstruct_head) || ewsize >= 70 - strlen(charset)) {
data/tin-2.4.5~20200522/src/rfc2047.c:689:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ewsize >= 70 - strlen(charset) && (contains_nonprintables(what, isstruct_head) || isbroken_within)) {
data/tin-2.4.5~20200522/src/rfc2047.c:734:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (t - buffer + strlen(buf2) >= bufferlen) {
data/tin-2.4.5~20200522/src/rfc2047.c:746:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (t - buffer + strlen(buf2) + 3 >= bufferlen) {
data/tin-2.4.5~20200522/src/rfc2047.c:804:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t new_bufferlen = strlen(buffer) * 2 + 1; /* maximum length if
data/tin-2.4.5~20200522/src/save.c:165:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(savefile + strlen(savefile), sizeof(savefile) - strlen(savefile), ".%ld", (long) process_id);
data/tin-2.4.5~20200522/src/save.c:165:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(savefile + strlen(savefile), sizeof(savefile) - strlen(savefile), ".%ld", (long) process_id);
data/tin-2.4.5~20200522/src/save.c:217:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *group_path = my_malloc(strlen(group->name) + 2); /* trailing "/\0" */
data/tin-2.4.5~20200522/src/save.c:422:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(mode, "w");
data/tin-2.4.5~20200522/src/save.c:489:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path, inpath, sizeof(path) - 1);
data/tin-2.4.5~20200522/src/save.c:535:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&path[strlen(path)], "%c%03d", suffixsep, num_save + 1);
data/tin-2.4.5~20200522/src/save.c:611:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(path))
data/tin-2.4.5~20200522/src/save.c:617:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(p)) {
data/tin-2.4.5~20200522/src/save.c:1187:76: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((fp_out == NULL) && pcre_exec(shar_regex.re, shar_regex.extra, buf, strlen(buf), 0, 0, NULL, 0) >= 0)
data/tin-2.4.5~20200522/src/save.c:2334:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf2, conv_buf, sizeof(buf2) - 1);
data/tin-2.4.5~20200522/src/save.c:2335:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count = strlen(buf2);
data/tin-2.4.5~20200522/src/save.c:2356:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line_len = strlen(conv_buf);
data/tin-2.4.5~20200522/src/save.c:2359:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, conv_buf, sizeof(buf) - 1);
data/tin-2.4.5~20200522/src/save.c:2397:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prompt = fmt_string(_(txt_pipe_to_command), cCOLS - (strlen(_(txt_pipe_to_command)) + 30), tinrc.default_pipe_command);
data/tin-2.4.5~20200522/src/screen.c:525:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
display_format = my_malloc(strlen(DISPLAY_FMT) + strlen(_(txt_remaining)) + 1);
data/tin-2.4.5~20200522/src/screen.c:525:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
display_format = my_malloc(strlen(DISPLAY_FMT) + strlen(_(txt_remaining)) + 1);
data/tin-2.4.5~20200522/src/search.c:381:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (pcre_exec(search_regex.re, search_regex.extra, line, strlen(line), 0, 0, srch_offsets, srch_offsets_size) != PCRE_ERROR_NOMATCH) {
data/tin-2.4.5~20200522/src/search.c:431:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(arts[i].from) + strlen(arts[i].name) + 4;
data/tin-2.4.5~20200522/src/search.c:431:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(arts[i].from) + strlen(arts[i].name) + 4;
data/tin-2.4.5~20200522/src/search.c:644:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (pcre_exec(search_regex.re, search_regex.extra, ptr, strlen(ptr), srch_offsets[1], 0, srch_offsets, srch_offsets_size) != PCRE_ERROR_NOMATCH) {
data/tin-2.4.5~20200522/src/select.c:699:4: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(sptr, fmt, 1);
data/tin-2.4.5~20200522/src/select.c:707:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(sptr, fmt, 1);
data/tin-2.4.5~20200522/src/select.c:726:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = sptr + strlen(sptr);
data/tin-2.4.5~20200522/src/select.c:734:6: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(sptr, active[n].description, sel_fmt.len_grpdesc);
data/tin-2.4.5~20200522/src/select.c:738:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = sptr + strlen(sptr);
data/tin-2.4.5~20200522/src/select.c:762:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = sptr + strlen(sptr);
data/tin-2.4.5~20200522/src/select.c:807:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = sptr + strlen(sptr);
data/tin-2.4.5~20200522/src/select.c:822:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = sptr + strlen(sptr);
data/tin-2.4.5~20200522/src/select.c:1081:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(pos))
data/tin-2.4.5~20200522/src/select.c:1461:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(ptr, msgid, strlen(msgid))) { /* INN, MPNews, Leafnode, Cnews nntpd */
data/tin-2.4.5~20200522/src/select.c:1462:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r = ptr + strlen(msgid) + 1;
data/tin-2.4.5~20200522/src/select.c:1520:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(ptr, msgid, strlen(msgid)))
data/tin-2.4.5~20200522/src/select.c:1521:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r = ptr + strlen(msgid) + 1;
