Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/tokyotyrant-1.1.40/example/tcrdbex.c
Examining data/tokyotyrant-1.1.40/example/tcrdbtblex.c
Examining data/tokyotyrant-1.1.40/myconf.c
Examining data/tokyotyrant-1.1.40/scrext.c
Examining data/tokyotyrant-1.1.40/scrext.h
Examining data/tokyotyrant-1.1.40/tcrdb.c
Examining data/tokyotyrant-1.1.40/tcrdb.h
Examining data/tokyotyrant-1.1.40/tcrmttest.c
Examining data/tokyotyrant-1.1.40/tcrtest.c
Examining data/tokyotyrant-1.1.40/tculog.c
Examining data/tokyotyrant-1.1.40/tculog.h
Examining data/tokyotyrant-1.1.40/ttskeldir.c
Examining data/tokyotyrant-1.1.40/ttskelmock.c
Examining data/tokyotyrant-1.1.40/ttskelnull.c
Examining data/tokyotyrant-1.1.40/ttskelproxy.c
Examining data/tokyotyrant-1.1.40/ttulmgr.c
Examining data/tokyotyrant-1.1.40/ttultest.c
Examining data/tokyotyrant-1.1.40/myconf.h
Examining data/tokyotyrant-1.1.40/ttutil.h
Examining data/tokyotyrant-1.1.40/ttutil.c
Examining data/tokyotyrant-1.1.40/tcrmgr.c
Examining data/tokyotyrant-1.1.40/ttserver.c
FINAL RESULTS:
data/tokyotyrant-1.1.40/tcrmttest.c:133:3: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf(format, ap);
data/tokyotyrant-1.1.40/tcrtest.c:106:3: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf(format, ap);
data/tokyotyrant-1.1.40/ttserver.c:2106:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
wp += sprintf(wp, "version\t%s\n", ttversion);
data/tokyotyrant-1.1.40/ttserver.c:2108:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
wp += sprintf(wp, "protver\t%s\n", _TT_PROTVER);
data/tokyotyrant-1.1.40/ttserver.c:2109:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
wp += sprintf(wp, "os\t%s\n", TTSYSNAME);
data/tokyotyrant-1.1.40/ttserver.c:2124:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
if(path) wp += sprintf(wp, "path\t%s\n", path);
data/tokyotyrant-1.1.40/ttserver.c:2142:23: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
if(fatal) wp += sprintf(wp, "fatal\t%s\n", emsg);
data/tokyotyrant-1.1.40/ttserver.c:2148:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
wp += sprintf(wp, "mhost\t%s\n", sarg->host);
data/tokyotyrant-1.1.40/ttserver.c:2159:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
if(vbuf) wp += sprintf(wp, "memsize\t%s\n", vbuf);
data/tokyotyrant-1.1.40/ttserver.c:2161:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
if(vbuf) wp += sprintf(wp, "memrss\t%s\n", vbuf);
data/tokyotyrant-1.1.40/ttserver.c:2163:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
if(vbuf) wp += sprintf(wp, "ru_user\t%s\n", vbuf);
data/tokyotyrant-1.1.40/ttserver.c:2165:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
if(vbuf) wp += sprintf(wp, "ru_sys\t%s\n", vbuf);
data/tokyotyrant-1.1.40/ttserver.c:2846:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
wp += sprintf(wp, "STAT version %s\r\n", ttversion);
data/tokyotyrant-1.1.40/ttserver.c:2928:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
len = sprintf(stack, "VERSION %s\r\n", ttversion);
data/tokyotyrant-1.1.40/ttultest.c:82:3: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf(format, ap);
data/tokyotyrant-1.1.40/ttutil.c:396:20: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
tlen = sprintf(tbuf, cbuf, va_arg(ap, long long));
data/tokyotyrant-1.1.40/ttutil.c:398:20: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
tlen = sprintf(tbuf, cbuf, va_arg(ap, long));
data/tokyotyrant-1.1.40/ttutil.c:400:20: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
tlen = sprintf(tbuf, cbuf, va_arg(ap, int));
data/tokyotyrant-1.1.40/ttutil.c:406:20: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
tlen = sprintf(tbuf, cbuf, va_arg(ap, unsigned long long));
