Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/tkgate-2.1+repack/src/common/hash.c Examining data/tkgate-2.1+repack/src/common/misc.h Examining data/tkgate-2.1+repack/src/common/hash.h Examining data/tkgate-2.1+repack/src/common/list.h Examining data/tkgate-2.1+repack/src/common/ycmalloc.c Examining data/tkgate-2.1+repack/src/common/misc.c Examining data/tkgate-2.1+repack/src/common/list.c Examining data/tkgate-2.1+repack/src/common/vparser.h Examining data/tkgate-2.1+repack/src/common/ycmalloc.h Examining data/tkgate-2.1+repack/src/gmac/parser.h Examining data/tkgate-2.1+repack/src/gmac/gmac.h Examining data/tkgate-2.1+repack/src/gmac/parser.c Examining data/tkgate-2.1+repack/src/gmac/gmac.c Examining data/tkgate-2.1+repack/src/tkgate/wires.h Examining data/tkgate-2.1+repack/src/tkgate/tkgate_misc.h Examining data/tkgate-2.1+repack/src/tkgate/zoom.h Examining data/tkgate-2.1+repack/src/tkgate/elements.h Examining data/tkgate-2.1+repack/src/tkgate/generic.c Examining data/tkgate-2.1+repack/src/tkgate/mux.c Examining data/tkgate-2.1+repack/src/tkgate/net.h Examining data/tkgate-2.1+repack/src/tkgate/comment.h Examining data/tkgate-2.1+repack/src/tkgate/gates.h Examining data/tkgate-2.1+repack/src/tkgate/yybasic.h Examining data/tkgate-2.1+repack/src/tkgate/script.h Examining data/tkgate-2.1+repack/src/tkgate/pulldown.c Examining data/tkgate-2.1+repack/src/tkgate/ascii.c Examining data/tkgate-2.1+repack/src/tkgate/breakpoint.h Examining data/tkgate-2.1+repack/src/tkgate/icon.h Examining data/tkgate-2.1+repack/src/tkgate/or.c Examining data/tkgate-2.1+repack/src/tkgate/verilog.h Examining data/tkgate-2.1+repack/src/tkgate/icon.c Examining data/tkgate-2.1+repack/src/tkgate/gates.c Examining data/tkgate-2.1+repack/src/tkgate/wiresdraw.c Examining data/tkgate-2.1+repack/src/tkgate/pullup.c Examining data/tkgate-2.1+repack/src/tkgate/print.h Examining data/tkgate-2.1+repack/src/tkgate/mult.c Examining data/tkgate-2.1+repack/src/tkgate/script.c Examining data/tkgate-2.1+repack/src/tkgate/generic.h Examining data/tkgate-2.1+repack/src/tkgate/cpath.h Examining data/tkgate-2.1+repack/src/tkgate/concat.c Examining data/tkgate-2.1+repack/src/tkgate/release.c Examining data/tkgate-2.1+repack/src/tkgate/editstate.h Examining data/tkgate-2.1+repack/src/tkgate/hdl.c Examining data/tkgate-2.1+repack/src/tkgate/nmos.c Examining data/tkgate-2.1+repack/src/tkgate/modsym.c Examining data/tkgate-2.1+repack/src/tkgate/traceprint.c Examining data/tkgate-2.1+repack/src/tkgate/join.c Examining data/tkgate-2.1+repack/src/tkgate/ground.c Examining data/tkgate-2.1+repack/src/tkgate/block.c Examining data/tkgate-2.1+repack/src/tkgate/frame.c Examining data/tkgate-2.1+repack/src/tkgate/delay.c Examining data/tkgate-2.1+repack/src/tkgate/scopewin.c Examining data/tkgate-2.1+repack/src/tkgate/psprolog.h Examining data/tkgate-2.1+repack/src/tkgate/module.c Examining data/tkgate-2.1+repack/src/tkgate/demux.c Examining data/tkgate-2.1+repack/src/tkgate/hyperlink.c Examining data/tkgate-2.1+repack/src/tkgate/symblock.c Examining data/tkgate-2.1+repack/src/tkgate/simulate.h Examining data/tkgate-2.1+repack/src/tkgate/cursors.c Examining data/tkgate-2.1+repack/src/tkgate/simulate.c Examining data/tkgate-2.1+repack/src/tkgate/in.c Examining data/tkgate-2.1+repack/src/tkgate/led.c Examining data/tkgate-2.1+repack/src/tkgate/print.c Examining data/tkgate-2.1+repack/src/tkgate/scope.h Examining data/tkgate-2.1+repack/src/tkgate/search.c Examining data/tkgate-2.1+repack/src/tkgate/joint.c Examining data/tkgate-2.1+repack/src/tkgate/metrics.c Examining data/tkgate-2.1+repack/src/tkgate/pmos.c Examining data/tkgate-2.1+repack/src/tkgate/text.h Examining data/tkgate-2.1+repack/src/tkgate/object.c Examining data/tkgate-2.1+repack/src/tkgate/object.h Examining data/tkgate-2.1+repack/src/tkgate/lshift.c Examining data/tkgate-2.1+repack/src/tkgate/fonts.c Examining data/tkgate-2.1+repack/src/tkgate/delay.h Examining data/tkgate-2.1+repack/src/tkgate/gate_painter.c Examining data/tkgate-2.1+repack/src/tkgate/wiresmove.c Examining data/tkgate-2.1+repack/src/tkgate/circuit.h Examining data/tkgate-2.1+repack/src/tkgate/error.h Examining data/tkgate-2.1+repack/src/tkgate/vdd.c Examining data/tkgate-2.1+repack/src/tkgate/selection.c Examining data/tkgate-2.1+repack/src/tkgate/expr.c Examining data/tkgate-2.1+repack/src/tkgate/rom.c Examining data/tkgate-2.1+repack/src/tkgate/tkgate_config.h Examining data/tkgate-2.1+repack/src/tkgate/functions.c Examining data/tkgate-2.1+repack/src/tkgate/switch.h Examining data/tkgate-2.1+repack/src/tkgate/wiresedit.c Examining data/tkgate-2.1+repack/src/tkgate/breakpoint.c Examining data/tkgate-2.1+repack/src/tkgate/net.c Examining data/tkgate-2.1+repack/src/tkgate/scope.c Examining data/tkgate-2.1+repack/src/tkgate/decoder.c Examining data/tkgate-2.1+repack/src/tkgate/tap.c Examining data/tkgate-2.1+repack/src/tkgate/comment.c Examining data/tkgate-2.1+repack/src/tkgate/jkff.c Examining data/tkgate-2.1+repack/src/tkgate/circuit.c Examining data/tkgate-2.1+repack/src/tkgate/primitives.c Examining data/tkgate-2.1+repack/src/tkgate/html.c Examining data/tkgate-2.1+repack/src/tkgate/flipflop.c Examining data/tkgate-2.1+repack/src/tkgate/ram.c Examining data/tkgate-2.1+repack/src/tkgate/tkgatewin.c Examining data/tkgate-2.1+repack/src/tkgate/switch.c Examining data/tkgate-2.1+repack/src/tkgate/igenerate.h Examining data/tkgate-2.1+repack/src/tkgate/verilog_in.c Examining data/tkgate-2.1+repack/src/tkgate/gate_painter.h Examining data/tkgate-2.1+repack/src/tkgate/rshift.c Examining data/tkgate-2.1+repack/src/tkgate/register.c Examining data/tkgate-2.1+repack/src/tkgate/vparser.h Examining data/tkgate-2.1+repack/src/tkgate/dip.c Examining data/tkgate-2.1+repack/src/tkgate/verify.c Examining data/tkgate-2.1+repack/src/tkgate/expr.h Examining data/tkgate-2.1+repack/src/tkgate/fonts.h Examining data/tkgate-2.1+repack/src/tkgate/locale.c Examining data/tkgate-2.1+repack/src/tkgate/wiresadd.c Examining data/tkgate-2.1+repack/src/tkgate/functions.h Examining data/tkgate-2.1+repack/src/tkgate/clock.c Examining data/tkgate-2.1+repack/src/tkgate/roll.c Examining data/tkgate-2.1+repack/src/tkgate/adder.c Examining data/tkgate-2.1+repack/src/tkgate/arshift.c Examining data/tkgate-2.1+repack/src/tkgate/wiresnap.c Examining data/tkgate-2.1+repack/src/tkgate/module.h Examining data/tkgate-2.1+repack/src/tkgate/tri.c Examining data/tkgate-2.1+repack/src/tkgate/igenerate.c Examining data/tkgate-2.1+repack/src/tkgate/out.c Examining data/tkgate-2.1+repack/src/tkgate/modsym.h Examining data/tkgate-2.1+repack/src/tkgate/wmstuff.c Examining data/tkgate-2.1+repack/src/tkgate/paux.c Examining data/tkgate-2.1+repack/src/tkgate/zoom.c Examining data/tkgate-2.1+repack/src/tkgate/tkgate.c Examining data/tkgate-2.1+repack/src/tkgate/divide.c Examining data/tkgate-2.1+repack/src/tkgate/xor.c Examining data/tkgate-2.1+repack/src/tkgate/buffer.c Examining data/tkgate-2.1+repack/src/tkgate/editstate.c Examining data/tkgate-2.1+repack/src/tkgate/primitives.h Examining data/tkgate-2.1+repack/src/tkgate/edit.c Examining data/tkgate-2.1+repack/src/tkgate/modint.c Examining data/tkgate-2.1+repack/src/tkgate/tclfuncs.c Examining data/tkgate-2.1+repack/src/tkgate/message.h Examining data/tkgate-2.1+repack/src/tkgate/tribuffer.c Examining data/tkgate-2.1+repack/src/tkgate/html.h Examining data/tkgate-2.1+repack/src/tkgate/text.c Examining data/tkgate-2.1+repack/src/tkgate/error.c Examining data/tkgate-2.1+repack/src/tkgate/cpath.c Examining data/tkgate-2.1+repack/src/tkgate/verilog_out.c Examining data/tkgate-2.1+repack/src/tkgate/tkgate.h Examining data/tkgate-2.1+repack/src/tkgate/main.c Examining data/tkgate-2.1+repack/src/tkgate/and.c Examining data/tkgate-2.1+repack/src/tools/colors.c Examining data/tkgate-2.1+repack/src/tools/mvtag.c Examining data/tkgate-2.1+repack/src/tools/msgdiff.c Examining data/tkgate-2.1+repack/src/verga/pathmod.c Examining data/tkgate-2.1+repack/src/verga/directive.c Examining data/tkgate-2.1+repack/src/verga/net.h Examining data/tkgate-2.1+repack/src/verga/thyme_config.h Examining data/tkgate-2.1+repack/src/verga/yybasic.h Examining data/tkgate-2.1+repack/src/verga/value.h Examining data/tkgate-2.1+repack/src/verga/verilog.h Examining data/tkgate-2.1+repack/src/verga/memory.c Examining data/tkgate-2.1+repack/src/verga/directive.h Examining data/tkgate-2.1+repack/src/verga/statement.h Examining data/tkgate-2.1+repack/src/verga/evqueue.c Examining data/tkgate-2.1+repack/src/verga/thyme.h Examining data/tkgate-2.1+repack/src/verga/channel.c Examining data/tkgate-2.1+repack/src/verga/module.c Examining data/tkgate-2.1+repack/src/verga/trigger.h Examining data/tkgate-2.1+repack/src/verga/operators.h Examining data/tkgate-2.1+repack/src/verga/channel.h Examining data/tkgate-2.1+repack/src/verga/mitem.c Examining data/tkgate-2.1+repack/src/verga/commands.c Examining data/tkgate-2.1+repack/src/verga/evqueue.h Examining data/tkgate-2.1+repack/src/verga/trigger.c Examining data/tkgate-2.1+repack/src/verga/task.h Examining data/tkgate-2.1+repack/src/verga/mitem.h Examining data/tkgate-2.1+repack/src/verga/operators.c Examining data/tkgate-2.1+repack/src/verga/statement.c Examining data/tkgate-2.1+repack/src/verga/multint.h Examining data/tkgate-2.1+repack/src/verga/specify.c Examining data/tkgate-2.1+repack/src/verga/circuit.h Examining data/tkgate-2.1+repack/src/verga/error.h Examining data/tkgate-2.1+repack/src/verga/io.h Examining data/tkgate-2.1+repack/src/verga/expr.c Examining data/tkgate-2.1+repack/src/verga/systask.c Examining data/tkgate-2.1+repack/src/verga/value.c Examining data/tkgate-2.1+repack/src/verga/net.c Examining data/tkgate-2.1+repack/src/verga/systask.h Examining data/tkgate-2.1+repack/src/verga/multint.c Examining data/tkgate-2.1+repack/src/verga/circuit.c Examining data/tkgate-2.1+repack/src/verga/specify.h Examining data/tkgate-2.1+repack/src/verga/bytecode.h Examining data/tkgate-2.1+repack/src/verga/expr.h Examining data/tkgate-2.1+repack/src/verga/module.h Examining data/tkgate-2.1+repack/src/verga/verilog.c Examining data/tkgate-2.1+repack/src/verga/bytecode.c Examining data/tkgate-2.1+repack/src/verga/paux.c Examining data/tkgate-2.1+repack/src/verga/task.c Examining data/tkgate-2.1+repack/src/verga/memory.h Examining data/tkgate-2.1+repack/src/verga/error.c Examining data/tkgate-2.1+repack/src/verga/io.c Examining data/tkgate-2.1+repack/src/verga/thyme.c Examining data/tkgate-2.1+repack/src/verga/dynitem.h Examining data/tkgate-2.1+repack/options.h FINAL RESULTS: data/tkgate-2.1+repack/src/common/misc.c:69:12: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if ((p = popen("uname", "r"))) { data/tkgate-2.1+repack/src/common/misc.c:590:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(d, s); data/tkgate-2.1+repack/src/common/ycmalloc.c:110:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(N,S); data/tkgate-2.1+repack/src/common/ycmalloc.c:158:3: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. vsprintf(buf,s,ap); data/tkgate-2.1+repack/src/gmac/parser.c:73:3: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(stderr,s,ap); data/tkgate-2.1+repack/src/gmac/parser.c:352:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%s.%s",cur.proc_name,name); data/tkgate-2.1+repack/src/gmac/parser.c:372:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%s.%s",cur.proc_name,name); data/tkgate-2.1+repack/src/gmac/parser.c:418:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%s.%s",cur.proc_name,n->v.s); data/tkgate-2.1+repack/src/gmac/parser.c:608:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(ycFileName,fileName); data/tkgate-2.1+repack/src/tkgate/ascii.c:59:3: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. vsprintf(buf,s,ap); data/tkgate-2.1+repack/src/tkgate/ascii.c:270:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"<no-msg: %s>",tag); data/tkgate-2.1+repack/src/tkgate/ascii.c:288:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"<recursive: %s>",tag); data/tkgate-2.1+repack/src/tkgate/ascii.c:322:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(key,"%s %s",toCode,fromCode); data/tkgate-2.1+repack/src/tkgate/block.c:566:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(B,"(%s)",g->ename); data/tkgate-2.1+repack/src/tkgate/block.c:797:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(B,"(%s)",g->ename); data/tkgate-2.1+repack/src/tkgate/block.c:922:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf2,value+1); data/tkgate-2.1+repack/src/tkgate/block.c:924:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%s",quoteChars(buf,buf2,"\"\\")); data/tkgate-2.1+repack/src/tkgate/block.c:1117:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf,Tcl_GetStringResult(TkGate.tcl)); data/tkgate-2.1+repack/src/tkgate/block.c:1571:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(name,portName); data/tkgate-2.1+repack/src/tkgate/block.c:1801:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(B,"block %s",g->ename); data/tkgate-2.1+repack/src/tkgate/block.c:1803:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(B,"unnamed %s block",g->u.block.moduleName); data/tkgate-2.1+repack/src/tkgate/block.c:1949:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%s=%s",name,value); data/tkgate-2.1+repack/src/tkgate/block.c:1968:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%s=%s",name,value); data/tkgate-2.1+repack/src/tkgate/breakpoint.c:114:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(expression,p); data/tkgate-2.1+repack/src/tkgate/circuit.c:50:14: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). if (units) strcpy(units,unitCodes[numUnitCodes-1-index]); data/tkgate-2.1+repack/src/tkgate/comment.c:111:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(p,TKGATE_FULL_VERSION); data/tkgate-2.1+repack/src/tkgate/comment.c:113:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(p,PACKAGE_URL); data/tkgate-2.1+repack/src/tkgate/comment.c:115:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(p,PACKAGE_BUGREPORT); data/tkgate-2.1+repack/src/tkgate/comment.c:117:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(p,TKGATE_COPYRIGHT); data/tkgate-2.1+repack/src/tkgate/comment.c:147:9: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. if (sscanf(p,"<%s",tag) == 1 && strcasecmp(tag,"value-of") == 0) { data/tkgate-2.1+repack/src/tkgate/comment.c:523:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"<a href=\"%s\">%s</a>",g->u.comment.link,s); data/tkgate-2.1+repack/src/tkgate/cpath.c:178:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf,name); data/tkgate-2.1+repack/src/tkgate/cpath.c:418:14: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(C," netalias %s %s",buf,buf2) == 2) { /* Net alias definition */ data/tkgate-2.1+repack/src/tkgate/cpath.c:420:14: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(C," netdelay %s %d %d",buf,&a1,&a2) == 3) { /* Net delay values */ data/tkgate-2.1+repack/src/tkgate/cpath.c:422:14: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(C," cpath_loop %s",buf) == 1) { /* Combinational loop */ data/tkgate-2.1+repack/src/tkgate/cpath.c:656:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(p,".%s",n->n_signame); data/tkgate-2.1+repack/src/tkgate/cpath.c:658:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf,n->n_signame); data/tkgate-2.1+repack/src/tkgate/edit.c:856:8: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p,"NetID: 0x%p Name: %s\n",(void*)net,name); data/tkgate-2.1+repack/src/tkgate/edit.c:882:8: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p,"Port: %s (0x%p) {%d}\n",w->name ? w->name : "*none*",(void*)w,w->nidx); data/tkgate-2.1+repack/src/tkgate/edit.c:898:12: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p,"Gate: %s.%s[%d]\n",g->typeinfo->name, data/tkgate-2.1+repack/src/tkgate/edit.c:926:8: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p," Pos: (%d, %d) [ss:%d il:%d/%d off:%d] %s\n",n->x,n->y, data/tkgate-2.1+repack/src/tkgate/edit.c:962:10: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p,"Type: %s\n",gi->name); data/tkgate-2.1+repack/src/tkgate/edit.c:963:10: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p,"Name: %s (%p)\n",g->ename ? g->ename : "*none*",g); data/tkgate-2.1+repack/src/tkgate/edit.c:971:12: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p," %s:",GCElement_getPadName(g,i)); data/tkgate-2.1+repack/src/tkgate/edit.c:975:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p,"%s(0x%p) {%d}",w->net->n_signame,(void*)w->net,w->nidx); data/tkgate-2.1+repack/src/tkgate/edit.c:1527:3: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. vsprintf(msgBuf,msg,ap); data/tkgate-2.1+repack/src/tkgate/edit.c:1543:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"<%s> %s [%s] (%d-%s-%02d %d:%02d) %s (%s, line %d)" data/tkgate-2.1+repack/src/tkgate/edit.c:1550:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(fname,"%s/%s",home,TkGate.errorLogFile); data/tkgate-2.1+repack/src/tkgate/editstate.c:147:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(ID,"%s%s" , (M->m_protIntf ? "I" : ""), (M->m_protData ? "D" : "")); data/tkgate-2.1+repack/src/tkgate/editstate.c:520:5: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(buf,msgLookup("msg.modoverwt"),dst); /* Destination module '%s' already exists. Overwrite? */ data/tkgate-2.1+repack/src/tkgate/editstate.c:738:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(p,estack[i]->env->m_name); data/tkgate-2.1+repack/src/tkgate/editstate.c:779:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf,path); data/tkgate-2.1+repack/src/tkgate/editstate.c:822:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf,path); data/tkgate-2.1+repack/src/tkgate/editstate.c:875:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf,es->inst->ename); data/tkgate-2.1+repack/src/tkgate/error.c:117:9: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. if (sscanf(errText,"%s file %s %d %s %d %s %s : %[^\n]", data/tkgate-2.1+repack/src/tkgate/error.c:139:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg2,"script <%s> - line %d, %s",es->es_name, fileLine - es->es_beginLine + 1, msg); data/tkgate-2.1+repack/src/tkgate/error.c:200:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msgbuf,"%s, line %d: %s%s",e->e_modName,e->e_modLine,prefix,e->e_message); data/tkgate-2.1+repack/src/tkgate/error.c:202:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msgbuf,"%s: %s%s",e->e_modName,prefix,e->e_message); data/tkgate-2.1+repack/src/tkgate/error.c:619:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf,path); data/tkgate-2.1+repack/src/tkgate/error.c:658:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(argbuf,emsg+1); data/tkgate-2.1+repack/src/tkgate/error.c:706:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(name,"verga.err.%s",args[0]); data/tkgate-2.1+repack/src/tkgate/error.c:707:3: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(emsg,msgLookup(name),args[1],args[2],args[3],args[4],args[5] data/tkgate-2.1+repack/src/tkgate/expr.c:463:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(s,e->lit); data/tkgate-2.1+repack/src/tkgate/expr.c:469:12: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. return sprintf(s,"%s(%s)",e->lit,e->l->lit); data/tkgate-2.1+repack/src/tkgate/expr.c:478:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(s,buf); data/tkgate-2.1+repack/src/tkgate/expr.c:501:10: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. s += sprintf(s,"%s",findSymbol(e->op));n -= strlen(s); data/tkgate-2.1+repack/src/tkgate/fonts.c:102:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(fullName, data/tkgate-2.1+repack/src/tkgate/frame.c:371:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf,Tcl_GetVar(TkGate.tcl,"edgat_frameLabel",TCL_GLOBAL_ONLY)); data/tkgate-2.1+repack/src/tkgate/gates.c:840:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf,gi->vnames); data/tkgate-2.1+repack/src/tkgate/gates.c:1049:8: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p,"%s",TkGate.circuit->c_gatePrefix); data/tkgate-2.1+repack/src/tkgate/gates.c:1074:10: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p,"%s_",inv); /* Mixed inverted and non-inverted outputs */ data/tkgate-2.1+repack/src/tkgate/gates.c:1079:8: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p,"%s",gi->name); data/tkgate-2.1+repack/src/tkgate/gates.c:1116:12: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p,"_T%s",g->tech); data/tkgate-2.1+repack/src/tkgate/gates.c:1151:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(gcs->gc_name,name); data/tkgate-2.1+repack/src/tkgate/gates.c:1163:7: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. if (sscanf(name,"%[NP]_%s",gcs->gc_invSpec,baseName) == 2) { data/tkgate-2.1+repack/src/tkgate/gates.c:1171:7: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. if (sscanf(name,"%[A-Za-z]%dx%d_%s",baseName,&n1,&n2,dpSpec) == 4) { data/tkgate-2.1+repack/src/tkgate/gates.c:1172:14: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(name,"%[A-Za-z]%d_%s",baseName,&n1,dpSpec) == 3) { data/tkgate-2.1+repack/src/tkgate/gates.c:1174:14: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(name,"%[A-Za-z]_%s",baseName,dpSpec) == 2) { data/tkgate-2.1+repack/src/tkgate/generic.c:112:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(p,"%s%d ",w->invert ? "~" : "",simnet_id(ss,w->driver)); data/tkgate-2.1+repack/src/tkgate/generic.c:485:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(port,"%s%d",GCElement_getPadName(g,i),j); data/tkgate-2.1+repack/src/tkgate/generic.c:487:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(port,GCElement_getPadName(g,i)); data/tkgate-2.1+repack/src/tkgate/generic.c:488:12: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p," { \"%s\"",w->net->n_signame ? w->net->n_signame : "*unnamed*"); data/tkgate-2.1+repack/src/tkgate/generic.c:490:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p," \"%s\"",w->name); data/tkgate-2.1+repack/src/tkgate/generic.c:492:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p," \"%s\"",port); data/tkgate-2.1+repack/src/tkgate/generic.c:493:12: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p," \"%s\" %d ",dir,w->net->n_nbits); data/tkgate-2.1+repack/src/tkgate/generic.c:585:16: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(p,"{edit %s %s %s %s %d",port,name,_newport,dir,&bits) == 5) { data/tkgate-2.1+repack/src/tkgate/generic.c:681:10: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p," \"%s\"",gi->delayNames[i]); data/tkgate-2.1+repack/src/tkgate/generic.c:698:12: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p," %s",dd->dd_tech ? dd->dd_tech : TKGATE_DEFAULT_TECH); data/tkgate-2.1+repack/src/tkgate/generic.c:721:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"edgat_delayvalue(%s)",gi->delayNames[i]); data/tkgate-2.1+repack/src/tkgate/generic.c:1101:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf,key_seq); data/tkgate-2.1+repack/src/tkgate/generic.c:1104:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keys[n++],"Control-%s",T+4); data/tkgate-2.1+repack/src/tkgate/generic.c:1106:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keys[n++],"KeyPress-%s",T); data/tkgate-2.1+repack/src/tkgate/generic.c:1108:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keys[n++],"%s",T); data/tkgate-2.1+repack/src/tkgate/generic.c:1125:15: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). if (ks) strcpy(keys[n++],ks); data/tkgate-2.1+repack/src/tkgate/hdl.c:240:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(text+name_offset+new_len, name_end); data/tkgate-2.1+repack/src/tkgate/hdl.c:385:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"module %s;\n\nendmodule\n",M->m_name); data/tkgate-2.1+repack/src/tkgate/html.c:366:16: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(p,"%[^=] = %s",ptag,pvalue) == 2) { data/tkgate-2.1+repack/src/tkgate/html.c:592:12: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p,"<font color=gray><%s</font> ",msgLookup("tutorial.prev")); data/tkgate-2.1+repack/src/tkgate/html.c:594:12: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p,"<a href=\"#/PAGE%d\"><%s</a> ",cur_pnum-1,msgLookup("tutorial.prev")); data/tkgate-2.1+repack/src/tkgate/html.c:610:12: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p," <font color=gray>%s></font>",msgLookup("tutorial.next")); data/tkgate-2.1+repack/src/tkgate/html.c:612:12: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p," <a href=\"#/PAGE%d\">%s></a>",cur_pnum+1,msgLookup("tutorial.next")); data/tkgate-2.1+repack/src/tkgate/html.c:620:8: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p,"<a href=\"index.v\">⟨%s⟩</a> <a href=\"%s#/PAGE%d\">⟨%s⟩</a>", data/tkgate-2.1+repack/src/tkgate/html.c:637:7: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. if (sscanf(curFileName,"%[^0123456789]%d%s",baseName,&cur_pnum,extension) != 3 || strcmp(extension,".v") != 0) data/tkgate-2.1+repack/src/tkgate/html.c:641:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path,"%s/%s",curDirName,baseName); data/tkgate-2.1+repack/src/tkgate/html.c:648:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(name,"%s%d.v",path,max_pnum+1); data/tkgate-2.1+repack/src/tkgate/html.c:657:12: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p,"<font color=gray><%s</font> ",msgLookup("tutorial.prev")); data/tkgate-2.1+repack/src/tkgate/html.c:659:12: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p,"<a href=\"%s%d.v\"><%s</a> ",baseName,cur_pnum-1,msgLookup("tutorial.prev")); data/tkgate-2.1+repack/src/tkgate/html.c:665:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p," <a href=\"%s%d.v\">%d</b>",baseName,i,i); data/tkgate-2.1+repack/src/tkgate/html.c:674:12: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p," <font color=gray>%s></font>",msgLookup("tutorial.next")); data/tkgate-2.1+repack/src/tkgate/html.c:676:12: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p," <a href=\"%s%d.v\">%s></a>",baseName,cur_pnum+1,msgLookup("tutorial.next")); data/tkgate-2.1+repack/src/tkgate/html.c:684:8: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p,"<a href=\"index.v\">⟨%s⟩</a> <a href=\"%s%d.v\">⟨%s⟩</a>", data/tkgate-2.1+repack/src/tkgate/html.c:768:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(h->h_data + h->h_dataLen,line); data/tkgate-2.1+repack/src/tkgate/html.c:861:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf,tag->ht_options[i].hto_value); data/tkgate-2.1+repack/src/tkgate/hyperlink.c:101:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(url,"%s:%s",protocol,file); data/tkgate-2.1+repack/src/tkgate/hyperlink.c:102:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(command,"%s",TkGate.browserCommand); data/tkgate-2.1+repack/src/tkgate/hyperlink.c:118:14: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. sysret = system(command); data/tkgate-2.1+repack/src/tkgate/hyperlink.c:136:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(url,"%s:%s",protocol,file); data/tkgate-2.1+repack/src/tkgate/hyperlink.c:137:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(command,"%s",TkGate.emailCommand); data/tkgate-2.1+repack/src/tkgate/hyperlink.c:153:14: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. sysret = system(command); data/tkgate-2.1+repack/src/tkgate/icon.c:100:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%s/%s",base_dir,file); data/tkgate-2.1+repack/src/tkgate/igenerate.c:487:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%s %s %d %s", data/tkgate-2.1+repack/src/tkgate/igenerate.c:558:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(pvalue,"%s %d %d %s %d %d",msp->msp_name, data/tkgate-2.1+repack/src/tkgate/igenerate.c:634:11: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. if (sscanf(r,"%s %d %d %s %d %d", data/tkgate-2.1+repack/src/tkgate/igenerate.c:783:15: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. if (!r || sscanf(r,"%s %s %d %s",name,iodirstr,&bits,sidestr) != 4) return 0; data/tkgate-2.1+repack/src/tkgate/locale.c:78:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(fileName,"%s/locale/%s/messages",TkGate.homedir,locale); data/tkgate-2.1+repack/src/tkgate/locale.c:107:16: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(buf,"\\messages-encoding %s",tag) == 1) { data/tkgate-2.1+repack/src/tkgate/locale.c:110:16: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(buf,"\\verilog-encoding %s",tag) == 1) { data/tkgate-2.1+repack/src/tkgate/locale.c:113:16: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(buf,"\\display-encoding %s",tag) == 1) { data/tkgate-2.1+repack/src/tkgate/locale.c:116:16: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(buf,"\\font-encoding %s",tag) == 1) { data/tkgate-2.1+repack/src/tkgate/locale.c:119:16: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(buf,"\\postscript-encoding %s",tag) == 1) { data/tkgate-2.1+repack/src/tkgate/locale.c:145:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(dirName,"%s/locale",TkGate.homedir); data/tkgate-2.1+repack/src/tkgate/locale.c:221:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(territory,lang + 3); data/tkgate-2.1+repack/src/tkgate/locale.c:255:9: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. if (sscanf(buf,"\\font-encoding %s",tag) == 1) { data/tkgate-2.1+repack/src/tkgate/locale.c:256:16: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(buf,"\\messages-encoding %s",tag) == 1) { data/tkgate-2.1+repack/src/tkgate/locale.c:257:16: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(buf,"\\verilog-encoding %s",tag) == 1) { data/tkgate-2.1+repack/src/tkgate/locale.c:258:16: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(buf,"\\display-encoding %s",tag) == 1) { data/tkgate-2.1+repack/src/tkgate/locale.c:259:16: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(buf,"\\postscript-encoding %s",tag) == 1) { data/tkgate-2.1+repack/src/tkgate/locale.c:260:16: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(buf,"\\language %s",tag) == 1) { data/tkgate-2.1+repack/src/tkgate/locale.c:261:16: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(buf,"\\%s",tag) == 1) { data/tkgate-2.1+repack/src/tkgate/locale.c:263:16: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(buf,"%s %[^\n]",tag,msg) == 2 && *tag != '#') { data/tkgate-2.1+repack/src/tkgate/locale.c:304:9: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. if (sscanf(buf,"\\messages-encoding %s",tag) == 1) { data/tkgate-2.1+repack/src/tkgate/locale.c:306:16: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(buf,"\\%s",tag) == 1) { data/tkgate-2.1+repack/src/tkgate/locale.c:308:16: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(buf,"%s %[^\n]",tag,msg) == 2 && *tag != '#') { data/tkgate-2.1+repack/src/tkgate/main.c:95:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(tkgate_startup_script,"%s/scripts/tkgate.tcl",homeDir); data/tkgate-2.1+repack/src/tkgate/module.c:549:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(shortfile,p+1); data/tkgate-2.1+repack/src/tkgate/module.c:551:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(shortfile,M->m_fileName); data/tkgate-2.1+repack/src/tkgate/module.c:641:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(cmd,"%s -sq %s -D %lu",r,tempFile,computestrhash(tempFile)); data/tkgate-2.1+repack/src/tkgate/module.c:649:7: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. p = popen(cmd, "r"); data/tkgate-2.1+repack/src/tkgate/module.c:659:9: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. if (sscanf(data," module %s",name) == 1) { data/tkgate-2.1+repack/src/tkgate/module.c:665:16: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(data," instance %s %s",name,iname) == 2) { data/tkgate-2.1+repack/src/tkgate/module.c:671:16: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(data," input %s %d:%d",name,&msb,&lsb) == 3) { data/tkgate-2.1+repack/src/tkgate/module.c:675:16: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(data," output %s %d:%d",name,&msb,&lsb) == 3) { data/tkgate-2.1+repack/src/tkgate/module.c:679:16: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(data," inout %s %d:%d",name,&msb,&lsb) == 3) { data/tkgate-2.1+repack/src/tkgate/module.c:683:16: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(data," wire %s %d:%d",name,&msb,&lsb) == 3) { data/tkgate-2.1+repack/src/tkgate/module.c:687:16: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(data," reg %s %d:%d",name,&msb,&lsb) == 3) { data/tkgate-2.1+repack/src/tkgate/module.c:691:16: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(data," parmport %s %[^\n]",name,msg) == 2) { data/tkgate-2.1+repack/src/tkgate/module.c:693:16: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(data," endmodule %s",name) == 1) { data/tkgate-2.1+repack/src/tkgate/module.c:694:16: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(data," error %s %d %[^\n]",name,&n,msg) == 3) { data/tkgate-2.1+repack/src/tkgate/module.c:695:16: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(data," warning %s %d %[^\n]",name,&n,msg) == 3) { data/tkgate-2.1+repack/src/tkgate/module.c:758:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(M->m_text, text); data/tkgate-2.1+repack/src/tkgate/net.c:514:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf,name); data/tkgate-2.1+repack/src/tkgate/net.c:520:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf,base); data/tkgate-2.1+repack/src/tkgate/net.c:527:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%s0",base); data/tkgate-2.1+repack/src/tkgate/net.c:539:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%s0",base); data/tkgate-2.1+repack/src/tkgate/net.c:648:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(label,"%s(%s)",net->n_signame,GNet_getVType(net)); data/tkgate-2.1+repack/src/tkgate/net.c:650:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(label,"%s",net->n_signame); data/tkgate-2.1+repack/src/tkgate/net.c:652:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(label,"(%s)",GNet_getVType(net)); data/tkgate-2.1+repack/src/tkgate/object.c:1005:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(d,s); data/tkgate-2.1+repack/src/tkgate/paux.c:294:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf,s+1); data/tkgate-2.1+repack/src/tkgate/primitives.c:60:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path,"%s/primitives/%s.v",TkGate.homedir,name); data/tkgate-2.1+repack/src/tkgate/primitives.c:390:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(primParm->pp_specs[primParm->pp_size].pps_name,name); data/tkgate-2.1+repack/src/tkgate/primitives.c:412:3: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. vsprintf(PrimParm_get(primParm,name),fmt,ap); data/tkgate-2.1+repack/src/tkgate/primitives.c:418:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(PrimParm_get(primParm,name),isInv ? "~" : ""); data/tkgate-2.1+repack/src/tkgate/primitives.c:423:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(PrimParm_get(primParm,name),bitrangeSpec(rangeMax)); data/tkgate-2.1+repack/src/tkgate/print.c:681:20: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (!(P->p_f = popen(PO->po_cmd,"w"))) { data/tkgate-2.1+repack/src/tkgate/scope.c:904:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%0.0f%s",base_f,SimInterface_unitsToStr(units)); data/tkgate-2.1+repack/src/tkgate/scope.c:907:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%0.1f%s",base_f,SimInterface_unitsToStr(units)); data/tkgate-2.1+repack/src/tkgate/scope.c:910:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%0.2f%s",base_f,SimInterface_unitsToStr(units)); data/tkgate-2.1+repack/src/tkgate/scope.c:913:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%0.3f%s",base_f,SimInterface_unitsToStr(units)); data/tkgate-2.1+repack/src/tkgate/scope.c:1011:7: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(buf,format,tick); data/tkgate-2.1+repack/src/tkgate/search.c:277:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%s %s %s@%d.%ld",modName,typeName,objName,lineNo,(p-text)); data/tkgate-2.1+repack/src/tkgate/search.c:279:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%s %s %s",modName,typeName,objName); data/tkgate-2.1+repack/src/tkgate/search.c:366:7: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. if (sscanf(spec,"%s %s %[^ \t@]",modName,typeName,objName) == 3) { data/tkgate-2.1+repack/src/tkgate/selection.c:705:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(cbm->m_text, Tcl_GetStringResult(TkGate.tcl)); data/tkgate-2.1+repack/src/tkgate/simulate.c:230:3: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. vsprintf(buf,fmt,ap); data/tkgate-2.1+repack/src/tkgate/simulate.c:284:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf,name); data/tkgate-2.1+repack/src/tkgate/simulate.c:312:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf,name); data/tkgate-2.1+repack/src/tkgate/simulate.c:340:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf,path); data/tkgate-2.1+repack/src/tkgate/simulate.c:384:16: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. return s + sprintf(s,"<%s>",M->mod->m_name); data/tkgate-2.1+repack/src/tkgate/simulate.c:388:14: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. return s + sprintf(s,"/%s<%s>",M->inst->ename,M->mod->m_name); data/tkgate-2.1+repack/src/tkgate/simulate.c:394:16: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. return s + sprintf(s,"%s.",M->mod->m_name); data/tkgate-2.1+repack/src/tkgate/simulate.c:398:14: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. return s + sprintf(s,"%s.",M->inst->ename); data/tkgate-2.1+repack/src/tkgate/simulate.c:406:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(s,n->n_signame); data/tkgate-2.1+repack/src/tkgate/simulate.c:419:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(s,g->ename); data/tkgate-2.1+repack/src/tkgate/simulate.c:494:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf,name); data/tkgate-2.1+repack/src/tkgate/simulate.c:540:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf,name); data/tkgate-2.1+repack/src/tkgate/simulate.c:972:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(nend,".%s",g->ename); data/tkgate-2.1+repack/src/tkgate/simulate.c:981:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(nend,".%s",cM->inst->ename); data/tkgate-2.1+repack/src/tkgate/simulate.c:995:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(nend,".%s",g->ename); data/tkgate-2.1+repack/src/tkgate/simulate.c:1003:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(nend,".%s",cM->inst->ename); data/tkgate-2.1+repack/src/tkgate/simulate.c:1013:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(name,"%s",si->sim_root->mod->m_name); data/tkgate-2.1+repack/src/tkgate/simulate.c:1021:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(name,"%s",si->sim_root->mod->m_name); data/tkgate-2.1+repack/src/tkgate/simulate.c:1128:9: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. if (sscanf(cmd,"%s",cmdName) != 1) return -1; data/tkgate-2.1+repack/src/tkgate/simulate.c:1156:7: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. if (sscanf(msg,"%*s %s %[^\n]",etype,text) != 2) data/tkgate-2.1+repack/src/tkgate/simulate.c:1163:9: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. if (sscanf(text,"%s : %[^\n]",timeStr,msg) == 2) { data/tkgate-2.1+repack/src/tkgate/simulate.c:1166:12: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. p += sprintf(p,msgLookup("err.sim.run"), timeStr); data/tkgate-2.1+repack/src/tkgate/simulate.c:1167:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(p," %s",msg); data/tkgate-2.1+repack/src/tkgate/simulate.c:1174:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%s: %s",msgLookup("err.sim.cmd"),text); data/tkgate-2.1+repack/src/tkgate/simulate.c:1178:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"Unknown Error Type: %s",text); data/tkgate-2.1+repack/src/tkgate/simulate.c:1375:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path,"/<%s>",GModuleDef_getName(TkGate.circuit->root_mod)); data/tkgate-2.1+repack/src/tkgate/simulate.c:1380:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(p,"/%s<%s>",mpath[i]->ename,GModuleDef_getName(pathMod)); data/tkgate-2.1+repack/src/tkgate/simulate.c:1427:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(pathbuf,path); data/tkgate-2.1+repack/src/tkgate/simulate.c:1483:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%g%s",n,SimInterface_unitsToStr(units)); data/tkgate-2.1+repack/src/tkgate/simulate.c:1542:14: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(C,"ok %d %s / %d %s",&a1,buf,&a2,buf2) == 4) { /* Simulator loaded file and is ready to go */ data/tkgate-2.1+repack/src/tkgate/simulate.c:1553:14: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(C," showprobe %s %d", buf, &a1) == 2) { /* Probe set from script */ data/tkgate-2.1+repack/src/tkgate/simulate.c:1555:14: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(C," hideprobe %s", buf) == 1) { /* Probe hidden from script */ data/tkgate-2.1+repack/src/tkgate/simulate.c:1557:14: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(C," valueof %s %s @ %llu", /* The value of a net has changed */ data/tkgate-2.1+repack/src/tkgate/simulate.c:1563:14: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(C," tell $queue %s %s @ %llu",buf,buf2,&t) == 3) { /* The value of a net has been requested */ data/tkgate-2.1+repack/src/tkgate/simulate.c:1565:14: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(C," tell $show %s %s",buf,buf2) == 2) { /* The value of a net has been requested */ data/tkgate-2.1+repack/src/tkgate/simulate.c:1566:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf3,"%s=%s",buf,buf2); data/tkgate-2.1+repack/src/tkgate/simulate.c:1569:14: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(C," tell $led:%s %s %s @ %llu",buf3,buf,buf2,&t) == 4) { /* Set value of an led */ data/tkgate-2.1+repack/src/tkgate/simulate.c:1571:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buf,buf3); data/tkgate-2.1+repack/src/tkgate/simulate.c:1573:14: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(C," tell $switch:%s %*s %s @ %llu",buf,buf2,&t) == 3) { /* Set value of an switch */ data/tkgate-2.1+repack/src/tkgate/simulate.c:1575:14: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(C," netdelay %s %d %d",buf,&a1,&a2) == 3) { /* Net delay values */ data/tkgate-2.1+repack/src/tkgate/simulate.c:1584:14: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(C," badscript %s",buf) == 1) { /* Report breakpoint/script syntax error */ data/tkgate-2.1+repack/src/tkgate/simulate.c:1591:14: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(C," endscript %s",buf) == 1) { /* Report script termination */ data/tkgate-2.1+repack/src/tkgate/simulate.c:1594:14: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(C," break %d %s",&a1,buf) == 2) { /* Simulator hit a breakpoint */ data/tkgate-2.1+repack/src/tkgate/simulate.c:1627:14: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(C," netinfo %s %*s [%u:%u] [%u:%u]",buf,&u1,&u2,&u3,&u4) == 5) { /* */ data/tkgate-2.1+repack/src/tkgate/simulate.c:1629:14: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(C," memory %s %u : %[^\n]",buf,&u1,buf2) == 3) { /* */ data/tkgate-2.1+repack/src/tkgate/simulate.c:1631:14: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(C," memory-addr %s %u %s %s @ %llu",buf,&u1,buf2,buf3,&t) == 5) { /* */ data/tkgate-2.1+repack/src/tkgate/simulate.c:1637:14: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(C," warning %s",buf) == 1) { /* An error in a simulator input file. */ data/tkgate-2.1+repack/src/tkgate/simulate.c:1639:14: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(C," error %s",buf) == 1) { /* An error in a simulator input file. */ data/tkgate-2.1+repack/src/tkgate/simulate.c:1641:14: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(C," scripterror %s %s %s : %[^\n]",buf,buf2,buf3,buf4) == 4) { /* An error in a script file. */ data/tkgate-2.1+repack/src/tkgate/simulate.c:1644:14: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(C," embeddedscript begin %s %u",buf,&u1) == 2) { /* Beginning of an embedded script. */ data/tkgate-2.1+repack/src/tkgate/simulate.c:1646:14: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(C," embeddedscript end %s %u",buf,&u1) == 2) { /* End of an embedded script. */ data/tkgate-2.1+repack/src/tkgate/switch.c:198:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(compositeName,"%s[%s]",g->ename,netName); data/tkgate-2.1+repack/src/tkgate/switch.c:200:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(compositeName,"[%s]",netName); data/tkgate-2.1+repack/src/tkgate/switch.c:203:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(compositeName,"%s",g->ename); data/tkgate-2.1+repack/src/tkgate/tclfuncs.c:707:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(printerList + C," {%s \"%s\"}",shortName,longName); data/tkgate-2.1+repack/src/tkgate/tclfuncs.c:775:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(res,"argument error argv[1]=<%s>",argv[1]); data/tkgate-2.1+repack/src/tkgate/tclfuncs.c:1159:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"module %s;\n\nendmodule\n",M->m_name); data/tkgate-2.1+repack/src/tkgate/tclfuncs.c:1707:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf,argv[1]); data/tkgate-2.1+repack/src/tkgate/tclfuncs.c:2148:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(res,"%llu %llu %llu %lf %s %llu %llu", data/tkgate-2.1+repack/src/tkgate/tclfuncs.c:2172:7: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf(argv[i+1],"%s",paper); data/tkgate-2.1+repack/src/tkgate/tclfuncs.c:2252:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"\"%s\" %s",quoteChars(buf2,l->l_name,TCL_SPECIALCHARS),l->l_code); data/tkgate-2.1+repack/src/tkgate/tclfuncs.c:3346:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buf,argv[1]); data/tkgate-2.1+repack/src/tkgate/tkgate.c:118:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%s/site-preferences",path); data/tkgate-2.1+repack/src/tkgate/tkgate.c:122:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%s/locale/en/messages",path); data/tkgate-2.1+repack/src/tkgate/tkgate.c:126:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%s/locale/en/tutorials/welcome.v",path); data/tkgate-2.1+repack/src/tkgate/tkgate.c:161:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(homeDir,trydirs[i]); data/tkgate-2.1+repack/src/tkgate/tkgate.c:372:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%s/site-preferences",TkGate.homedir); data/tkgate-2.1+repack/src/tkgate/tkgate.c:397:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%s/.tkgate2-preferences",p); data/tkgate-2.1+repack/src/tkgate/tkgate.c:417:13: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(buf,"Option::value