data/tin-2.4.5~20200522/src/select.c:1587:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(id, ">");
data/tin-2.4.5~20200522/src/sigfile.c:98:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sigcmd = my_malloc(strlen(sigattr) + cnt * strlen(thisgroup->name) + 1);
data/tin-2.4.5~20200522/src/sigfile.c:98:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sigcmd = my_malloc(strlen(sigattr) + cnt * strlen(thisgroup->name) + 1);
data/tin-2.4.5~20200522/src/sigfile.c:115:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sigcmd = my_malloc(strlen(sigattr) + 1);
data/tin-2.4.5~20200522/src/sigfile.c:310:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(sigfile, "/");
data/tin-2.4.5~20200522/src/strftime.c:103:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strchr(format, '%') == NULL && strlen(format) + 1 >= maxsize)
data/tin-2.4.5~20200522/src/strftime.c:263:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((i = strlen(tbuf))) {
data/tin-2.4.5~20200522/src/string.c:95:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen(buffer);
data/tin-2.4.5~20200522/src/string.c:102:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (i >= strlen(power)) { /* buffer is to small */
data/tin-2.4.5~20200522/src/string.c:136:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(str) + 1;
data/tin-2.4.5~20200522/src/string.c:338:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
textlen = strlen(text);
data/tin-2.4.5~20200522/src/string.c:339:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
patlen = strlen(pattern);
data/tin-2.4.5~20200522/src/string.c:703:12: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
src = strcpy(temp, "%");
data/tin-2.4.5~20200522/src/string.c:716:12: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
src = strcpy(temp, "");
data/tin-2.4.5~20200522/src/string.c:795:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen(str);
data/tin-2.4.5~20200522/src/string.c:796:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
plen = strlen(pat);
data/tin-2.4.5~20200522/src/string.c:820:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t pos = strlen(test);
data/tin-2.4.5~20200522/src/string.c:912:34: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gap = columns - wcswidth(wbuf, wcslen(wbuf) + 1);
data/tin-2.4.5~20200522/src/string.c:914:46: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wbuf = my_realloc(wbuf, sizeof(wchar_t) * (wcslen(wbuf) + gap + 1));
data/tin-2.4.5~20200522/src/string.c:915:16: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = wbuf + wcslen(wbuf); /* set ptr again to end of wbuf */
data/tin-2.4.5~20200522/src/string.c:922:46: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wbuf = my_realloc(wbuf, sizeof(wchar_t) * (wcslen(wbuf) + 1));
data/tin-2.4.5~20200522/src/string.c:941:24: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (wcswidth(grpname, wcslen(grpname)) > len) {
data/tin-2.4.5~20200522/src/string.c:951:29: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newlen = wcswidth(tail, wcslen(tail)) + tmplen;
data/tin-2.4.5~20200522/src/string.c:962:61: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new_grpname = my_realloc(new_grpname, sizeof(wchar_t) * (wcslen(new_grpname) + 1));
data/tin-2.4.5~20200522/src/string.c:964:30: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (wcswidth(new_grpname, wcslen(new_grpname)) > len) {
data/tin-2.4.5~20200522/src/string.c:999:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(grpname) > len) {
data/tin-2.4.5~20200522/src/string.c:1009:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newlen = strlen(tail) + tmplen;
data/tin-2.4.5~20200522/src/string.c:1020:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new_grpname = my_realloc(new_grpname, strlen(new_grpname) + 1);
data/tin-2.4.5~20200522/src/string.c:1022:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(new_grpname) > len) {
data/tin-2.4.5~20200522/src/string.c:1046:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int columns = (int) strlen(str);
data/tin-2.4.5~20200522/src/string.c:1052:31: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((width = wcswidth(wbuf, wcslen(wbuf) + 1)) > 0)
data/tin-2.4.5~20200522/src/string.c:1091:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int) strlen(message) <= len)
data/tin-2.4.5~20200522/src/string.c:1115:21: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (wcswidth(wtmp, wcslen(wtmp)) > len) {
data/tin-2.4.5~20200522/src/string.c:1130:21: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len_tail = tail ? wcslen(tail) : 0;
data/tin-2.4.5~20200522/src/string.c:1133:47: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wtmp = my_realloc(wtmp2, sizeof(wchar_t) * (wcslen(wtmp2) + len_tail + 1)); /* wtmp2 isn't valid anymore and doesn't have to be free()ed */
data/tin-2.4.5~20200522/src/string.c:1151:15: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = wcslen(wstr) + 1;
data/tin-2.4.5~20200522/src/string.c:1353:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = (char *) u8_normalize(mode, (uint8_t *) tmp, strlen(tmp) + 1, NULL, &olen);
data/tin-2.4.5~20200522/src/string.c:1574:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(tmp_date_str))