printPgOrient %s",str) == 1) { data/tkgate-2.1+repack/src/tkgate/tkgate.c:419:13: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(buf,"Option::value printStyle %s",str) == 1) { data/tkgate-2.1+repack/src/tkgate/tkgate.c:421:13: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(buf,"Option::value printDuplex %s",str) == 1) { data/tkgate-2.1+repack/src/tkgate/tkgate.c:423:13: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(buf,"Option::value printIndex %s",str) == 1) { data/tkgate-2.1+repack/src/tkgate/tkgate.c:425:13: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(buf,"Option::value printGraph %s",str) == 1) { data/tkgate-2.1+repack/src/tkgate/tkgate.c:492:9: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. if (sscanf(p,"%[^=]=%s",name,sval) == 2) { data/tkgate-2.1+repack/src/tkgate/tkgate.c:592:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"TKGATE_LANG=%s",lang); data/tkgate-2.1+repack/src/tkgate/tkgate.c:598:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"LC_ALL=%s",lang); data/tkgate-2.1+repack/src/tkgate/tkgate.c:601:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"LC_CTYPE=%s",lang); data/tkgate-2.1+repack/src/tkgate/tkgate.c:604:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"LANG=%s",lang); data/tkgate-2.1+repack/src/tkgate/tkgate.c:674:4: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(print_options,optarg); data/tkgate-2.1+repack/src/tkgate/tkgate.c:732:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf,pw->pw_gecos); data/tkgate-2.1+repack/src/tkgate/tkgate.c:770:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf,p); data/tkgate-2.1+repack/src/tkgate/tkgate.c:890:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%s/locale/%s/tutorials",TkGate.homedir,lang); data/tkgate-2.1+repack/src/tkgate/tkgate.c:892:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%s/locale/en/tutorials",TkGate.homedir); data/tkgate-2.1+repack/src/tkgate/tkgate.c:903:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%s/locale/%s/examples",TkGate.homedir,lang); data/tkgate-2.1+repack/src/tkgate/tkgate.c:905:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%s/locale/en/examples",TkGate.homedir); data/tkgate-2.1+repack/src/tkgate/tkgate.c:962:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(rpath, ipath); data/tkgate-2.1+repack/src/tkgate/tkgate.c:968:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(rpath,"%s/%s",cwd,ipath); data/tkgate-2.1+repack/src/tkgate/tkgate_misc.h:242:39: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define debugprint(m) {if (debugmode) printf(m);} data/tkgate-2.1+repack/src/tkgate/tkgatewin.c:1104:3: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. vsprintf(buf,str,ap); data/tkgate-2.1+repack/src/tkgate/tkgatewin.c:1314:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(checkPointFile,fileName); data/tkgate-2.1+repack/src/tkgate/tkgatewin.c:1344:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(q,"#%s#",p); data/tkgate-2.1+repack/src/tkgate/traceprint.c:212:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%0.0f%s",n,SimInterface_unitsToStr(units)); data/tkgate-2.1+repack/src/tkgate/traceprint.c:215:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%0.1f%s",n,SimInterface_unitsToStr(units)); data/tkgate-2.1+repack/src/tkgate/traceprint.c:218:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%0.2f%s",n,SimInterface_unitsToStr(units)); data/tkgate-2.1+repack/src/tkgate/traceprint.c:221:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%0.3f%s",n,SimInterface_unitsToStr(units)); data/tkgate-2.1+repack/src/tkgate/verify.c:54:5: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vprintf(msg,ap); data/tkgate-2.1+repack/src/tkgate/verilog_in.c:311:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf1,name); data/tkgate-2.1+repack/src/tkgate/verilog_in.c:391:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(fileName,name); data/tkgate-2.1+repack/src/tkgate/verilog_in.c:392:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(libraryName,name); data/tkgate-2.1+repack/src/tkgate/verilog_in.c:478:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"tkg_verilogErr %s \"Line %d, ",ycFileName,ycLineNumber); data/tkgate-2.1+repack/src/tkgate/verilog_in.c:479:5: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. vsprintf(buf+strlen(buf),err,ap); data/tkgate-2.1+repack/src/tkgate/verilog_in.c:485:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%s,%d: ",ycFileName,ycLineNumber); data/tkgate-2.1+repack/src/tkgate/verilog_in.c:486:7: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. vsprintf(buf+strlen(buf),err,ap); data/tkgate-2.1+repack/src/tkgate/verilog_in.c:723:9: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. if (sscanf(value,"%lf %s",&c->c_startup,units) != 2 data/tkgate-2.1+repack/src/tkgate/verilog_in.c:739:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(TkGate.defaultTech,(char*)value); data/tkgate-2.1+repack/src/tkgate/verilog_in.c:874:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cur.icon.p += sprintf(cur.icon.p,"%s\n",data); data/tkgate-2.1+repack/src/tkgate/verilog_in.c:1040:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p = buf + sprintf(buf,"%s = ",name); data/tkgate-2.1+repack/src/tkgate/verilog_in.c:1063:10: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p,"module %s",cur.mod->m_name); data/tkgate-2.1+repack/src/tkgate/verilog_in.c:1074:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p,"%s",name); data/tkgate-2.1+repack/src/tkgate/verilog_in.c:1089:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p,"%s",name); data/tkgate-2.1+repack/src/tkgate/verilog_in.c:1381:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(cur.mod->m_text+mlen,"%s\n",text); data/tkgate-2.1+repack/src/tkgate/verilog_in.c:1466:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(funcx,func); data/tkgate-2.1+repack/src/tkgate/verilog_in.c:1474:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(cur.invSpec,gcs.gc_invSpec); data/tkgate-2.1+repack/src/tkgate/verilog_in.c:1757:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf,value); data/tkgate-2.1+repack/src/tkgate/verilog_in.c:1855:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(pn,pspec); data/tkgate-2.1+repack/src/tkgate/verilog_in.c:2080:7: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. if (sscanf(dtext, "`timescale %d %[^/ \t] / %d %s", &n1, u1, &n2, u2) == 4) { data/tkgate-2.1+repack/src/tkgate/verilog_out.c:892:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(cmd,"xemacs %s",name); data/tkgate-2.1+repack/src/tkgate/verilog_out.c:893:3: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system(cmd); data/tkgate-2.1+repack/src/tkgate/verilog_out.c:898:5: [4] (shell) execl: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execl(cmd,cmd,"-Vq",name,(char*)NULL); data/tkgate-2.1+repack/src/tkgate/verilog_out.c:966:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dirName, name); data/tkgate-2.1+repack/src/tkgate/verilog_out.c:1049:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf,name); data/tkgate-2.1+repack/src/tkgate/verilog_out.c:1062:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(tempName1,"%s#save-%d#",name,getpid()); data/tkgate-2.1+repack/src/tkgate/verilog_out.c:1063:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(tempName2,"%s#backup-%d#",name,getpid()); data/tkgate-2.1+repack/src/tools/msgdiff.c:131:11: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. if (sscanf(buf,"\\font-encoding %s",tag) == 1) { data/tkgate-2.1+repack/src/tools/msgdiff.c:133:18: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(buf,"\\%s",tag) == 1) { data/tkgate-2.1+repack/src/tools/msgdiff.c:135:18: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(buf,"%s %[^\n]",tag,msg) == 2 && *tag != '#') { data/tkgate-2.1+repack/src/tools/msgdiff.c:245:4: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(em->m_str, nm->m_str); data/tkgate-2.1+repack/src/tools/msgdiff.c:279:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(em->m_str, nm->m_str); data/tkgate-2.1+repack/src/tools/msgdiff.c:303:9: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. if (sscanf(buf,"\\font-encoding %s",tag) == 1) { data/tkgate-2.1+repack/src/tools/msgdiff.c:306:16: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(buf,"\\%s",tag) == 1) { data/tkgate-2.1+repack/src/tools/msgdiff.c:309:16: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(buf,"%s %[^\n]",tag,msg) == 2 && *tag != '#') { data/tkgate-2.1+repack/src/tools/mvtag.c:39:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(readFile,"locale/%s/messages",lang); data/tkgate-2.1+repack/src/tools/mvtag.c:40:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(bakFile,"locale/%s/messages.bak",lang); data/tkgate-2.1+repack/src/tools/mvtag.c:41:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(tmpFile,"locale/%s/messages.tmp",lang); data/tkgate-2.1+repack/src/tools/mvtag.c:51:9: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. if (sscanf(line,"%s",tag) == 1 && *tag != '#' && *tag != '\\') { data/tkgate-2.1+repack/src/tools/mvtag.c:83:9: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. if (sscanf(line,"%s %s",fromTag,toTag) == 2) data/tkgate-2.1+repack/src/verga/bytecode.c:449:10: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p," %s",Net_getName(n)); data/tkgate-2.1+repack/src/verga/bytecode.c:497:10: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p," %s",Net_getName(n)); data/tkgate-2.1+repack/src/verga/bytecode.c:1295:3: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. vsprintf(buf,msg,ap); data/tkgate-2.1+repack/src/verga/circuit.c:58:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(path,s->s_path); data/tkgate-2.1+repack/src/verga/circuit.c:237:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%s.%s",scope->s_path,nd->n_name); data/tkgate-2.1+repack/src/verga/circuit.c:572:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(pathTail,".%s", mid->mii_instName); data/tkgate-2.1+repack/src/verga/circuit.c:882:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(path,m->m_name); data/tkgate-2.1+repack/src/verga/circuit.c:941:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(scriptRootName,"%%script%d",count++); data/tkgate-2.1+repack/src/verga/circuit.c:1006:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(instname,n->n_name); data/tkgate-2.1+repack/src/verga/circuit.c:1015:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%s.%s",ModuleDecl_getName(m->mc_mod),localName); data/tkgate-2.1+repack/src/verga/circuit.c:1118:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(fullName,"%s.%s",c->c_root->mc_path,name); data/tkgate-2.1+repack/src/verga/circuit.c:1239:16: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(buf," @ memory %s",name) == 1 || sscanf(buf," memory %s",name) == 1) { data/tkgate-2.1+repack/src/verga/circuit.c:1239:56: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(buf," @ memory %s",name) == 1 || sscanf(buf," memory %s",name) == 1) { data/tkgate-2.1+repack/src/verga/circuit.c:1250:16: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(buf," %s",name) == 1 && *name == '#') { data/tkgate-2.1+repack/src/verga/circuit.c:1252:16: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(buf," %s",name) <= 0) { data/tkgate-2.1+repack/src/verga/commands.c:412:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(key, "$probe:%s", netName); data/tkgate-2.1+repack/src/verga/commands.c:416:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(key, "%s:%s", who, netName); data/tkgate-2.1+repack/src/verga/commands.c:458:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(key, "$probe:%s",argv[1]); data/tkgate-2.1+repack/src/verga/commands.c:462:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(key, "%s:%s",who,argv[1]); data/tkgate-2.1+repack/src/verga/directive.c:74:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(units,unitCodes[numUnitCodes-1-index]); data/tkgate-2.1+repack/src/verga/directive.c:170:7: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. if (sscanf(directive," `%s",name) != 1) return -1; data/tkgate-2.1+repack/src/verga/directive.c:172:7: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. if (sscanf(directive," `define %s %[^\n]",b1,b2) == 2) { data/tkgate-2.1+repack/src/verga/directive.c:174:14: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(directive," `timescale %d %[^/ \t] / %d %s",&n1,b1,&n2,b2) == 4) { data/tkgate-2.1+repack/src/verga/directive.c:176:14: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(directive," `ifdef %s",b1) == 1) { data/tkgate-2.1+repack/src/verga/directive.c:178:14: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(directive," `ifndef %s",b1) == 1) { data/tkgate-2.1+repack/src/verga/directive.c:180:14: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(directive," `elseif %s",b1) == 1) { data/tkgate-2.1+repack/src/verga/error.c:448:12: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. s += sprintf(s, "\"%s\"",p->p_fileName); data/tkgate-2.1+repack/src/verga/error.c:458:12: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. s += sprintf(s, "[%s]",(p->p_moduleName ? p->p_moduleName : "-")); data/tkgate-2.1+repack/src/verga/error.c:466:10: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. s += sprintf(s,"%s file",etype); data/tkgate-2.1+repack/src/verga/error.c:468:12: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. s += sprintf(s, " %s",p->p_fileName); data/tkgate-2.1+repack/src/verga/error.c:472:12: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. s += sprintf(s, " %s",(p->p_moduleName ? p->p_moduleName : "-")); data/tkgate-2.1+repack/src/verga/error.c:476:12: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. s += sprintf(s," %s",p->p_mitem->mi_inst.mii_instName); data/tkgate-2.1+repack/src/verga/error.c:481:12: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. s += sprintf(s," %s",netName); data/tkgate-2.1+repack/src/verga/error.c:603:10: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p,"`%s",ed->ed_tag); data/tkgate-2.1+repack/src/verga/error.c:611:12: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. return vsprintf(p,ed->ed_text,ap); data/tkgate-2.1+repack/src/verga/error.c:665:10: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p,"%s command ",errLevelText[ed->ed_level]); data/tkgate-2.1+repack/src/verga/error.c:667:10: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p,"Command %s: ",errLevelTextCap[ed->ed_level]); data/tkgate-2.1+repack/src/verga/error.c:697:10: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p,"%s run %llu : ",errLevelText[ed->ed_level],curTime); data/tkgate-2.1+repack/src/verga/error.c:699:10: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p,"Runtime %s at %llu: ",errLevelTextCap[ed->ed_level],curTime); data/tkgate-2.1+repack/src/verga/error.c:729:10: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p,"scripterror %s %s %d : ",current_script,place->p_fileName,place->p_lineNo+1); data/tkgate-2.1+repack/src/verga/expr.c:46:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf, lastExprError); data/tkgate-2.1+repack/src/verga/expr.c:436:10: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p,"%s",Expr_getLitName(e)); data/tkgate-2.1+repack/src/verga/expr.c:504:12: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p,"%s",od->od_text); data/tkgate-2.1+repack/src/verga/expr.c:506:12: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p," %s ",od->od_text); data/tkgate-2.1+repack/src/verga/expr.c:517:12: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p,"%s",strend(od->od_text)+1); data/tkgate-2.1+repack/src/verga/expr.c:519:12: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p," %s ",strend(od->od_text)+1); data/tkgate-2.1+repack/src/verga/io.c:64:10: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p,"%s",prefix); data/tkgate-2.1+repack/src/verga/io.c:68:3: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. vsprintf(p,fmt,ap); data/tkgate-2.1+repack/src/verga/memory.c:286:9: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. if (sscanf(line,"%s",buf) == 1 && *buf != '#') { data/tkgate-2.1+repack/src/verga/memory.c:486:16: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(buf,"s %x %s",&addr,val)) { data/tkgate-2.1+repack/src/verga/memory.c:489:16: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(buf,"l %s",val)) { data/tkgate-2.1+repack/src/verga/memory.c:491:16: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(buf,"d %s",val)) { data/tkgate-2.1+repack/src/verga/memory.h:69:14: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. unsigned access; /* Last accessed address */ data/tkgate-2.1+repack/src/verga/module.c:124:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(tempName,"%s.%s",s->s_path,name); data/tkgate-2.1+repack/src/verga/module.c:759:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(fullName,"%s.%s",mc->mc_path,name); data/tkgate-2.1+repack/src/verga/pathmod.c:141:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(name,"%s.%s",port_scope->s_path,NetDecl_getName(nd)); data/tkgate-2.1+repack/src/verga/pathmod.c:142:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(localName,"%s",NetDecl_getName(nd)); data/tkgate-2.1+repack/src/verga/pathmod.c:144:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(name,"%s.%s$%s",port_scope->s_path,outName,NetDecl_getName(nd)); data/tkgate-2.1+repack/src/verga/pathmod.c:145:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(localName,"%s$%s",outName,NetDecl_getName(nd)); data/tkgate-2.1+repack/src/verga/paux.c:261:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(yylval.S,"'d%s",S); data/tkgate-2.1+repack/src/verga/systask.c:245:12: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return sprintf(p,format,thigh,tlow); data/tkgate-2.1+repack/src/verga/systask.c:292:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p,"%s",path); data/tkgate-2.1+repack/src/verga/systask.c:298:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p,"%s",path); data/tkgate-2.1+repack/src/verga/systask.c:558:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(key, "%s:%s",who,Net_getName(taskContext->tc_nets[i])); data/tkgate-2.1+repack/src/verga/systask.c:560:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(key, "$probe:%s",Net_getName(taskContext->tc_nets[i])); data/tkgate-2.1+repack/src/verga/systask.c:608:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(key, "%s:%s",who,Net_getName(taskContext->tc_nets[i])); data/tkgate-2.1+repack/src/verga/systask.c:610:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(key, "$probe:%s",Net_getName(taskContext->tc_nets[i])); data/tkgate-2.1+repack/src/verga/systask.c:1531:8: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p,"%s(",name); data/tkgate-2.1+repack/src/verga/systask.c:1577:8: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. p += sprintf(p,"%s(",name); data/tkgate-2.1+repack/src/verga/task.c:62:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path,"%s.%s", Scope_getPath(scope), UserTask_getName(ut)); data/tkgate-2.1+repack/src/verga/task.c:261:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path,"%s.%s$%d", Scope_getPath(parent_scope), UserTask_getName(ut),index++); data/tkgate-2.1+repack/src/verga/thyme.c:151:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf,r); data/tkgate-2.1+repack/src/verga/thyme.c:154:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(r+1,name); data/tkgate-2.1+repack/src/verga/thyme.c:170:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf,r); data/tkgate-2.1+repack/src/verga/thyme.c:172:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buf,name); data/tkgate-2.1+repack/src/verga/thyme.c:417:9: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. if (sscanf(initTimeSpec,"%lf%s",&n,units) == 2 && n >= 0) { data/tkgate-2.1+repack/src/verga/verilog.c:739:7: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. if (sscanf(tag,"//: /netlistBegin %s",name) == 1) { data/tkgate-2.1+repack/src/verga/verilog.c:740:14: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(tag,"//: /hdlBegin %s",name) == 1) { data/tkgate-2.1+repack/src/verga/verilog.c:741:14: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. } else if (sscanf(tag,"//: /builtinBegin %s",name) == 1) { data/tkgate-2.1+repack/src/gmac/gmac.c:891:17: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((c = getopt(argc,argv,"go:m:")) != EOF) { data/tkgate-2.1+repack/src/tkgate/error.c:378:11: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. which = random() & 63; data/tkgate-2.1+repack/src/tkgate/locale.c:193:9: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. p = getenv("TKGATE_LANG"); data/tkgate-2.1+repack/src/tkgate/locale.c:194:24: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if (!p || !*p) p = getenv("LC_ALL"); data/tkgate-2.1+repack/src/tkgate/locale.c:195:24: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if (!p || !*p) p = getenv("LC_MESSAGES"); data/tkgate-2.1+repack/src/tkgate/locale.c:196:24: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if (!p || !*p) p = getenv("LANG"); data/tkgate-2.1+repack/src/tkgate/main.c:81:8: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if (!getenv("TCL_LIBRARY")) putenv("TCL_LIBRARY=" TCL_LIBRARY); data/tkgate-2.1+repack/src/tkgate/main.c:84:8: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if (!getenv("TK_LIBRARY")) putenv("TK_LIBRARY=" TK_LIBRARY); data/tkgate-2.1+repack/src/tkgate/print.c:908:20: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. int recipe_pos = random() % 15; data/tkgate-2.1+repack/src/tkgate/print.c:968:10: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. r_idx = random() % recipe_count; data/tkgate-2.1+repack/src/tkgate/tkgate.c:154:16: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. trydirs[0] = getenv("TKGATE_HOME"); data/tkgate-2.1+repack/src/tkgate/tkgate.c:393:7: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. p = getenv("HOME"); data/tkgate-2.1+repack/src/tkgate/tkgate.c:400:26: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. const char *lang = getenv("LANG"); data/tkgate-2.1+repack/src/tkgate/tkgate.c:634:13: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. lib_env = getenv("TKGATE_LIBS"); data/tkgate-2.1+repack/src/tkgate/tkgate.c:649:17: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((c = getopt(argc,(char**)argv,"vVAhdxqsnX:L:p:P:O:H:")) != EOF) { data/tkgate-2.1+repack/src/verga/systask.c:1038:22: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. Value_convertI(r,random()); data/tkgate-2.1+repack/src/verga/thyme.c:169:12: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if ((r = getenv("HOME"))) { data/tkgate-2.1+repack/src/verga/thyme.c:507:17: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((c = getopt(argc,argv,"eslqid:S:P:t:B:D:W:I:V:")) != EOF) { data/tkgate-2.1+repack/src/common/misc.c:66:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/tkgate-2.1+repack/src/common/misc.c:76:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "unknown"); data/tkgate-2.1+repack/src/common/misc.c:279:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[32]; data/tkgate-2.1+repack/src/common/misc.c:282:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " [%d:0]", n - 1); data/tkgate-2.1+repack/src/common/misc.h:82:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[32]; /* String version of version number */ data/tkgate-2.1+repack/src/common/ycmalloc.c:155:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/tkgate-2.1+repack/src/gmac/gmac.c:925:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!(f = fopen(outf,"w"))) { data/tkgate-2.1+repack/src/gmac/gmac.c:937:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!(f = fopen(mapFile,"w"))) { data/tkgate-2.1+repack/src/gmac/parser.c:36:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ycFileName[1024]; data/tkgate-2.1+repack/src/gmac/parser.c:348:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/tkgate-2.1+repack/src/gmac/parser.c:368:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/tkgate-2.1+repack/src/gmac/parser.c:416:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/tkgate-2.1+repack/src/gmac/parser.c:603:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!(f = fopen(fileName,"r"))) { data/tkgate-2.1+repack/src/tkgate/ascii.c:54:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/tkgate-2.1+repack/src/tkgate/ascii.c:131:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/ascii.c:170:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/ascii.c:269:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/tkgate-2.1+repack/src/tkgate/ascii.c:287:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/tkgate-2.1+repack/src/tkgate/ascii.c:304:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[STRMAX]; data/tkgate-2.1+repack/src/tkgate/block.c:559:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char B[STRMAX]; data/tkgate-2.1+repack/src/tkgate/block.c:789:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char B[STRMAX]; data/tkgate-2.1+repack/src/tkgate/block.c:858:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/block.c:899:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/block.c:921:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[STRMAX]; data/tkgate-2.1+repack/src/tkgate/block.c:1123:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf,"I0"); data/tkgate-2.1+repack/src/tkgate/block.c:1126:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf,"IO0"); data/tkgate-2.1+repack/src/tkgate/block.c:1130:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf,"Z0"); data/tkgate-2.1+repack/src/tkgate/block.c:1143:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char Buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/block.c:1169:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(Buf,"%d",w->net->n_nbits); data/tkgate-2.1+repack/src/tkgate/block.c:1546:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/block.c:1548:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"%d",*nbits); data/tkgate-2.1+repack/src/tkgate/block.c:1584:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char portName[STRMAX]; data/tkgate-2.1+repack/src/tkgate/block.c:1798:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char B[STRMAX]; data/tkgate-2.1+repack/src/tkgate/block.c:1933:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/breakpoint.c:90:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fileName[STRMAX]; data/tkgate-2.1+repack/src/tkgate/breakpoint.c:91:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char expression[STRMAX]; data/tkgate-2.1+repack/src/tkgate/breakpoint.c:138:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(fileName,"w"); data/tkgate-2.1+repack/src/tkgate/breakpoint.c:290:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s_id[STRMAX]; data/tkgate-2.1+repack/src/tkgate/breakpoint.c:296:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(s_id,"%d",id); data/tkgate-2.1+repack/src/tkgate/breakpoint.c:378:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char id_str[STRMAX], state_str[STRMAX]; data/tkgate-2.1+repack/src/tkgate/breakpoint.c:381:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(id_str,"%d",bplist[i]->bp_id); data/tkgate-2.1+repack/src/tkgate/breakpoint.c:390:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(state_str,"%d",state); data/tkgate-2.1+repack/src/tkgate/circuit.c:45:16: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. if (units) strcpy(units,"ns"); data/tkgate-2.1+repack/src/tkgate/circuit.c:98:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char u1[STRMAX],u2[STRMAX]; data/tkgate-2.1+repack/src/tkgate/circuit.c:451:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *names[Hash_numElems(TkGate.libraries)+1]; data/tkgate-2.1+repack/src/tkgate/circuit.c:496:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char label[STRMAX]; data/tkgate-2.1+repack/src/tkgate/clock.c:148:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char b[STRMAX]; data/tkgate-2.1+repack/src/tkgate/clock.c:159:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(b,"f=%d ",g->u.clock.omega); data/tkgate-2.1+repack/src/tkgate/clock.c:162:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(b,"p=%d ",g->u.clock.phi); data/tkgate-2.1+repack/src/tkgate/clock.c:165:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(b,"dw=%d ",g->u.clock.duty); data/tkgate-2.1+repack/src/tkgate/comment.c:142:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tag[STRMAX],name[STRMAX]; data/tkgate-2.1+repack/src/tkgate/comment.c:451:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX],buf2[STRMAX]; data/tkgate-2.1+repack/src/tkgate/comment.c:469:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX],pos[64]; data/tkgate-2.1+repack/src/tkgate/comment.c:478:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(pos,"%d",n++); data/tkgate-2.1+repack/src/tkgate/comment.c:482:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"%d",n); data/tkgate-2.1+repack/src/tkgate/comment.c:495:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"%d",i); data/tkgate-2.1+repack/src/tkgate/comment.c:521:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/concat.c:366:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/concat.c:369:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"%d",lsb); data/tkgate-2.1+repack/src/tkgate/concat.c:371:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"%d:%d",lsb+w->net->n_nbits-1,lsb); data/tkgate-2.1+repack/src/tkgate/concat.c:649:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/concat.c:683:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"%d",lsb); data/tkgate-2.1+repack/src/tkgate/concat.c:685:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"%d:%d",lsb+wire_nbits[ncount]-1,lsb); data/tkgate-2.1+repack/src/tkgate/concat.c:694:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"%d",msb); data/tkgate-2.1+repack/src/tkgate/concat.c:696:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"%d:%d",msb,msb-wire_nbits[ncount]+1); data/tkgate-2.1+repack/src/tkgate/cpath.c:172:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/cpath.c:306:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char modPath[STRMAX]; data/tkgate-2.1+repack/src/tkgate/cpath.c:319:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char port1[STRMAX],netName[STRMAX],port2[STRMAX]; data/tkgate-2.1+repack/src/tkgate/cpath.c:397:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX],buf2[STRMAX]; data/tkgate-2.1+repack/src/tkgate/cpath.c:447:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tempName[STRMAX]; data/tkgate-2.1+repack/src/tkgate/cpath.c:650:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/decoder.c:291:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/decoder.c:322:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char n[STRMAX]; data/tkgate-2.1+repack/src/tkgate/decoder.c:332:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(n,"%d",i); data/tkgate-2.1+repack/src/tkgate/decoder.c:518:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(s,"%d'b",multiPad); data/tkgate-2.1+repack/src/tkgate/decoder.c:523:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(s," ^"); data/tkgate-2.1+repack/src/tkgate/delay.c:121:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!(f = fopen(file_name,"r"))) { data/tkgate-2.1+repack/src/tkgate/delay.h:28:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *dd_names[MAXDELAYS]; /* Names of delay parameters */ data/tkgate-2.1+repack/src/tkgate/demux.c:302:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/demux.c:333:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char n[STRMAX]; data/tkgate-2.1+repack/src/tkgate/demux.c:343:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(n,"%d",i); data/tkgate-2.1+repack/src/tkgate/demux.c:514:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(s,"%d'b",multiPad); data/tkgate-2.1+repack/src/tkgate/demux.c:519:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(s," ^"); data/tkgate-2.1+repack/src/tkgate/dip.c:140:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[STRMAX]; data/tkgate-2.1+repack/src/tkgate/dip.c:141:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char compositeName[STRMAX]; data/tkgate-2.1+repack/src/tkgate/dip.c:160:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(s,"%x",dipValue & mask); data/tkgate-2.1+repack/src/tkgate/edit.c:851:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"NetID: *null*\n"); data/tkgate-2.1+repack/src/tkgate/edit.c:857:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p," Bits: %d Refs: %d",net->n_nbits,net->n_refs); data/tkgate-2.1+repack/src/tkgate/edit.c:859:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p," Finalized: ok\n"); data/tkgate-2.1+repack/src/tkgate/edit.c:861:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p," Finalized: %d/%d\n",net->n_wnum,net->n_gnum); data/tkgate-2.1+repack/src/tkgate/edit.c:863:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p," Flags:"); data/tkgate-2.1+repack/src/tkgate/edit.c:864:25: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. if (net->n_mark) p += sprintf(p," mark"); data/tkgate-2.1+repack/src/tkgate/edit.c:865:26: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. if (net->n_ionet) p += sprintf(p," ionet"); data/tkgate-2.1+repack/src/tkgate/edit.c:866:35: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. if (GNet_getShowName(net)) p += sprintf(p," show_name"); data/tkgate-2.1+repack/src/tkgate/edit.c:885:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"Gate: *none*\n"); data/tkgate-2.1+repack/src/tkgate/edit.c:889:12: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"Gate: typeinfo is null\n"); data/tkgate-2.1+repack/src/tkgate/edit.c:891:12: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"Gate: typeinfo is bad address\n"); data/tkgate-2.1+repack/src/tkgate/edit.c:893:12: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"Gate: typeinfo name is null\n"); data/tkgate-2.1+repack/src/tkgate/edit.c:901:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"Offset: %d/%d\n",w->offset.num,w->offset.den); data/tkgate-2.1+repack/src/tkgate/edit.c:905:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"Orient: %d\n",w->orient); data/tkgate-2.1+repack/src/tkgate/edit.c:906:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"Wtype: %d\n",w->wtype); data/tkgate-2.1+repack/src/tkgate/edit.c:909:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"DType: root driver\n"); data/tkgate-2.1+repack/src/tkgate/edit.c:911:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"DType: segment driver\n"); data/tkgate-2.1+repack/src/tkgate/edit.c:913:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"DType: segment drivee\n"); data/tkgate-2.1+repack/src/tkgate/edit.c:930:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p," n->in is wrong\n"); data/tkgate-2.1+repack/src/tkgate/edit.c:932:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p," n->out is wrong\n"); data/tkgate-2.1+repack/src/tkgate/edit.c:934:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p," n->end is wrong\n"); data/tkgate-2.1+repack/src/tkgate/edit.c:950:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[1024*10]; data/tkgate-2.1+repack/src/tkgate/edit.c:965:12: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"Size: %dx%d\n",g->u.block.gwidth,g->u.block.gheight); data/tkgate-2.1+repack/src/tkgate/edit.c:967:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"Orient: %d\n",g->orient); data/tkgate-2.1+repack/src/tkgate/edit.c:968:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"Pads:\n"); data/tkgate-2.1+repack/src/tkgate/edit.c:977:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"0x%p {%d}",(void*)w->net,w->nidx); data/tkgate-2.1+repack/src/tkgate/edit.c:979:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"[r]"); data/tkgate-2.1+repack/src/tkgate/edit.c:981:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"[d]"); data/tkgate-2.1+repack/src/tkgate/edit.c:983:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"[e]"); data/tkgate-2.1+repack/src/tkgate/edit.c:1001:12: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"####Warning other end on different net...\n"); data/tkgate-2.1+repack/src/tkgate/edit.c:1510:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX],msgBuf[STRMAX],fname[STRMAX]; data/tkgate-2.1+repack/src/tkgate/edit.c:1551:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((f = fopen(fname,"a"))) { data/tkgate-2.1+repack/src/tkgate/edit.c:1554:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). } else if ((f = fopen(TkGate.errorLogFile,"a"))) { data/tkgate-2.1+repack/src/tkgate/editstate.c:145:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ID[8]; data/tkgate-2.1+repack/src/tkgate/editstate.c:518:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/tkgate-2.1+repack/src/tkgate/editstate.c:719:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[STRMAX],*p; data/tkgate-2.1+repack/src/tkgate/editstate.c:777:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX],*p,*q; data/tkgate-2.1+repack/src/tkgate/editstate.c:820:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX],*p,*q; data/tkgate-2.1+repack/src/tkgate/editstate.c:1066:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/editstate.c:1083:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"%d",EditState_getMode()); data/tkgate-2.1+repack/src/tkgate/editstate.c:1089:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"%d",EditState_getRotation()); data/tkgate-2.1+repack/src/tkgate/elements.h:53:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gc_name[STRMAX]; /* Name of cell */ data/tkgate-2.1+repack/src/tkgate/elements.h:55:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gc_invSpec[STRMAX]; /* Inverter specification */ data/tkgate-2.1+repack/src/tkgate/elements.h:282:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *delayNames[MAXDELAYS]; /* Name of delay parameters */ data/tkgate-2.1+repack/src/tkgate/error.c:112:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char etype[STRMAX],fileName[STRMAX],modName[STRMAX],instName[STRMAX],portName[STRMAX],msg[STRMAX]; data/tkgate-2.1+repack/src/tkgate/error.c:137:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg2[STRMAX]; data/tkgate-2.1+repack/src/tkgate/error.c:165:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msgbuf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/error.c:488:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[16]; data/tkgate-2.1+repack/src/tkgate/error.c:505:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"UNKNOWN-%d",s); data/tkgate-2.1+repack/src/tkgate/error.c:613:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX],*T,*N; data/tkgate-2.1+repack/src/tkgate/error.c:644:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char argbuf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/error.c:645:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[STRMAX]; data/tkgate-2.1+repack/src/tkgate/error.c:646:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *args[MAXARGS]; data/tkgate-2.1+repack/src/tkgate/error.c:698:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(emsg,"<null-message>"); data/tkgate-2.1+repack/src/tkgate/expr.c:472:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/tkgate-2.1+repack/src/tkgate/expr.c:473:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"%d",e->value); data/tkgate-2.1+repack/src/tkgate/fonts.c:38:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *font_family_names[FF_MAX] = { data/tkgate-2.1+repack/src/tkgate/fonts.c:92:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fullName, data/tkgate-2.1+repack/src/tkgate/fonts.c:97:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fullName, data/tkgate-2.1+repack/src/tkgate/fonts.c:115:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fontName[STRMAX]; data/tkgate-2.1+repack/src/tkgate/frame.c:351:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX],buf2[STRMAX]; data/tkgate-2.1+repack/src/tkgate/frame.c:364:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/gate_painter.c:619:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(key, font, sizeof(GateFont)); data/tkgate-2.1+repack/src/tkgate/gates.c:60:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/tkgate-2.1+repack/src/tkgate/gates.c:458:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ns[30]; data/tkgate-2.1+repack/src/tkgate/gates.c:462:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(ns,"%d",num); data/tkgate-2.1+repack/src/tkgate/gates.c:573:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/gates.c:831:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX],*T; data/tkgate-2.1+repack/src/tkgate/gates.c:1018:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char inv[STRMAX],*iq; data/tkgate-2.1+repack/src/tkgate/gates.c:1094:23: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. if (npad >= 0) p += sprintf(p,"%u",npad); data/tkgate-2.1+repack/src/tkgate/gates.c:1097:12: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"x%u",nbit); data/tkgate-2.1+repack/src/tkgate/gates.c:1099:12: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"%u",nbit); data/tkgate-2.1+repack/src/tkgate/gates.c:1109:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"_D"); data/tkgate-2.1+repack/src/tkgate/gates.c:1112:12: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"%u",g->delays[i]); data/tkgate-2.1+repack/src/tkgate/gates.c:1125:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"_P%u_%u_%u",g->u.clock.omega,g->u.clock.phi,g->u.clock.duty); data/tkgate-2.1+repack/src/tkgate/gates.c:1143:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char baseName[STRMAX]; data/tkgate-2.1+repack/src/tkgate/gates.c:1144:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dpSpec[STRMAX]; /* Delay an parameter specifications */ data/tkgate-2.1+repack/src/tkgate/generic.c:110:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(p," ( "); p += 3; data/tkgate-2.1+repack/src/tkgate/generic.c:115:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(p," ) "); p += 3; data/tkgate-2.1+repack/src/tkgate/generic.c:145:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/generic.c:463:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[8*STRMAX],*p; data/tkgate-2.1+repack/src/tkgate/generic.c:477:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char port[STRMAX]; data/tkgate-2.1+repack/src/tkgate/generic.c:497:18: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case 'T' : p += sprintf(p,"top"); break; data/tkgate-2.1+repack/src/tkgate/generic.c:498:18: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case 'B' : p += sprintf(p,"bottom"); break; data/tkgate-2.1+repack/src/tkgate/generic.c:499:18: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case 'L' : p += sprintf(p,"left"); break; data/tkgate-2.1+repack/src/tkgate/generic.c:500:18: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case 'R' : p += sprintf(p,"right"); break; data/tkgate-2.1+repack/src/tkgate/generic.c:525:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char port[128],name[STRMAX],_newport[128],dir[128]; data/tkgate-2.1+repack/src/tkgate/generic.c:668:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX],*p; data/tkgate-2.1+repack/src/tkgate/generic.c:717:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/generic.c:961:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/generic.c:964:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"root%d",makeMenuData->numRoot); data/tkgate-2.1+repack/src/tkgate/generic.c:1096:15: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. int parseKeys(char keys[5][128],const char *key_seq) data/tkgate-2.1+repack/src/tkgate/generic.c:1098:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX],*T; data/tkgate-2.1+repack/src/tkgate/generic.c:1146:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char keys[5][128]; data/tkgate-2.1+repack/src/tkgate/generic.c:1165:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/hdl.c:280:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char modName[STRMAX],*p; data/tkgate-2.1+repack/src/tkgate/hdl.c:295:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(p,"_%d",count++); data/tkgate-2.1+repack/src/tkgate/hdl.c:383:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/html.c:288:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&font->gateFont, &gateFont, sizeof (GateFont)); data/tkgate-2.1+repack/src/tkgate/html.c:335:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[STRMAX]; data/tkgate-2.1+repack/src/tkgate/html.c:336:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char options[STRMAX]; data/tkgate-2.1+repack/src/tkgate/html.c:337:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ptag[STRMAX],pvalue[STRMAX]; data/tkgate-2.1+repack/src/tkgate/html.c:412:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[STRMAX]; data/tkgate-2.1+repack/src/tkgate/html.c:579:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[STRMAX]; data/tkgate-2.1+repack/src/tkgate/html.c:581:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(name,"PAGE%d",max_pnum+1); data/tkgate-2.1+repack/src/tkgate/html.c:599:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p," <b size=5>%d</b>",i); data/tkgate-2.1+repack/src/tkgate/html.c:601:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p," <a href=\"#/PAGE%d\">%d</b>",i,i); data/tkgate-2.1+repack/src/tkgate/html.c:617:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p," "); data/tkgate-2.1+repack/src/tkgate/html.c:635:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char baseName[STRMAX], extension[STRMAX], path[STRMAX]; data/tkgate-2.1+repack/src/tkgate/html.c:645:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[STRMAX]; data/tkgate-2.1+repack/src/tkgate/html.c:663:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p," <b size=5>%d</b>",i); data/tkgate-2.1+repack/src/tkgate/html.c:681:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p," "); data/tkgate-2.1+repack/src/tkgate/html.c:700:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char line[STRMAX]; data/tkgate-2.1+repack/src/tkgate/html.c:701:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/html.c:729:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/html.c:859:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/hyperlink.c:95:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[STRMAX]; data/tkgate-2.1+repack/src/tkgate/hyperlink.c:96:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char