data/tin-2.4.5~20200522/src/string.c:1589:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fmt->len_date = strlen(buf);
data/tin-2.4.5~20200522/src/tcurses.c:392:25: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
col = wcswidth(wtmp, wcslen(wtmp) + 1);
data/tin-2.4.5~20200522/src/tcurses.c:445:25: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
col = wcswidth(wtmp, wcslen(wtmp) + 1);
data/tin-2.4.5~20200522/src/tcurses.c:457:26: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wsize = wcswidth(wtmp, wcslen(wtmp) + 1);
data/tin-2.4.5~20200522/src/thread.c:156:4: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(buffer, fmt, 1);
data/tin-2.4.5~20200522/src/thread.c:164:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(buffer, fmt, 1);
data/tin-2.4.5~20200522/src/thread.c:180:6: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(buffer, buf, thrd_fmt.len_date_max);
data/tin-2.4.5~20200522/src/thread.c:201:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
get_author(TRUE, art, buffer + strlen(buffer), thrd_fmt.len_from);
data/tin-2.4.5~20200522/src/thread.c:203:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gap = strlen(buffer);
data/tin-2.4.5~20200522/src/thread.c:216:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = buffer + strlen(buffer);
data/tin-2.4.5~20200522/src/thread.c:227:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = buffer + strlen(buffer);
data/tin-2.4.5~20200522/src/thread.c:244:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer[strlen(buffer) - 1] = mark; /* insert mark */
data/tin-2.4.5~20200522/src/thread.c:250:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tmp, art->refptr ? art->refptr->txt : "", len);
data/tin-2.4.5~20200522/src/thread.c:254:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = buffer + strlen(buffer);
data/tin-2.4.5~20200522/src/thread.c:282:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
make_prefix(art->refptr, buffer + strlen(buffer), len);
data/tin-2.4.5~20200522/src/thread.c:312:10: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(buffer, art->subject, gap);
data/tin-2.4.5~20200522/src/thread.c:340:9: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(buffer, art->subject, gap);
data/tin-2.4.5~20200522/src/thread.c:353:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gap = strlen(buffer);
data/tin-2.4.5~20200522/src/thread.c:1434:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(prefix, buf, maxlen);
data/tin-2.4.5~20200522/src/tmpfile.c:84:7: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
u = umask(0);
data/tin-2.4.5~20200522/src/tmpfile.c:85:10: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
(void) umask(u);
data/tin-2.4.5~20200522/src/version.c:84:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(lskip) + strlen(fmt) + 1; /* format buffer len */
data/tin-2.4.5~20200522/src/version.c:84:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(lskip) + strlen(fmt) + 1; /* format buffer len */
data/tin-2.4.5~20200522/src/version.c:152:10: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
switch (getchar()) {
data/tin-2.4.5~20200522/src/wildmat.c:187:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
srch_offsets[1] = strlen(text);
data/tin-2.4.5~20200522/src/wildmat.c:205:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
px[strlen(px) - 1] = '\0';
data/tin-2.4.5~20200522/src/wildmat.c:206:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen(t); i > 0; i--) {
data/tin-2.4.5~20200522/src/xface.c:108:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(ptr)) { /* TODO: mention XDG_RUNTIME_DIR in error message? */
data/tin-2.4.5~20200522/src/xface.c:115:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pathlen = strlen(ptr) + strlen("/.slrnfaces/") + strlen(u.nodename) + 30;
data/tin-2.4.5~20200522/src/xface.c:115:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pathlen = strlen(ptr) + strlen("/.slrnfaces/") + strlen(u.nodename) + 30;
data/tin-2.4.5~20200522/src/xface.c:115:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pathlen = strlen(ptr) + strlen("/.slrnfaces/") + strlen(u.nodename) + 30;
data/tin-2.4.5~20200522/src/xface.c:191:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(slrnface_fd, "start\n", strlen("start\n"));
data/tin-2.4.5~20200522/src/xface.c:258:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(slrnface_fd, "clear\n", strlen("clear\n"));
data/tin-2.4.5~20200522/src/xface.c:263:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(slrnface_fd, buf, strlen(buf));
data/tin-2.4.5~20200522/src/xface.c:275:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(slrnface_fd, "clear\n", strlen("clear\n"));
data/tin-2.4.5~20200522/src/xface.c:286:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(slrnface_fd, "suppress\n", strlen("suppress\n"));
data/tin-2.4.5~20200522/src/xface.c:297:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(slrnface_fd, "show\n", strlen("show\n"));
ANALYSIS SUMMARY:
Hits = 2383
Lines analyzed = 119783 in approximately 3.34 seconds (35868 lines/second)
Physical Source Lines of Code (SLOC) = 83623
Hits@level = [0] 1662 [1] 768 [2] 1160 [3] 52 [4] 373 [5] 30
Hits@level+ = [0+] 4045 [1+] 2383 [2+] 1615 [3+] 455 [4+] 403 [5+] 30
Hits/KSLOC@level+ = [0+] 48.3719 [1+] 28.4969 [2+] 19.3129 [3+] 5.44109 [4+] 4.81925 [5+] 0.358753
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.