command[STRMAX]; data/tkgate-2.1+repack/src/tkgate/hyperlink.c:114:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). unused = fopen("/dev/null","r"); data/tkgate-2.1+repack/src/tkgate/hyperlink.c:115:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). unused = fopen("/dev/null","w"); data/tkgate-2.1+repack/src/tkgate/hyperlink.c:116:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). unused = fopen("/dev/null","w"); data/tkgate-2.1+repack/src/tkgate/hyperlink.c:130:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[STRMAX]; data/tkgate-2.1+repack/src/tkgate/hyperlink.c:131:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char command[STRMAX]; data/tkgate-2.1+repack/src/tkgate/hyperlink.c:149:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). unused = fopen("/dev/null","r"); data/tkgate-2.1+repack/src/tkgate/hyperlink.c:150:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). unused = fopen("/dev/null","w"); data/tkgate-2.1+repack/src/tkgate/hyperlink.c:151:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). unused = fopen("/dev/null","w"); data/tkgate-2.1+repack/src/tkgate/hyperlink.c:271:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char protocol[STRMAX]; data/tkgate-2.1+repack/src/tkgate/hyperlink.c:272:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file[STRMAX]; data/tkgate-2.1+repack/src/tkgate/hyperlink.c:276:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(protocol,"file"); data/tkgate-2.1+repack/src/tkgate/icon.c:90:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/igenerate.c:458:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ploc[STRMAX]; data/tkgate-2.1+repack/src/tkgate/igenerate.c:459:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/igenerate.c:486:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(ploc,"port:%d",i); data/tkgate-2.1+repack/src/tkgate/igenerate.c:497:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"%d",n); data/tkgate-2.1+repack/src/tkgate/igenerate.c:529:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/igenerate.c:544:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"%d %d",x,y); data/tkgate-2.1+repack/src/tkgate/igenerate.c:549:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"%d %d",x,y); data/tkgate-2.1+repack/src/tkgate/igenerate.c:553:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pname[STRMAX],pvalue[STRMAX]; data/tkgate-2.1+repack/src/tkgate/igenerate.c:557:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(pname,"pplace:%d",i); data/tkgate-2.1+repack/src/tkgate/igenerate.c:562:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"%d",GModSymbol_numPorts(ms)); data/tkgate-2.1+repack/src/tkgate/igenerate.c:626:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pname[STRMAX]; data/tkgate-2.1+repack/src/tkgate/igenerate.c:628:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(pname,"pplace:%d",i); data/tkgate-2.1+repack/src/tkgate/igenerate.c:631:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[STRMAX],ptype[STRMAX]; data/tkgate-2.1+repack/src/tkgate/igenerate.c:774:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pid[STRMAX],name[STRMAX],iodirstr[STRMAX],sidestr[STRMAX]; data/tkgate-2.1+repack/src/tkgate/igenerate.c:781:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(pid,"port:%d",i); data/tkgate-2.1+repack/src/tkgate/led.c:787:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf1[STRMAX],buf2[STRMAX]; data/tkgate-2.1+repack/src/tkgate/led.c:795:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf1,"ledseg%d",i+1); data/tkgate-2.1+repack/src/tkgate/led.c:796:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf2,"ledseg%d.b",i+1); data/tkgate-2.1+repack/src/tkgate/locale.c:39:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[8*STRMAX]; data/tkgate-2.1+repack/src/tkgate/locale.c:73:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fileName[STRMAX]; data/tkgate-2.1+repack/src/tkgate/locale.c:74:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX],tag[STRMAX]; data/tkgate-2.1+repack/src/tkgate/locale.c:79:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(fileName,"r"); data/tkgate-2.1+repack/src/tkgate/locale.c:138:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dirName[STRMAX]; data/tkgate-2.1+repack/src/tkgate/locale.c:208:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(lang,"en_US"); data/tkgate-2.1+repack/src/tkgate/locale.c:215:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(lang,"en_US"); data/tkgate-2.1+repack/src/tkgate/locale.c:227:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(territory, "US"); data/tkgate-2.1+repack/src/tkgate/locale.c:233:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX],buf2[STRMAX],tag[STRMAX],msg[8*STRMAX]; data/tkgate-2.1+repack/src/tkgate/locale.c:241:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(locale->l_messages,"r"); data/tkgate-2.1+repack/src/tkgate/locale.c:290:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX],buf2[STRMAX],tag[STRMAX],msg[8*STRMAX]; data/tkgate-2.1+repack/src/tkgate/locale.c:297:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(englishLocale->l_messages,"r"); data/tkgate-2.1+repack/src/tkgate/locale.c:346:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lang[STRMAX],territory[STRMAX]; data/tkgate-2.1+repack/src/tkgate/locale.c:369:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(lang,"en"); data/tkgate-2.1+repack/src/tkgate/main.c:66:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tkgate_startup_script[STRMAX]; data/tkgate-2.1+repack/src/tkgate/main.c:67:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char homeDir[STRMAX]; data/tkgate-2.1+repack/src/tkgate/metrics.c:38:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *psFontNameTable[FF_MAX][FP_MAX] = { data/tkgate-2.1+repack/src/tkgate/modint.c:226:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *args[2]; data/tkgate-2.1+repack/src/tkgate/modint.c:493:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *args[2]; data/tkgate-2.1+repack/src/tkgate/modsym.c:560:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/modsym.c:561:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"%p - rc=%d gid=%d nports=%d",ms,ms->ms_refCount,ms->ms_gid,ms->ms_numPorts); data/tkgate-2.1+repack/src/tkgate/modsym.c:580:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/modsym.c:581:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"%p - rc=%d gid=%d nports=%d",ms,ms->ms_refCount,ms->ms_gid,ms->ms_numPorts); data/tkgate-2.1+repack/src/tkgate/modsym.c:599:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/modsym.c:600:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"%p - rc=%d gid=%d nports=%d",ms,ms->ms_refCount,ms->ms_gid,ms->ms_numPorts); data/tkgate-2.1+repack/src/tkgate/modsym.c:613:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/modsym.c:614:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"%p - rc=%d gid=%d nports=%d",ms,ms->ms_refCount,ms->ms_gid,ms->ms_numPorts); data/tkgate-2.1+repack/src/tkgate/modsym.c:636:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/modsym.c:637:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"%p - rc=%d gid=%d nports=%d",ms,ms->ms_refCount,ms->ms_gid,ms->ms_numPorts); data/tkgate-2.1+repack/src/tkgate/modsym.c:737:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/modsym.c:738:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"%p - rc=%d gid=%d nports=%d",ms,ms->ms_refCount,ms->ms_gid,ms->ms_numPorts); data/tkgate-2.1+repack/src/tkgate/module.c:544:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char shortfile[STRMAX],*p; data/tkgate-2.1+repack/src/tkgate/module.c:553:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(shortfile,"<new>"); data/tkgate-2.1+repack/src/tkgate/module.c:627:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd[STRMAX],tempFile[STRMAX],data[STRMAX]; data/tkgate-2.1+repack/src/tkgate/module.c:643:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(tempFile, "w"); data/tkgate-2.1+repack/src/tkgate/module.c:656:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[STRMAX],iname[STRMAX],msg[STRMAX]; data/tkgate-2.1+repack/src/tkgate/mux.c:302:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/mux.c:365:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char n[STRMAX]; data/tkgate-2.1+repack/src/tkgate/mux.c:370:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(n,"%d",i); data/tkgate-2.1+repack/src/tkgate/net.c:143:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/net.c:434:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/net.c:522:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf,"name"); data/tkgate-2.1+repack/src/tkgate/net.c:555:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(p,"%d",n++); data/tkgate-2.1+repack/src/tkgate/net.c:765:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char label[STRMAX]; data/tkgate-2.1+repack/src/tkgate/object.c:414:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(C->oc_backup,o,o->o_size); data/tkgate-2.1+repack/src/tkgate/object.c:505:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(oc->oc_ptr,oc->oc_backup,oc->oc_backup->o_size); data/tkgate-2.1+repack/src/tkgate/object.c:705:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(c,vo,o->o_size-sizeof(Object)); data/tkgate-2.1+repack/src/tkgate/paux.c:287:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/paux.c:288:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[STRMAX]; data/tkgate-2.1+repack/src/tkgate/primitives.c:50:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[STRMAX]; data/tkgate-2.1+repack/src/tkgate/primitives.c:62:36: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (stat(path,&sb) != 0 || !(f = fopen(path,"r"))) { data/tkgate-2.1+repack/src/tkgate/primitives.c:117:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/primitives.h:34:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pps_name[STRMAX]; data/tkgate-2.1+repack/src/tkgate/primitives.h:35:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pps_value[STRMAX]; data/tkgate-2.1+repack/src/tkgate/print.c:108:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char *psFontNameTable[FF_MAX][FP_MAX]; data/tkgate-2.1+repack/src/tkgate/print.c:371:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"\\%03o",FCC_BEGINKANJI); data/tkgate-2.1+repack/src/tkgate/print.c:375:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"\\%03o",FCC_ENDKANJI); data/tkgate-2.1+repack/src/tkgate/print.c:388:12: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"\\%03o",FCC_ENDKANJI); data/tkgate-2.1+repack/src/tkgate/print.c:402:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"\\%03o",((*s++)&0xff)); data/tkgate-2.1+repack/src/tkgate/print.c:473:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/print.c:688:20: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!(P->p_f = fopen(PO->po_file,"w"))) { data/tkgate-2.1+repack/src/tkgate/print.c:759:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[STRMAX]; data/tkgate-2.1+repack/src/tkgate/print.c:907:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/print.c:1080:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char label[STRMAX]; data/tkgate-2.1+repack/src/tkgate/print.c:1230:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; /* Buffer for parenthesis filtering */ data/tkgate-2.1+repack/src/tkgate/print.c:1231:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[STRMAX]; /* Raw line of text */ data/tkgate-2.1+repack/src/tkgate/print.c:1232:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dline[STRMAX]; /* decode raw line of text */ data/tkgate-2.1+repack/src/tkgate/print.c:1398:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/print.c:1421:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX],*p; data/tkgate-2.1+repack/src/tkgate/print.c:1432:7: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(p,", "); data/tkgate-2.1+repack/src/tkgate/print.c:1453:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *mod_list[MODMAX]; /* Module names */ data/tkgate-2.1+repack/src/tkgate/print.c:1486:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/print.c:1604:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/scope.c:293:19: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char trans[VC_NUMCASES][VC_NUMCASES] = { data/tkgate-2.1+repack/src/tkgate/scope.c:891:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/scope.c:996:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/scope.c:1086:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/script.c:103:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/script.c:107:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"script1"); data/tkgate-2.1+repack/src/tkgate/script.c:151:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX],pos[64]; data/tkgate-2.1+repack/src/tkgate/script.c:160:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(pos,"%d",n++); data/tkgate-2.1+repack/src/tkgate/script.c:164:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"%d",n); data/tkgate-2.1+repack/src/tkgate/script.c:177:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"%d",i); data/tkgate-2.1+repack/src/tkgate/script.c:204:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/search.c:238:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX],scount[STRMAX]; data/tkgate-2.1+repack/src/tkgate/search.c:280:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(scount,"%d",(*count)++); data/tkgate-2.1+repack/src/tkgate/search.c:302:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char scount[STRMAX]; data/tkgate-2.1+repack/src/tkgate/search.c:348:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(scount,"%d",count); data/tkgate-2.1+repack/src/tkgate/search.c:362:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char modName[STRMAX]; data/tkgate-2.1+repack/src/tkgate/search.c:363:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char typeName[STRMAX]; data/tkgate-2.1+repack/src/tkgate/search.c:364:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char objName[STRMAX]; data/tkgate-2.1+repack/src/tkgate/selection.c:773:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fileName[STRMAX]; data/tkgate-2.1+repack/src/tkgate/selection.c:810:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *argv[2]; data/tkgate-2.1+repack/src/tkgate/selection.c:1022:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(fileName,"w"); data/tkgate-2.1+repack/src/tkgate/simulate.c:226:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/simulate.c:278:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX],*T; data/tkgate-2.1+repack/src/tkgate/simulate.c:279:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *ptr[MAXDEPTH]; data/tkgate-2.1+repack/src/tkgate/simulate.c:306:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX],*T; data/tkgate-2.1+repack/src/tkgate/simulate.c:307:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *ptr[MAXDEPTH]; data/tkgate-2.1+repack/src/tkgate/simulate.c:337:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX],*p; data/tkgate-2.1+repack/src/tkgate/simulate.c:359:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf,"/tmp/tkgate.XXXXXX"); data/tkgate-2.1+repack/src/tkgate/simulate.c:360:8: [2] (tmpfile) mkstemp: Potential for temporary file vulnerability in some circumstances. Some older Unix-like systems create temp files with permission to write by all by default, so be sure to set the umask to override this. Also, some older Unix systems might fail to use O_EXCL when opening the file, so make sure that O_EXCL is used by the library (CWE-377). fd = mkstemp(buf); data/tkgate-2.1+repack/src/tkgate/simulate.c:485:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX],*T; data/tkgate-2.1+repack/src/tkgate/simulate.c:486:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *ptr[MAXDEPTH]; data/tkgate-2.1+repack/src/tkgate/simulate.c:532:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX],*T; data/tkgate-2.1+repack/src/tkgate/simulate.c:533:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *ptr[MAXDEPTH]; data/tkgate-2.1+repack/src/tkgate/simulate.c:578:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/simulate.c:637:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char netPath[STRMAX],componentPath[STRMAX]; data/tkgate-2.1+repack/src/tkgate/simulate.c:919:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/simulate.c:1011:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[STRMAX]; data/tkgate-2.1+repack/src/tkgate/simulate.c:1019:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[STRMAX]; data/tkgate-2.1+repack/src/tkgate/simulate.c:1122:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmdName[STRMAX]; data/tkgate-2.1+repack/src/tkgate/simulate.c:1153:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char etype[STRMAX],text[STRMAX]; data/tkgate-2.1+repack/src/tkgate/simulate.c:1154:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/simulate.c:1162:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timeStr[STRMAX],msg[STRMAX]; data/tkgate-2.1+repack/src/tkgate/simulate.c:1389:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathbuf[STRMAX],*t; data/tkgate-2.1+repack/src/tkgate/simulate.c:1390:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[STRMAX]; data/tkgate-2.1+repack/src/tkgate/simulate.c:1521:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX],buf2[STRMAX],buf3[STRMAX],buf4[STRMAX]; data/tkgate-2.1+repack/src/tkgate/simulate.h:96:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char simFileName[STRMAX]; /* Temp file with circuit description */ data/tkgate-2.1+repack/src/tkgate/switch.c:214:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char compositeName[STRMAX]; data/tkgate-2.1+repack/src/tkgate/symblock.c:260:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/symblock.c:268:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"g=%p",g); data/tkgate-2.1+repack/src/tkgate/symblock.c:272:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"ms=%p",ms); data/tkgate-2.1+repack/src/tkgate/symblock.c:276:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"rcount=%d",ms->ms_refCount); data/tkgate-2.1+repack/src/tkgate/tap.c:303:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/tap.c:327:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"%d",g->u.tap.msb); data/tkgate-2.1+repack/src/tkgate/tap.c:329:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"%d:%d",g->u.tap.msb,g->u.tap.lsb); data/tkgate-2.1+repack/src/tkgate/tap.c:343:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/tap.c:350:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"%d",g->u.tap.msb); data/tkgate-2.1+repack/src/tkgate/tap.c:352:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"%d:%d",g->u.tap.msb,g->u.tap.lsb); data/tkgate-2.1+repack/src/tkgate/tclfuncs.c:123:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char res[127]; data/tkgate-2.1+repack/src/tkgate/tclfuncs.c:124:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(res,"%d.%d",line,pos); data/tkgate-2.1+repack/src/tkgate/tclfuncs.c:677:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(printerList,"{default \"Default Printer\"}"); data/tkgate-2.1+repack/src/tkgate/tclfuncs.c:680:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen("/etc/printcap","r"); data/tkgate-2.1+repack/src/tkgate/tclfuncs.c:682:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX*2]; data/tkgate-2.1+repack/src/tkgate/tclfuncs.c:729:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/tclfuncs.c:737:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"%d",N); data/tkgate-2.1+repack/src/tkgate/tclfuncs.c:770:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char res[127]; data/tkgate-2.1+repack/src/tkgate/tclfuncs.c:773:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(res,"argument error argc=%d",argc); data/tkgate-2.1+repack/src/tkgate/tclfuncs.c:810:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *f = fopen(fileName,"r"); data/tkgate-2.1+repack/src/tkgate/tclfuncs.c:1157:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/tclfuncs.c:1333:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char u[STRMAX]; data/tkgate-2.1+repack/src/tkgate/tclfuncs.c:1356:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(u,"%d",n); data/tkgate-2.1+repack/src/tkgate/tclfuncs.c:1361:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(u,"%d",n); data/tkgate-2.1+repack/src/tkgate/tclfuncs.c:1364:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(u,"%lg",c->c_startup); data/tkgate-2.1+repack/src/tkgate/tclfuncs.c:1703:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX],*p; data/tkgate-2.1+repack/src/tkgate/tclfuncs.c:2147:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char res[128]; data/tkgate-2.1+repack/src/tkgate/tclfuncs.c:2163:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char paper[STRMAX]; data/tkgate-2.1+repack/src/tkgate/tclfuncs.c:2249:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX],buf2[STRMAX]; data/tkgate-2.1+repack/src/tkgate/tclfuncs.c:2272:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char res[128]; data/tkgate-2.1+repack/src/tkgate/tclfuncs.c:2291:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(res,"%x",g->u.sw.dipval); data/tkgate-2.1+repack/src/tkgate/tclfuncs.c:3206:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char validName[STRMAX]; data/tkgate-2.1+repack/src/tkgate/tclfuncs.c:3333:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/tclfuncs.c:3458:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *undoList[1024]; data/tkgate-2.1+repack/src/tkgate/tclfuncs.c:3471:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *redoList[1024]; data/tkgate-2.1+repack/src/tkgate/tkgate.c:115:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/tkgate.c:119:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!(f = fopen(buf,"r"))) return 0; data/tkgate-2.1+repack/src/tkgate/tkgate.c:123:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!(f = fopen(buf,"r"))) return 0; data/tkgate-2.1+repack/src/tkgate/tkgate.c:127:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!(f = fopen(buf,"r"))) return 0; data/tkgate-2.1+repack/src/tkgate/tkgate.c:150:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/tkgate.c:151:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *trydirs[4]; data/tkgate-2.1+repack/src/tkgate/tkgate.c:205:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char randomstate[128]; data/tkgate-2.1+repack/src/tkgate/tkgate.c:366:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/tkgate.c:373:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(buf,"r"); data/tkgate-2.1+repack/src/tkgate/tkgate.c:375:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[STRMAX]; data/tkgate-2.1+repack/src/tkgate/tkgate.c:398:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(buf,"r"); data/tkgate-2.1+repack/src/tkgate/tkgate.c:401:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[STRMAX]; data/tkgate-2.1+repack/src/tkgate/tkgate.c:486:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[STRMAX]; data/tkgate-2.1+repack/src/tkgate/tkgate.c:487:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sval[STRMAX]; data/tkgate-2.1+repack/src/tkgate/tkgate.c:580:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[128]; data/tkgate-2.1+repack/src/tkgate/tkgate.c:730:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX],*p; data/tkgate-2.1+repack/src/tkgate/tkgate.c:758:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/tkgate.c:886:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/tkgate.c:964:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cwd[PATH_MAX]; data/tkgate-2.1+repack/src/tkgate/tkgate.c:1012:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char full_path[PATH_MAX]; data/tkgate-2.1+repack/src/tkgate/tkgate.h:609:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char tkgate_homedir[STRMAX]; data/tkgate-2.1+repack/src/tkgate/tkgatewin.c:1093:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/tkgate-2.1+repack/src/tkgate/tkgatewin.c:1304:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(checkPointFile,"#checkpoint#"); data/tkgate-2.1+repack/src/tkgate/tkgatewin.c:1361:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/traceprint.c:318:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/traceprint.c:412:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/traceprint.c:429:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf1[STRMAX],buf2[STRMAX]; data/tkgate-2.1+repack/src/tkgate/verilog_in.c:116:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char invSpec[STRMAX]; /* Output inverter specification */ data/tkgate-2.1+repack/src/tkgate/verilog_in.c:303:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf1[STRMAX]; data/tkgate-2.1+repack/src/tkgate/verilog_in.c:306:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!(f = fopen(name,"r"))) data/tkgate-2.1+repack/src/tkgate/verilog_in.c:384:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fileName[STRMAX]; data/tkgate-2.1+repack/src/tkgate/verilog_in.c:385:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char libraryName[STRMAX]; data/tkgate-2.1+repack/src/tkgate/verilog_in.c:421:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!(f = fopen(name,"r"))) { data/tkgate-2.1+repack/src/tkgate/verilog_in.c:468:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/verilog_in.c:720:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char units[STRMAX]; data/tkgate-2.1+repack/src/tkgate/verilog_in.c:1034:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX],*p; data/tkgate-2.1+repack/src/tkgate/verilog_in.c:1060:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX],*p; data/tkgate-2.1+repack/src/tkgate/verilog_in.c:1069:12: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p," #("); data/tkgate-2.1+repack/src/tkgate/verilog_in.c:1072:20: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. if (doComma) p += sprintf(p,", "); data/tkgate-2.1+repack/src/tkgate/verilog_in.c:1076:12: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,") "); data/tkgate-2.1+repack/src/tkgate/verilog_in.c:1087:20: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. if (doComma) p += sprintf(p,", "); data/tkgate-2.1+repack/src/tkgate/verilog_in.c:1360:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/verilog_in.c:1464:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char funcx[STRMAX],*p; data/tkgate-2.1+repack/src/tkgate/verilog_in.c:1753:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX],*p; data/tkgate-2.1+repack/src/tkgate/verilog_in.c:1849:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pn[STRMAX]; data/tkgate-2.1+repack/src/tkgate/verilog_in.c:2073:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char u1[STRMAX],u2[STRMAX],*p; data/tkgate-2.1+repack/src/tkgate/verilog_out.c:92:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[32]; data/tkgate-2.1+repack/src/tkgate/verilog_out.c:127:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char typeName[STRMAX]; data/tkgate-2.1+repack/src/tkgate/verilog_out.c:467:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/verilog_out.c:468:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[STRMAX]; data/tkgate-2.1+repack/src/tkgate/verilog_out.c:751:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/verilog_out.c:761:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!(f = fopen(name,"w"))) { data/tkgate-2.1+repack/src/tkgate/verilog_out.c:860:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). inf = fopen(src,"r"); data/tkgate-2.1+repack/src/tkgate/verilog_out.c:862:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). outf = fopen(dst,"w"); data/tkgate-2.1+repack/src/tkgate/verilog_out.c:887:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd[STRMAX]; data/tkgate-2.1+repack/src/tkgate/verilog_out.c:896:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(cmd,"/usr/bin/tkgate",TkGate.homedir); data/tkgate-2.1+repack/src/tkgate/verilog_out.c:940:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dirName[STRMAX],*p; data/tkgate-2.1+repack/src/tkgate/verilog_out.c:1004:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tempName1[STRMAX],tempName2[STRMAX]; data/tkgate-2.1+repack/src/tkgate/verilog_out.c:1030:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file_exists = ((f = fopen(name,"r")) != 0); data/tkgate-2.1+repack/src/tkgate/verilog_out.c:1046:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/tkgate/verilog_out.c:1152:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bitSpec[128]; data/tkgate-2.1+repack/src/tkgate/verilog_out.c:1155:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(bitSpec," [%d:0]",numBits-1); data/tkgate-2.1+repack/src/tkgate/wiresdraw.c:121:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char label[STRMAX]; data/tkgate-2.1+repack/src/tkgate/wiresdraw.c:178:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ns[30]; data/tkgate-2.1+repack/src/tkgate/wiresdraw.c:191:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(ns,"%d",net->n_nbits); data/tkgate-2.1+repack/src/tools/colors.c:94:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *f = fopen(RGBFILE,"r"); data/tkgate-2.1+repack/src/tools/colors.c:95:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024],name[1024]; data/tkgate-2.1+repack/src/tools/colors.c:159:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *f = fopen(RGBFILE,"r"); data/tkgate-2.1+repack/src/tools/colors.c:160:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024],name[1024]; data/tkgate-2.1+repack/src/tools/msgdiff.c:125:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX], tag[STRMAX], msg[LONGSTRMAX]; data/tkgate-2.1+repack/src/tools/msgdiff.c:128:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(fileName,"r"); data/tkgate-2.1+repack/src/tools/msgdiff.c:241:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(em, nm, sizeof(Message)); data/tkgate-2.1+repack/src/tools/msgdiff.c:244:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(em->m_str, "TODO: "); data/tkgate-2.1+repack/src/tools/msgdiff.c:275:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(em, nm, sizeof(Message)); data/tkgate-2.1+repack/src/tools/msgdiff.c:278:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(em->m_str, "TODO: "); data/tkgate-2.1+repack/src/tools/msgdiff.c:296:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX], tag[STRMAX], msg[STRMAX]; data/tkgate-2.1+repack/src/tools/msgdiff.c:299:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(newfile, "r"); data/tkgate-2.1+repack/src/tools/msgdiff.c:351:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; //, tag[STRMAX], msg[STRMAX]; data/tkgate-2.1+repack/src/tools/msgdiff.c:354:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(editFile, "r"); data/tkgate-2.1+repack/src/tools/mvtag.c:36:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char readFile[STRMAX],bakFile[STRMAX],tmpFile[STRMAX]; data/tkgate-2.1+repack/src/tools/mvtag.c:37:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[STRMAX],tag[STRMAX]; data/tkgate-2.1+repack/src/tools/mvtag.c:43:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). rf = fopen(readFile,"r"); data/tkgate-2.1+repack/src/tools/mvtag.c:49:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). wf = fopen(tmpFile,"w"); data/tkgate-2.1+repack/src/tools/mvtag.c:74:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[STRMAX],fromTag[STRMAX],toTag[STRMAX]; data/tkgate-2.1+repack/src/tools/mvtag.c:76:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(name,"r"); data/tkgate-2.1+repack/src/verga/bytecode.c:81:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cb->cb_instructions, oldBC, sizeof(ByteCode)*cb->cb_nalloced); data/tkgate-2.1+repack/src/verga/bytecode.c:130:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(CodeBlock_get(dst,dpos),CodeBlock_get(src,start),sizeof(ByteCode)*copySize); data/tkgate-2.1+repack/src/verga/bytecode.c:443:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX],*p; data/tkgate-2.1+repack/src/verga/bytecode.c:491:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX],*p; data/tkgate-2.1+repack/src/verga/bytecode.c:1291:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/verga/channel.c:51:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/verga/channel.c:142:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/verga/circuit.c:55:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[STRMAX],*p; data/tkgate-2.1+repack/src/verga/circuit.c:190:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/verga/circuit.c:203:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char range[256]; data/tkgate-2.1+repack/src/verga/circuit.c:204:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(range,"%d:%d",msb,lsb); data/tkgate-2.1+repack/src/verga/circuit.c:880:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[STRMAX*2]; data/tkgate-2.1+repack/src/verga/circuit.c:937:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char scriptRootName[STRMAX]; data/tkgate-2.1+repack/src/verga/circuit.c:1002:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char instname[STRMAX]; data/tkgate-2.1+repack/src/verga/circuit.c:1013:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/verga/circuit.c:1211:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX],name[STRMAX]; data/tkgate-2.1+repack/src/verga/circuit.c:1316:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!(f = fopen(fileName,"w"))) data/tkgate-2.1+repack/src/verga/commands.c:402:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[STRMAX]; data/tkgate-2.1+repack/src/verga/commands.c:452:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[STRMAX]; data/tkgate-2.1+repack/src/verga/commands.c:733:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/verga/commands.c:832:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *argv[100]; data/tkgate-2.1+repack/src/verga/commands.c:892:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/verga/commands.c:1030:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dstr[STRMAX]; data/tkgate-2.1+repack/src/verga/directive.c:69:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(units,"ns"); data/tkgate-2.1+repack/src/verga/directive.c:94:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char numS[STRMAX]; data/tkgate-2.1+repack/src/verga/directive.c:95:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(numS,"%d",num); data/tkgate-2.1+repack/src/verga/directive.c:162:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char b1[STRMAX],b2[STRMAX]; data/tkgate-2.1+repack/src/verga/directive.c:163:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[STRMAX]; data/tkgate-2.1+repack/src/verga/error.c:444:12: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. s += sprintf(s,"Warning: "); data/tkgate-2.1+repack/src/verga/error.c:452:27: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. if (did_first) s += sprintf(s, ", "); data/tkgate-2.1+repack/src/verga/error.c:453:12: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. s += sprintf(s, "%d",p->p_lineNo); data/tkgate-2.1+repack/src/verga/error.c:457:27: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. if (did_first) s += sprintf(s, ", "); data/tkgate-2.1+repack/src/verga/error.c:461:12: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. s += sprintf(s, "+%d",p->p_modLineNo); data/tkgate-2.1+repack/src/verga/error.c:470:12: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. s += sprintf(s, " %d",p->p_lineNo); data/tkgate-2.1+repack/src/verga/error.c:474:12: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. s += sprintf(s, " %d",p->p_modLineNo); data/tkgate-2.1+repack/src/verga/error.c:478:12: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. s += sprintf(s," -"); data/tkgate-2.1+repack/src/verga/error.c:483:12: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. s += sprintf(s," -"); data/tkgate-2.1+repack/src/verga/error.c:485:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. s += sprintf(s," : "); data/tkgate-2.1+repack/src/verga/error.c:659:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX],*p; data/tkgate-2.1+repack/src/verga/error.c:690:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX],*p; data/tkgate-2.1+repack/src/verga/error.c:721:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[STRMAX],*p; data/tkgate-2.1+repack/src/verga/error.c:768:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX],*p; data/tkgate-2.1+repack/src/verga/error.c:796:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX],*p; data/tkgate-2.1+repack/src/verga/evqueue.c:1206:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/verga/expr.c:22:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char lastExprError[STRMAX] = ""; data/tkgate-2.1+repack/src/verga/expr.c:419:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p+=sprintf(p,"<<null>>"); data/tkgate-2.1+repack/src/verga/expr.c:428:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p+=sprintf(p,"@("); data/tkgate-2.1+repack/src/verga/expr.c:470:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"+:"); data/tkgate-2.1+repack/src/verga/expr.c:472:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"-:"); data/tkgate-2.1+repack/src/verga/expr.c:484:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"[?]"); /* unknown expression type */ data/tkgate-2.1+repack/src/verga/expr.c:739:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"0:0"); data/tkgate-2.1+repack/src/verga/expr.c:743:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"%u:0",size-1); data/tkgate-2.1+repack/src/verga/expr.c:2354:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/verga/expr.c:2355:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"%d",Expr_type(e)); data/tkgate-2.1+repack/src/verga/io.c:25:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char cmdin_buf[STRMAX]; /* Buffer for unread characters */ data/tkgate-2.1+repack/src/verga/io.c:36:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/verga/io.c:58:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[2*STRMAX]; data/tkgate-2.1+repack/src/verga/memory.c:156:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dstr[STRMAX]; data/tkgate-2.1+repack/src/verga/memory.c:177:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sdata[STRMAX]; data/tkgate-2.1+repack/src/verga/memory.c:203:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data->one, D1, bytesPerWord); data/tkgate-2.1+repack/src/verga/memory.c:204:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data->zero, D0, bytesPerWord); data/tkgate-2.1+repack/src/verga/memory.c:205:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data->flt, Dz, bytesPerWord); data/tkgate-2.1+repack/src/verga/memory.c:226:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/verga/memory.c:234:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(D1,data->one, bytesPerWord); data/tkgate-2.1+repack/src/verga/memory.c:235:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(D0,data->zero, bytesPerWord); data/tkgate-2.1+repack/src/verga/memory.c:236:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(Dz,data->flt, bytesPerWord); data/tkgate-2.1+repack/src/verga/memory.c:250:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(temp->one, D1, bytesPerWord); data/tkgate-2.1+repack/src/verga/memory.c:251:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(temp->zero, D0, bytesPerWord); data/tkgate-2.1+repack/src/verga/memory.c:252:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(temp->flt, Dz, bytesPerWord); data/tkgate-2.1+repack/src/verga/memory.c:256:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(D1,temp->one, bytesPerWord); data/tkgate-2.1+repack/src/verga/memory.c:257:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(D0,temp->zero, bytesPerWord); data/tkgate-2.1+repack/src/verga/memory.c:258:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(Dz,temp->flt, bytesPerWord); data/tkgate-2.1+repack/src/verga/memory.c:279:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/verga/memory.c:311:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/verga/memory.c:325:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/verga/memory.c:422:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!(f = fopen(fileName,"w"))) data/tkgate-2.1+repack/src/verga/memory.c:474:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024],val[1024]; data/tkgate-2.1+repack/src/verga/mitem.c:265:29: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case NT_P_INPUT : p += sprintf(p,"input"); break; data/tkgate-2.1+repack/src/verga/mitem.c:266:29: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case NT_P_INOUT : p += sprintf(p,"inout"); break; data/tkgate-2.1+repack/src/verga/mitem.c:267:29: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case NT_P_OUTPUT : p += sprintf(p,"output"); break; data/tkgate-2.1+repack/src/verga/mitem.c:274:60: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case NT_WIRE : if (!(nt & NT_P_IO_MASK)) p += sprintf(p,"wire"); break; data/tkgate-2.1+repack/src/verga/mitem.c:275:34: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case NT_WAND : p += sprintf(p,"wand"); break; data/tkgate-2.1+repack/src/verga/mitem.c:276:34: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case NT_WOR : p += sprintf(p,"wor"); break; data/tkgate-2.1+repack/src/verga/mitem.c:277:34: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case NT_TRI : p += sprintf(p,"tri"); break; data/tkgate-2.1+repack/src/verga/mitem.c:278:34: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case NT_TRI1 : p += sprintf(p,"tri1"); break; data/tkgate-2.1+repack/src/verga/mitem.c:279:34: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case NT_TRI0 : p += sprintf(p,"tri0"); break; data/tkgate-2.1+repack/src/verga/mitem.c:280:34: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case NT_TRIAND : p += sprintf(p,"triand"); break; data/tkgate-2.1+repack/src/verga/mitem.c:281:34: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case NT_TRIOR : p += sprintf(p,"trior"); break; data/tkgate-2.1+repack/src/verga/mitem.c:282:34: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case NT_TRIREG : p += sprintf(p,"trireg"); break; data/tkgate-2.1+repack/src/verga/mitem.c:283:34: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case NT_TRIREG_SMALL : p += sprintf(p,"trireg (small)"); break; data/tkgate-2.1+repack/src/verga/mitem.c:284:34: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case NT_TRIREG_MEDIUM : p += sprintf(p,"trireg (medium)"); break; data/tkgate-2.1+repack/src/verga/mitem.c:285:34: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case NT_TRIREG_LARGE : p += sprintf(p,"trireg (large)"); break; data/tkgate-2.1+repack/src/verga/mitem.c:286:34: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. default : p += sprintf(p,"illegal_net<%x>",nt); break; data/tkgate-2.1+repack/src/verga/mitem.c:292:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"output reg"); data/tkgate-2.1+repack/src/verga/mitem.c:294:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"reg"); data/tkgate-2.1+repack/src/verga/mitem.c:296:28: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case NT_MEMORY : p += sprintf(p,"reg"); break; data/tkgate-2.1+repack/src/verga/mitem.c:297:28: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case NT_SUPPLY0 : p += sprintf(p,"supply0"); break; data/tkgate-2.1+repack/src/verga/mitem.c:298:28: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case NT_SUPPLY1 : p += sprintf(p,"supply1"); break; data/tkgate-2.1+repack/src/verga/mitem.c:300:28: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case NT_INTEGER : p += sprintf(p,"integer"); break; data/tkgate-2.1+repack/src/verga/mitem.c:301:28: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case NT_REAL : p += sprintf(p,"real"); break; data/tkgate-2.1+repack/src/verga/mitem.c:302:28: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case NT_TIME : p += sprintf(p,"time"); break; data/tkgate-2.1+repack/src/verga/mitem.c:303:28: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case NT_EVENT : p += sprintf(p,"event"); break; data/tkgate-2.1+repack/src/verga/mitem.c:304:28: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. default : p += sprintf(p,"illegal_reg<%x>",nt); break; data/tkgate-2.1+repack/src/verga/mitem.c:307:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"illegal"); data/tkgate-2.1+repack/src/verga/mitem.c:311:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p," scalar"); data/tkgate-2.1+repack/src/verga/mitem.c:313:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p," vectored"); data/tkgate-2.1+repack/src/verga/mitem.c:315:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p," signed"); data/tkgate-2.1+repack/src/verga/mitem.c:318:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p," ("); data/tkgate-2.1+repack/src/verga/mitem.c:320:30: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case NT_P_HIGHZ0 : p += sprintf(p,"highz0"); break; data/tkgate-2.1+repack/src/verga/mitem.c:321:30: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case NT_P_WEAK0 : p += sprintf(p,"weak0"); break; data/tkgate-2.1+repack/src/verga/mitem.c:322:30: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case NT_P_PULL0 : p += sprintf(p,"pull0"); break; data/tkgate-2.1+repack/src/verga/mitem.c:323:30: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case NT_P_STRONG0 : p += sprintf(p,"strong0"); break; data/tkgate-2.1+repack/src/verga/mitem.c:324:30: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case NT_P_SUPPLY0 : p += sprintf(p,"supply0"); break; data/tkgate-2.1+repack/src/verga/mitem.c:325:20: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. default : p += sprintf(p,"illegal0"); break; data/tkgate-2.1+repack/src/verga/mitem.c:327:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,", "); data/tkgate-2.1+repack/src/verga/mitem.c:330:30: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case NT_P_HIGHZ1 : p += sprintf(p,"highz1"); break; data/tkgate-2.1+repack/src/verga/mitem.c:331:30: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case NT_P_WEAK1 : p += sprintf(p,"weak1"); break; data/tkgate-2.1+repack/src/verga/mitem.c:332:30: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case NT_P_PULL1 : p += sprintf(p,"pull1"); break; data/tkgate-2.1+repack/src/verga/mitem.c:333:30: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case NT_P_STRONG1 : p += sprintf(p,"strong1"); break; data/tkgate-2.1+repack/src/verga/mitem.c:334:30: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case NT_P_SUPPLY1 : p += sprintf(p,"supply1"); break; data/tkgate-2.1+repack/src/verga/mitem.c:335:20: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. default : p += sprintf(p,"illegal1"); break; data/tkgate-2.1+repack/src/verga/mitem.c:355:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/verga/module.c:331:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/verga/module.c:345:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char typeName[STRMAX],rangeExpr[STRMAX]; data/tkgate-2.1+repack/src/verga/module.c:351:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(typeName,"wire"); data/tkgate-2.1+repack/src/verga/module.c:353:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(typeName,"reg"); data/tkgate-2.1+repack/src/verga/module.c:756:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fullName[2*STRMAX]; data/tkgate-2.1+repack/src/verga/net.c:376:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/verga/net.c:503:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/verga/pathmod.c:133:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[STRMAX],localName[STRMAX]; data/tkgate-2.1+repack/src/verga/pathmod.c:166:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char range[256]; data/tkgate-2.1+repack/src/verga/pathmod.c:167:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(range,"%d:%d",msb,lsb); data/tkgate-2.1+repack/src/verga/systask.c:236:12: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. return sprintf(p,"%llu",t); data/tkgate-2.1+repack/src/verga/systask.c:238:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char format[STRMAX]; data/tkgate-2.1+repack/src/verga/systask.c:243:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(format,"%%llu.%%0%dllu",ilog10(x)); data/tkgate-2.1+repack/src/verga/systask.c:258:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fmt[STRMAX]; data/tkgate-2.1+repack/src/verga/systask.c:275:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char oneFmt[STRMAX]; data/tkgate-2.1+repack/src/verga/systask.c:318:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(oneFmt,q,x-q+1); data/tkgate-2.1+repack/src/verga/systask.c:338:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"%%bad-format%%"); data/tkgate-2.1+repack/src/verga/systask.c:347:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[2*STRMAX]; data/tkgate-2.1+repack/src/verga/systask.c:402:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/verga/systask.c:409:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"break %d %d'b",id,Value_nbits(value)); data/tkgate-2.1+repack/src/verga/systask.c:411:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"break %d %d'h",id,Value_nbits(value)); data/tkgate-2.1+repack/src/verga/systask.c:415:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(p," @ %llu",Q->eq_curTime); data/tkgate-2.1+repack/src/verga/systask.c:543:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char who[STRMAX]; data/tkgate-2.1+repack/src/verga/systask.c:553:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[STRMAX]; data/tkgate-2.1+repack/src/verga/systask.c:594:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char who[STRMAX]; data/tkgate-2.1+repack/src/verga/systask.c:603:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[STRMAX]; data/tkgate-2.1+repack/src/verga/systask.c:635:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[2*STRMAX], *p; data/tkgate-2.1+repack/src/verga/systask.c:763:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX],*p; data/tkgate-2.1+repack/src/verga/systask.c:769:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"error run %llu : ",curTime); data/tkgate-2.1+repack/src/verga/systask.c:771:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"Runtime error: "); data/tkgate-2.1+repack/src/verga/systask.c:842:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX],buf2[STRMAX]; data/tkgate-2.1+repack/src/verga/systask.c:1030:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char state[256]; data/tkgate-2.1+repack/src/verga/systask.c:1212:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[STRMAX]; data/tkgate-2.1+repack/src/verga/systask.c:1239:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/tkgate-2.1+repack/src/verga/systask.c:1264:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[STRMAX]; data/tkgate-2.1+repack/src/verga/systask.c:1306:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fileName[STRMAX]; data/tkgate-2.1+repack/src/verga/systask.c:1354:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fileName[STRMAX]; data/tkgate-2.1+repack/src/verga/systask.c:1384:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fileName[STRMAX]; data/tkgate-2.1+repack/src/verga/systask.c:1420:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fileName[STRMAX]; data/tkgate-2.1+repack/src/verga/systask.c:1477:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fileName[STRMAX]; data/tkgate-2.1+repack/src/verga/systask.c:1501:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(fileName,"w"); data/tkgate-2.1+repack/src/verga/systask.c:1524:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char syscall[STRMAX],*p; data/tkgate-2.1+repack/src/verga/systask.c:1534:19: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. if (i>1) p += sprintf(p,", "); data/tkgate-2.1+repack/src/verga/systask.c:1546:12: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"*-*"); data/tkgate-2.1+repack/src/verga/systask.c:1562:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char syscall[STRMAX],*p; data/tkgate-2.1+repack/src/verga/systask.c:1580:19: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. if (i>1) p += sprintf(p,", "); data/tkgate-2.1+repack/src/verga/systask.c:1592:12: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"*-*"); data/tkgate-2.1+repack/src/verga/task.c:55:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[STRMAX]; data/tkgate-2.1+repack/src/verga/task.c:255:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[STRMAX]; data/tkgate-2.1+repack/src/verga/thyme.c:138:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/verga/thyme.c:145:28: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (*name == '/') return fopen(name,"r"); data/tkgate-2.1+repack/src/verga/thyme.c:155:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((f = fopen(buf,"r"))) return f; data/tkgate-2.1+repack/src/verga/thyme.c:163:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((f = fopen(name,"r"))) data/tkgate-2.1+repack/src/verga/thyme.c:173:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((f = fopen(buf,"r"))) return f; data/tkgate-2.1+repack/src/verga/thyme.c:395:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char u1[STRMAX],u2[STRMAX]; data/tkgate-2.1+repack/src/verga/thyme.c:416:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char units[STRMAX]; data/tkgate-2.1+repack/src/verga/thyme.c:431:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *argv[3]; data/tkgate-2.1+repack/src/verga/value.c:975:12: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. return sprintf(p,":%d:",x); data/tkgate-2.1+repack/src/verga/value.c:1025:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str,"%u",S->one[0]&LMASK(Value_nbits(S))); data/tkgate-2.1+repack/src/verga/value.c:1034:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str,"ERROR"); data/tkgate-2.1+repack/src/verga/value.c:1044:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(p,"%u",S->one[0]&LMASK(Value_nbits(S))); data/tkgate-2.1+repack/src/verga/value.c:1047:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(p,"%u",S->one[0]&LMASK(Value_nbits(S))); data/tkgate-2.1+repack/src/verga/value.c:1049:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(p,"%llu",((((simtime_t)S->one[1]&LMASK(S->nbits-SSWORDSIZE)) << 32) | S->one[0])); data/tkgate-2.1+repack/src/verga/value.c:1062:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"%d'd",Value_nbits(S)); data/tkgate-2.1+repack/src/verga/value.c:1066:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(p,"%u",S->one[0]&LMASK(Value_nbits(S))); data/tkgate-2.1+repack/src/verga/value.c:1120:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"%d'b",Value_nbits(S)); data/tkgate-2.1+repack/src/verga/value.c:1142:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"%d'o",N); data/tkgate-2.1+repack/src/verga/value.c:1164:12: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"%d",d); data/tkgate-2.1+repack/src/verga/value.c:1185:12: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. return sprintf(p,"NaN"); data/tkgate-2.1+repack/src/verga/value.c:1189:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. return sprintf(p,"%g",n); data/tkgate-2.1+repack/src/verga/value.c:1191:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. return sprintf(p,"%f",n); data/tkgate-2.1+repack/src/verga/value.c:1204:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"%d'h",N); data/tkgate-2.1+repack/src/verga/value.c:1229:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"%d",d); data/tkgate-2.1+repack/src/verga/value.c:1231:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p,"%c",d-10+'a'); data/tkgate-2.1+repack/src/verga/value.c:1440:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[STRMAX]; data/tkgate-2.1+repack/src/verga/verilog.c:737:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[STRMAX]; data/tkgate-2.1+repack/src/common/misc.c:54:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return s + strlen(s); data/tkgate-2.1+repack/src/common/misc.c:121:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (*str == '"' && str[strlen(str) - 1] == '"') { data/tkgate-2.1+repack/src/common/misc.c:214:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int ol = strlen(old_str); data/tkgate-2.1+repack/src/common/misc.c:215:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int nl = strlen(new_str); data/tkgate-2.1+repack/src/common/misc.c:216:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int sl = strlen(s); data/tkgate-2.1+repack/src/common/misc.c:242:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(buf + 1, buf, strlen(buf) + 1); data/tkgate-2.1+repack/src/common/misc.c:433:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(s) == 0) data/tkgate-2.1+repack/src/common/misc.c:587:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int l = strlen(s); data/tkgate-2.1+repack/src/common/ycmalloc.c:108:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). L = strlen(S); data/tkgate-2.1+repack/src/tkgate/ascii.c:134:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(buf,ps,STRMAX); data/tkgate-2.1+repack/src/tkgate/ascii.c:175:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(buf,ps,STRMAX); data/tkgate-2.1+repack/src/tkgate/ascii.c:209:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). x_w = GKTextWidth(F,S,strlen(S)); data/tkgate-2.1+repack/src/tkgate/ascii.c:223:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). x_w = GKTextWidth(F,S,strlen(S)); data/tkgate-2.1+repack/src/tkgate/ascii.c:238:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). GKDrawString(painter,gc,x,y,S,strlen(S)); data/tkgate-2.1+repack/src/tkgate/ascii.c:358:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(toString,fromString,len); data/tkgate-2.1+repack/src/tkgate/ascii.c:367:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). inSize = strlen(fromString); data/tkgate-2.1+repack/src/tkgate/ascii.c:374:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(toString,fromString,len); data/tkgate-2.1+repack/src/tkgate/ascii.c:402:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). inSize = strlen(fromString); data/tkgate-2.1+repack/src/tkgate/ascii.c:446:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(toString,fromString,len); data/tkgate-2.1+repack/src/tkgate/block.c:914:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int l = strlen(value); data/tkgate-2.1+repack/src/tkgate/block.c:1312:5: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(1); data/tkgate-2.1+repack/src/tkgate/block.c:1945:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int len = strlen(name); data/tkgate-2.1+repack/src/tkgate/block.c:1977:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int len = strlen(name); data/tkgate-2.1+repack/src/tkgate/block.c:1991:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int len = strlen(name); data/tkgate-2.1+repack/src/tkgate/circuit.c:267:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(p,p+1,strlen(p)); data/tkgate-2.1+repack/src/tkgate/comment.c:153:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). x += strlen(x); data/tkgate-2.1+repack/src/tkgate/cpath.c:313:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). l = strlen(modPath); data/tkgate-2.1+repack/src/tkgate/cpath.c:315:5: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(modPath,"."); data/tkgate-2.1+repack/src/tkgate/cpath.c:655:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *p = buf+strlen(buf); data/tkgate-2.1+repack/src/tkgate/decoder.c:519:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). s += strlen(s); data/tkgate-2.1+repack/src/tkgate/demux.c:515:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). s += strlen(s); data/tkgate-2.1+repack/src/tkgate/edit.c:867:8: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. p += sprintf(p,"\n"); data/tkgate-2.1+repack/src/tkgate/edit.c:973:7: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. p += sprintf(p," "); data/tkgate-2.1+repack/src/tkgate/edit.c:985:12: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. p += sprintf(p,"\n"); data/tkgate-2.1+repack/src/tkgate/edit.c:1004:10: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. p += sprintf(p,"\n"); data/tkgate-2.1+repack/src/tkgate/editstate.c:76:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strncmp(g->u.block.moduleName,prefix,strlen(prefix)) != 0) data/tkgate-2.1+repack/src/tkgate/editstate.c:111:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strncmp(cg->u.block.moduleName,prefix,strlen(prefix)) == 0) data/tkgate-2.1+repack/src/tkgate/editstate.c:727:3: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. sprintf(p,"/"); data/tkgate-2.1+repack/src/tkgate/editstate.c:728:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p = p + strlen(p); data/tkgate-2.1+repack/src/tkgate/editstate.c:739:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p = p + strlen(p); data/tkgate-2.1+repack/src/tkgate/editstate.c:877:7: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(buf,"-"); data/tkgate-2.1+repack/src/tkgate/editstate.c:878:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return buf + strlen(buf); data/tkgate-2.1+repack/src/tkgate/error.c:693:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(p,p+1,strlen(p)); data/tkgate-2.1+repack/src/tkgate/expr.c:460:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(e->lit) >= n) data/tkgate-2.1+repack/src/tkgate/expr.c:464:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return strlen(s); data/tkgate-2.1+repack/src/tkgate/expr.c:466:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(e->lit)+strlen(e->l->lit)+2 >= n) data/tkgate-2.1+repack/src/tkgate/expr.c:466:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(e->lit)+strlen(e->l->lit)+2 >= n) data/tkgate-2.1+repack/src/tkgate/expr.c:475:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(buf) >= n) data/tkgate-2.1+repack/src/tkgate/expr.c:479:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return strlen(s); data/tkgate-2.1+repack/src/tkgate/expr.c:496:10: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. s += sprintf(s,"(");n--; data/tkgate-2.1+repack/src/tkgate/expr.c:501:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). s += sprintf(s,"%s",findSymbol(e->op));n -= strlen(s); data/tkgate-2.1+repack/src/tkgate/expr.c:506:10: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. s += sprintf(s,")"); data/tkgate-2.1+repack/src/tkgate/expr.c:508:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return strlen(start); data/tkgate-2.1+repack/src/tkgate/expr.c:514:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return strlen(start); data/tkgate-2.1+repack/src/tkgate/expr.c:520:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return strlen(start); data/tkgate-2.1+repack/src/tkgate/gates.c:725:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (sscanf(portName+strlen(gi->Pad[i].name),"%d",&k) != 1) k = 0; data/tkgate-2.1+repack/src/tkgate/gates.c:809:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int L = strlen(func); data/tkgate-2.1+repack/src/tkgate/gates.c:1072:10: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. p += sprintf(p,"N"); /* All outputs inverted, just attach an N */ data/tkgate-2.1+repack/src/tkgate/gates.c:1111:7: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. p += sprintf(p,"_"); data/tkgate-2.1+repack/src/tkgate/gates.c:1145:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int len = strlen(TkGate.circuit->c_gatePrefix); data/tkgate-2.1+repack/src/tkgate/gates.c:1164:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). name += strlen(gcs->gc_invSpec)+1; data/tkgate-2.1+repack/src/tkgate/gates.c:1193:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(gcs->gc_invSpec,"N"); data/tkgate-2.1+repack/src/tkgate/generic.c:113:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p += strlen(p); data/tkgate-2.1+repack/src/tkgate/generic.c:504:12: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. p += sprintf(p,"}"); data/tkgate-2.1+repack/src/tkgate/hdl.c:55:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(s1) != n) return 0; data/tkgate-2.1+repack/src/tkgate/hdl.c:217:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int new_len = strlen(new_name); data/tkgate-2.1+repack/src/tkgate/hdl.c:219:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int src_len = strlen(src_text); data/tkgate-2.1+repack/src/tkgate/hdl.c:291:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(modName, module_data[i].name, module_data[i].name_len); data/tkgate-2.1+repack/src/tkgate/hdl.c:293:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p = modName + strlen(modName); data/tkgate-2.1+repack/src/tkgate/hdl.c:391:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). module_data[0].name_len = strlen(M->m_name); data/tkgate-2.1+repack/src/tkgate/hdl.c:392:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). module_data[0].endmodule_line = M->m_text + strlen(M->m_text); data/tkgate-2.1+repack/src/tkgate/html.c:494:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(hu->hu_text,text,len); data/tkgate-2.1+repack/src/tkgate/html.c:615:12: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. p += sprintf(p," "); data/tkgate-2.1+repack/src/tkgate/html.c:679:12: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. p += sprintf(p," "); data/tkgate-2.1+repack/src/tkgate/html.c:749:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). l = strlen(line); data/tkgate-2.1+repack/src/tkgate/html.c:924:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). Html_addUnit(h,new_HtmlUnit(text,strlen(text),h->h_context)); data/tkgate-2.1+repack/src/tkgate/html.c:1101:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (pretag) Html_processTag(h,pretag,strlen(pretag)); data/tkgate-2.1+repack/src/tkgate/html.c:1102:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). Html_addUnit(h,new_HtmlUnit(text,strlen(text),h->h_context)); data/tkgate-2.1+repack/src/tkgate/html.c:1103:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (posttag) Html_processTag(h,posttag,strlen(posttag)); data/tkgate-2.1+repack/src/tkgate/html.c:1140:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!q) q = p + strlen(p); data/tkgate-2.1+repack/src/tkgate/html.c:1153:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!q) q = p + strlen(p); data/tkgate-2.1+repack/src/tkgate/html.c:1272:61: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). hu->hu_width = HtmlContext_stringWidth(hc,hu->hu_text,strlen(hu->hu_text)); data/tkgate-2.1+repack/src/tkgate/html.c:1379:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(hu->hu_text)/2 ); data/tkgate-2.1+repack/src/tkgate/html.c:1391:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(hu->hu_text) ); data/tkgate-2.1+repack/src/tkgate/hyperlink.c:106:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(p+strlen(url),p+2,strlen(p)-1); data/tkgate-2.1+repack/src/tkgate/hyperlink.c:106:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(p+strlen(url),p+2,strlen(p)-1); data/tkgate-2.1+repack/src/tkgate/hyperlink.c:107:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(p,url,strlen(url)); data/tkgate-2.1+repack/src/tkgate/hyperlink.c:141:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(p+strlen(url),p+2,strlen(p)-1); data/tkgate-2.1+repack/src/tkgate/hyperlink.c:141:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(p+strlen(url),p+2,strlen(p)-1); data/tkgate-2.1+repack/src/tkgate/hyperlink.c:142:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(p,url,strlen(url)); data/tkgate-2.1+repack/src/tkgate/hyperlink.c:171:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(file+3,file,strlen(file)+1); data/tkgate-2.1+repack/src/tkgate/hyperlink.c:242:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). temp_a = (char**)malloc(sizeof(char*)*strlen(temp_s)); // Probably way more than we need data/tkgate-2.1+repack/src/tkgate/igenerate.c:191:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). endA = nameA + strlen(nameA); data/tkgate-2.1+repack/src/tkgate/igenerate.c:192:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). endB = nameB + strlen(nameB); data/tkgate-2.1+repack/src/tkgate/igenerate.c:513:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int w = GKTextWidth(TkGate.stextbXF[1],name,strlen(name)); data/tkgate-2.1+repack/src/tkgate/igenerate.c:1088:56: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). labelWidth = GKTextWidth(TkGate.textbXF[1],M->m_name,strlen(M->m_name)); data/tkgate-2.1+repack/src/tkgate/igenerate.c:1103:56: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). w = GKTextWidth(TkGate.stextbXF[1],igp->igp_name,strlen(igp->igp_name)); data/tkgate-2.1+repack/src/tkgate/locale.c:50:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). l = strlen(p); data/tkgate-2.1+repack/src/tkgate/locale.c:206:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(lang,p,1024); data/tkgate-2.1+repack/src/tkgate/locale.c:220:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(lang) >= 5) { data/tkgate-2.1+repack/src/tkgate/module.c:753:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int size = strlen(text) + 1; data/tkgate-2.1+repack/src/tkgate/net.c:548:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p = buf + strlen(buf); data/tkgate-2.1+repack/src/tkgate/net.c:654:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return strlen(label); data/tkgate-2.1+repack/src/tkgate/net.c:768:88: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n->n_labelWidth = GKTextWidth(TkGate.stextbXF[TkGate.circuit->zoom_factor],label,strlen(label)); data/tkgate-2.1+repack/src/tkgate/object.c:227:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). objm.memusage.actual += strlen(name)+1; data/tkgate-2.1+repack/src/tkgate/object.c:296:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). assert(objm.memusage.actual >= strlen(self->of_name)+1); data/tkgate-2.1+repack/src/tkgate/object.c:297:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). objm.memusage.actual -= strlen(self->of_name)+1; data/tkgate-2.1+repack/src/tkgate/object.c:787:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). assert(objm.memusage.actual >= (strlen(objm.om_cur->of_name)+1)); data/tkgate-2.1+repack/src/tkgate/object.c:788:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). objm.memusage.actual -= strlen(objm.om_cur->of_name)+1; data/tkgate-2.1+repack/src/tkgate/object.c:796:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). objm.memusage.actual += strlen(name)+1; data/tkgate-2.1+repack/src/tkgate/object.c:901:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). assert(objm.memusage.actual >= (strlen(objm.om_cur->of_name)+1)); data/tkgate-2.1+repack/src/tkgate/object.c:902:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). objm.memusage.actual -= strlen(objm.om_cur->of_name)+1; data/tkgate-2.1+repack/src/tkgate/object.c:908:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). objm.memusage.actual += strlen(name)+1; data/tkgate-2.1+repack/src/tkgate/object.c:1003:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int l = strlen(s); data/tkgate-2.1+repack/src/tkgate/paux.c:295:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buf[strlen(buf)-1] = 0; data/tkgate-2.1+repack/src/tkgate/paux.c:302:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(p,p+1,strlen(p+1)+1); data/tkgate-2.1+repack/src/tkgate/primitives.c:127:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p->p_end = body + strlen(body); data/tkgate-2.1+repack/src/tkgate/print.c:1240:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(line,c,e-c); data/tkgate-2.1+repack/src/tkgate/print.c:1436:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p += strlen(p); data/tkgate-2.1+repack/src/tkgate/ram.c:186:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strspn(p," ") != strlen(p)) data/tkgate-2.1+repack/src/tkgate/scope.c:248:57: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). width = GKTextWidth(TkGate.stextXF[1],V->v_hexValue,strlen(V->v_hexValue)); data/tkgate-2.1+repack/src/tkgate/scope.c:267:72: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). GatePainter_drawString(TkGate.painterScopeW, gc,x+2,y-ScopeLOW-3,s,strlen(s)); data/tkgate-2.1+repack/src/tkgate/scope.c:274:78: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). GatePainter_drawString(TkGate.painterScopeW, gc,x+2,y-ScopeLOW-3,new_dpy,strlen(new_dpy)); data/tkgate-2.1+repack/src/tkgate/scope.c:632:61: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). while ((w = GKTextWidth(TkGate.textXF[1],T->t_visName,strlen(T->t_visName))) > ScopeLEFTMARGIN-10) { data/tkgate-2.1+repack/src/tkgate/scope.c:656:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). T->t_visName,strlen(T->t_visName)); data/tkgate-2.1+repack/src/tkgate/scope.c:918:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). 10,y,buf,strlen(buf)); data/tkgate-2.1+repack/src/tkgate/scope.c:1013:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). text_w = GKTextWidth(TkGate.textXF[1],buf,strlen(buf))/2; data/tkgate-2.1+repack/src/tkgate/scope.c:1016:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). y,buf,strlen(buf)); data/tkgate-2.1+repack/src/tkgate/scope.c:1021:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). text_w = GKTextWidth(TkGate.textXF[1],units_s,strlen(units_s)); data/tkgate-2.1+repack/src/tkgate/scope.c:1024:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). y+15,units_s,strlen(units_s)); data/tkgate-2.1+repack/src/tkgate/scope.c:1096:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). 20,H/2,buf,strlen(buf)); data/tkgate-2.1+repack/src/tkgate/search.c:250:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). target_len = strlen(target); data/tkgate-2.1+repack/src/tkgate/search.c:257:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). target_len = strlen(target); data/tkgate-2.1+repack/src/tkgate/search.c:258:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). text_len = strlen(text); data/tkgate-2.1+repack/src/tkgate/selection.c:704:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). GModuleDef_allocText(cbm, strlen(cbm->m_text) + strlen(Tcl_GetStringResult(TkGate.tcl)) + 1); data/tkgate-2.1+repack/src/tkgate/selection.c:704:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). GModuleDef_allocText(cbm, strlen(cbm->m_text) + strlen(Tcl_GetStringResult(TkGate.tcl)) + 1); data/tkgate-2.1+repack/src/tkgate/simulate.c:59:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int d = strlen(A); data/tkgate-2.1+repack/src/tkgate/simulate.c:81:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int len = strlen(A); /* Length of string */ data/tkgate-2.1+repack/src/tkgate/simulate.c:122:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int len = strlen(A); /* Length of string */ data/tkgate-2.1+repack/src/tkgate/simulate.c:965:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *nend = name + strlen(name); data/tkgate-2.1+repack/src/tkgate/simulate.c:989:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *nend = name + strlen(name); data/tkgate-2.1+repack/src/tkgate/simulate.c:1376:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p = path+strlen(path); data/tkgate-2.1+repack/src/tkgate/simulate.c:1381:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p += strlen(p); data/tkgate-2.1+repack/src/tkgate/simulate.c:1570:5: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(buf,"."); data/tkgate-2.1+repack/src/tkgate/tclfuncs.c:51:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). l = strlen(p); data/tkgate-2.1+repack/src/tkgate/tclfuncs.c:678:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). C = strlen(printerList); data/tkgate-2.1+repack/src/tkgate/tclfuncs.c:701:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). l = strlen(shortName) + strlen(longName) + 6; data/tkgate-2.1+repack/src/tkgate/tclfuncs.c:701:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). l = strlen(shortName) + strlen(longName) + 6; data/tkgate-2.1+repack/src/tkgate/tclfuncs.c:1125:52: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strncmp(modName,TkGate.circuit->c_gatePrefix,strlen(TkGate.circuit->c_gatePrefix)) == 0) { data/tkgate-2.1+repack/src/tkgate/tclfuncs.c:2293:5: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. sprintf(res,"0"); data/tkgate-2.1+repack/src/tkgate/tclfuncs.c:3106:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). l += strlen(techs[i])+1; data/tkgate-2.1+repack/src/tkgate/tkgate.c:351:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(str,str+1,strlen(str)); data/tkgate-2.1+repack/src/tkgate/tkgate.c:352:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). l = strlen(str); data/tkgate-2.1+repack/src/tkgate/tkgate.c:494:7: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(sval,"1"); data/tkgate-2.1+repack/src/tkgate/tkgate.c:501:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = strlen(name); data/tkgate-2.1+repack/src/tkgate/tkgate.c:582:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(lang) > 100) { data/tkgate-2.1+repack/src/tkgate/tkgate.c:672:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). print_options = realloc(print_options,strlen(print_options)+strlen(optarg)+2); data/tkgate-2.1+repack/src/tkgate/tkgate.c:672:64: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). print_options = realloc(print_options,strlen(print_options)+strlen(optarg)+2); data/tkgate-2.1+repack/src/tkgate/tkgate.c:673:4: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(print_options,":"); data/tkgate-2.1+repack/src/tkgate/tkgate.c:975:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(p,p+1,strlen(p+1)+1); data/tkgate-2.1+repack/src/tkgate/tkgate.c:983:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(p,p+3,strlen(p+3)+1); data/tkgate-2.1+repack/src/tkgate/tkgate.c:990:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(q,p+3,strlen(p+3)+1); data/tkgate-2.1+repack/src/tkgate/tkgate.c:995:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(p,p+2,strlen(p+2)+1); data/tkgate-2.1+repack/src/tkgate/tkgatewin.c:1129:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). objv[0] = Tcl_NewStringObj(cmd,strlen(cmd)); data/tkgate-2.1+repack/src/tkgate/tkgatewin.c:1135:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). objv[n] = Tcl_NewStringObj(s,strlen(s)); data/tkgate-2.1+repack/src/tkgate/tkgatewin.c:1162:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). objv[0] = Tcl_NewStringObj(cmd,strlen(cmd)); data/tkgate-2.1+repack/src/tkgate/tkgatewin.c:1166:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). objv[n] = Tcl_NewStringObj(args[n-1],strlen(args[n-1])); data/tkgate-2.1+repack/src/tkgate/tkgatewin.c:1308:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(fileName)+2 >= size) data/tkgate-2.1+repack/src/tkgate/tkgatewin.c:1337:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (*p == '#' && p[strlen(p)-1] == '#') data/tkgate-2.1+repack/src/tkgate/verilog_in.c:394:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (p) memmove(libraryName,p+1,strlen(p)); data/tkgate-2.1+repack/src/tkgate/verilog_in.c:479:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). vsprintf(buf+strlen(buf),err,ap); data/tkgate-2.1+repack/src/tkgate/verilog_in.c:481:5: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(buf,"\""); data/tkgate-2.1+repack/src/tkgate/verilog_in.c:486:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). vsprintf(buf+strlen(buf),err,ap); data/tkgate-2.1+repack/src/tkgate/verilog_in.c:502:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(V->str,version,sizeof(V->str)); data/tkgate-2.1+repack/src/tkgate/verilog_in.c:738:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). TkGate.defaultTech = Tcl_Alloc(strlen(value)+1); data/tkgate-2.1+repack/src/tkgate/verilog_in.c:867:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int L = strlen(data); data/tkgate-2.1+repack/src/tkgate/verilog_in.c:1041:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). Expr_sprint(p,STRMAX-strlen(buf),e); data/tkgate-2.1+repack/src/tkgate/verilog_in.c:1084:12: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. p += sprintf(p,"("); data/tkgate-2.1+repack/src/tkgate/verilog_in.c:1091:12: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. p += sprintf(p,")"); data/tkgate-2.1+repack/src/tkgate/verilog_in.c:1094:10: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. p += sprintf(p,";"); data/tkgate-2.1+repack/src/tkgate/verilog_in.c:1372:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). mlen = strlen(cur.mod->m_text); data/tkgate-2.1+repack/src/tkgate/verilog_in.c:1373:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). alen = strlen(text); data/tkgate-2.1+repack/src/tkgate/verilog_in.c:1468:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(p+2,p,strlen(p)+1); data/tkgate-2.1+repack/src/tkgate/verilog_in.c:1477:7: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(cur.invSpec,""); data/tkgate-2.1+repack/src/tkgate/verilog_in.c:2029:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). l = strlen(name); data/tkgate-2.1+repack/src/tkgate/verilog_in.c:2075:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(dtext) > STRMAX) return; data/tkgate-2.1+repack/src/tkgate/verilog_out.c:483:4: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(data),x,y); data/tkgate-2.1+repack/src/tkgate/verilog_out.c:495:4: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(data),x,y); data/tkgate-2.1+repack/src/tkgate/verilog_out.c:647:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (M->m_text && strlen(M->m_text) > 0) { data/tkgate-2.1+repack/src/tkgate/verilog_out.c:648:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *last = M->m_text + strlen(M->m_text) - 1; data/tkgate-2.1+repack/src/tkgate/verilog_out.c:667:46: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strncmp(g->u.block.moduleName,prefix,strlen(prefix)) == 0) data/tkgate-2.1+repack/src/tkgate/verilog_out.c:865:17: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while ((c = fgetc(inf)) != EOF) { data/tkgate-2.1+repack/src/tkgate/verilog_out.c:965:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(name) > STRMAX) return 0; data/tkgate-2.1+repack/src/tkgate/verilog_out.c:970:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(dirName,"."); data/tkgate-2.1+repack/src/tkgate/verilog_out.c:976:7: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(dirName,"/"); data/tkgate-2.1+repack/src/tkgate/verilog_out.c:1050:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p = buf+strlen(buf); data/tkgate-2.1+repack/src/tkgate/verilog_out.c:1052:2: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(p,"~"); data/tkgate-2.1+repack/src/tools/msgdiff.c:71:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). l = strlen(p); data/tkgate-2.1+repack/src/tools/msgdiff.c:243:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). em->m_str = malloc(strlen(nm->m_str) + sizeof("TODO: ") + 1); data/tkgate-2.1+repack/src/tools/msgdiff.c:277:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). em->m_str = malloc(strlen(nm->m_str) + sizeof("TODO: ") + 1); data/tkgate-2.1+repack/src/tools/mvtag.c:55:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int l1 = strlen(tag); data/tkgate-2.1+repack/src/tools/mvtag.c:56:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int l2 = strlen(newTag); data/tkgate-2.1+repack/src/tools/mvtag.c:58:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(p+l2,p+l1,strlen(p+l1)+1); data/tkgate-2.1+repack/src/verga/circuit.c:1117:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *fullName = (char*) malloc(strlen(c->c_root->mc_path)+strlen(name)+2); data/tkgate-2.1+repack/src/verga/circuit.c:1117:64: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *fullName = (char*) malloc(strlen(c->c_root->mc_path)+strlen(name)+2); data/tkgate-2.1+repack/src/verga/error.c:278:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int l = strlen(ed->ed_tag) + 10; data/tkgate-2.1+repack/src/verga/error.c:605:12: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. p += sprintf(p," "); data/tkgate-2.1+repack/src/verga/expr.c:399:8: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. p += sprintf(p,","); data/tkgate-2.1+repack/src/verga/expr.c:432:12: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. p += sprintf(p,"*"); data/tkgate-2.1+repack/src/verga/expr.c:433:10: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. p += sprintf(p,")"); data/tkgate-2.1+repack/src/verga/expr.c:441:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p += strlen(p); data/tkgate-2.1+repack/src/verga/expr.c:444:10: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. p += sprintf(p,"{"); data/tkgate-2.1+repack/src/verga/expr.c:449:12: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. p += sprintf(p,"{"); data/tkgate-2.1+repack/src/verga/expr.c:451:12: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. p += sprintf(p,"}"); data/tkgate-2.1+repack/src/verga/expr.c:453:10: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. p += sprintf(p,"}"); data/tkgate-2.1+repack/src/verga/expr.c:456:10: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. p += sprintf(p,"{"); data/tkgate-2.1+repack/src/verga/expr.c:458:10: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. p += sprintf(p,"}"); data/tkgate-2.1+repack/src/verga/expr.c:464:10: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. p += sprintf(p,"["); data/tkgate-2.1+repack/src/verga/expr.c:468:7: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. p += sprintf(p,":"); data/tkgate-2.1+repack/src/verga/expr.c:476:10: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. p += sprintf(p,"]"); data/tkgate-2.1+repack/src/verga/expr.c:495:55: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. if (opr_od && opr_od->od_plev > od->od_plev) p += sprintf(p,"("); data/tkgate-2.1+repack/src/verga/expr.c:497:55: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. if (opr_od && opr_od->od_plev > od->od_plev) p += sprintf(p,")"); data/tkgate-2.1+repack/src/verga/expr.c:508:55: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. if (opr_od && opr_od->od_plev > od->od_plev) p += sprintf(p,"("); data/tkgate-2.1+repack/src/verga/expr.c:510:55: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. if (opr_od && opr_od->od_plev > od->od_plev) p += sprintf(p,")"); data/tkgate-2.1+repack/src/verga/expr.c:521:55: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. if (opr_od && opr_od->od_plev > od->od_plev) p += sprintf(p,"("); data/tkgate-2.1+repack/src/verga/expr.c:523:55: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. if (opr_od && opr_od->od_plev > od->od_plev) p += sprintf(p,")"); data/tkgate-2.1+repack/src/verga/io.c:69:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). l = strlen(buf); data/tkgate-2.1+repack/src/verga/io.c:160:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = read(0,cmdin_q,STRMAX-(cmdin_q-cmdin_buf)); data/tkgate-2.1+repack/src/verga/mitem.c:337:10: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. p += sprintf(p,")"); data/tkgate-2.1+repack/src/verga/module.c:123:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *tempName = (char*)malloc(strlen(s->s_path)+strlen(name)+2); data/tkgate-2.1+repack/src/verga/module.c:123:54: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *tempName = (char*)malloc(strlen(s->s_path)+strlen(name)+2); data/tkgate-2.1+repack/src/verga/multint.c:290:5: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. sprintf(buf,"0"); data/tkgate-2.1+repack/src/verga/paux.c:256:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(S) <= 9) { data/tkgate-2.1+repack/src/verga/paux.c:260:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). yylval.S = (char *) yc_malloc(strlen(S)+3,ALGN_BYTE); data/tkgate-2.1+repack/src/verga/paux.c:275:5: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). S[strlen(S)-1] = 0; data/tkgate-2.1+repack/src/verga/paux.c:298:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(S,S+1,strlen(S+1)+1); data/tkgate-2.1+repack/src/verga/systask.c:115:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int path_len = strlen(path); data/tkgate-2.1+repack/src/verga/systask.c:118:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(s+path_len,s+2,strlen(s+2)+1); data/tkgate-2.1+repack/src/verga/systask.c:227:12: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. return sprintf(p,"x"); data/tkgate-2.1+repack/src/verga/systask.c:322:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p += strlen(p); data/tkgate-2.1+repack/src/verga/systask.c:412:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p = buf + strlen(buf); data/tkgate-2.1+repack/src/verga/systask.c:414:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p += strlen(p); data/tkgate-2.1+repack/src/verga/systask.c:650:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p += strlen(p); data/tkgate-2.1+repack/src/verga/systask.c:659:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p += strlen(p); data/tkgate-2.1+repack/src/verga/systask.c:1539:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p += strlen(p); data/tkgate-2.1+repack/src/verga/systask.c:1543:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p += strlen(p); data/tkgate-2.1+repack/src/verga/systask.c:1550:8: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. p += sprintf(p,")"); data/tkgate-2.1+repack/src/verga/systask.c:1585:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p += strlen(p); data/tkgate-2.1+repack/src/verga/systask.c:1589:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p += strlen(p); data/tkgate-2.1+repack/src/verga/systask.c:1596:8: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. p += sprintf(p,")"); data/tkgate-2.1+repack/src/verga/thyme.c:171:5: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(buf,"/"); data/tkgate-2.1+repack/src/verga/thyme.c:524:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strncmp(optarg, "v1995", strlen("v1995")) == 0) data/tkgate-2.1+repack/src/verga/thyme.c:526:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if (strncmp(optarg, "v2001", strlen("v2001")) == 0) data/tkgate-2.1+repack/src/verga/value.c:596:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int d = strlen(A); data/tkgate-2.1+repack/src/verga/value.c:621:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int d = strlen(A); data/tkgate-2.1+repack/src/verga/value.c:667:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int d = strlen(A); data/tkgate-2.1+repack/src/verga/value.c:717:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int l = strlen(p); data/tkgate-2.1+repack/src/verga/value.c:938:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int l = strlen(str); data/tkgate-2.1+repack/src/verga/value.c:1016:2: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. sprintf(str, "x"); data/tkgate-2.1+repack/src/verga/value.c:1018:2: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. sprintf(str, "z"); data/tkgate-2.1+repack/src/verga/value.c:1020:2: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. sprintf(str, "X"); data/tkgate-2.1+repack/src/verga/value.c:1022:2: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. sprintf(str, "Z"); data/tkgate-2.1+repack/src/verga/value.c:1053:5: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. sprintf(p,"x"); data/tkgate-2.1+repack/src/verga/value.c:1070:5: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. sprintf(p,"x"); data/tkgate-2.1+repack/src/verga/value.c:1102:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return p + strlen(p); data/tkgate-2.1+repack/src/verga/value.c:1109:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(p,q,strlen(q)+1); data/tkgate-2.1+repack/src/verga/value.c:1110:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return p + strlen(p); data/tkgate-2.1+repack/src/verga/value.c:1167:7: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. p += sprintf(p,"("); data/tkgate-2.1+repack/src/verga/value.c:1171:7: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. p += sprintf(p,")"); data/tkgate-2.1+repack/src/verga/value.c:1173:7: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. p += sprintf(p,"?"); data/tkgate-2.1+repack/src/verga/value.c:1234:7: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. p += sprintf(p,"("); data/tkgate-2.1+repack/src/verga/value.c:1239:7: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. p += sprintf(p,")"); data/tkgate-2.1+repack/src/verga/value.c:1241:7: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. p += sprintf(p,"?"); data/tkgate-2.1+repack/src/verga/value.c:1343:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char *x = fmt + strlen(fmt) - 1; data/tkgate-2.1+repack/src/verga/value.c:1409:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p_len = strlen(p); ANALYSIS SUMMARY: Hits = 1364 Lines analyzed = 95022 in approximately 2.68 seconds (35479 lines/second) Physical Source Lines of Code (SLOC) = 62304 Hits@level = [0] 1487 [1] 275 [2] 672 [3] 18 [4] 399 [5] 0 Hits@level+ = [0+] 2851 [1+] 1364 [2+] 1089 [3+] 417 [4+] 399 [5+] 0 Hits/KSLOC@level+ = [0+] 45.7595 [1+] 21.8927 [2+] 17.4788 [3+] 6.69299 [4+] 6.40408 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.