data/tokyotyrant-1.1.40/ttutil.c:408:20: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
tlen = sprintf(tbuf, cbuf, va_arg(ap, unsigned long));
data/tokyotyrant-1.1.40/ttutil.c:410:20: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
tlen = sprintf(tbuf, cbuf, va_arg(ap, unsigned int));
data/tokyotyrant-1.1.40/ttutil.c:416:20: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
tlen = sprintf(tbuf, cbuf, va_arg(ap, long double));
data/tokyotyrant-1.1.40/ttutil.c:418:20: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
tlen = sprintf(tbuf, cbuf, va_arg(ap, double));
data/tokyotyrant-1.1.40/ttutil.c:1208:3: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buf, TTIOBUFSIZ, format, ap);
data/tokyotyrant-1.1.40/tcrmttest.c:93:3: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand((unsigned int)(tctime() * 1000) % UINT_MAX);
data/tokyotyrant-1.1.40/tcrtest.c:56:3: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand((unsigned int)(tctime() * 1000) % UINT_MAX);
data/tokyotyrant-1.1.40/tcrtest.c:1165:32: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if(myrand(10000) == 0) srand((unsigned int)(tctime() * 1000) % UINT_MAX);
data/tokyotyrant-1.1.40/ttultest.c:49:3: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand((unsigned int)(tctime() * 1000) % UINT_MAX);
data/tokyotyrant-1.1.40/example/tcrdbtblex.c:10:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pkbuf[256];
data/tokyotyrant-1.1.40/example/tcrdbtblex.c:26:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
pksiz = sprintf(pkbuf, "%ld", (long)tcrdbtblgenuid(rdb));
data/tokyotyrant-1.1.40/example/tcrdbtblex.c:35:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
pksiz = sprintf(pkbuf, "12345");
data/tokyotyrant-1.1.40/myconf.h:328:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((signed char *)(TT_buf))[0] = 0; \
data/tokyotyrant-1.1.40/myconf.h:336:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((signed char *)(TT_buf))[(TT_len)] = -_TT_rem - 1; \
data/tokyotyrant-1.1.40/myconf.h:338:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((signed char *)(TT_buf))[(TT_len)] = _TT_rem; \
data/tokyotyrant-1.1.40/myconf.h:350:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((signed char *)(TT_buf))[0] = 0; \
data/tokyotyrant-1.1.40/myconf.h:358:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((signed char *)(TT_buf))[(TT_len)] = -_TT_rem - 1; \
data/tokyotyrant-1.1.40/myconf.h:360:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((signed char *)(TT_buf))[(TT_len)] = _TT_rem; \
data/tokyotyrant-1.1.40/myconf.h:374:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if(((signed char *)(TT_buf))[_TT_i] >= 0){ \
data/tokyotyrant-1.1.40/myconf.h:375:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TT_num += ((signed char *)(TT_buf))[_TT_i] * _TT_base; \
data/tokyotyrant-1.1.40/myconf.h:378:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TT_num += _TT_base * (((signed char *)(TT_buf))[_TT_i] + 1) * -1; \
data/tokyotyrant-1.1.40/myconf.h:392:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if(((signed char *)(TT_buf))[_TT_i] >= 0){ \
data/tokyotyrant-1.1.40/myconf.h:393:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TT_num += ((signed char *)(TT_buf))[_TT_i] * _TT_base; \
data/tokyotyrant-1.1.40/myconf.h:396:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TT_num += _TT_base * (((signed char *)(TT_buf))[_TT_i] + 1) * -1; \
data/tokyotyrant-1.1.40/scrext.c:116:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, myscr->path, psiz);
data/tokyotyrant-1.1.40/scrext.c:119:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, name, nsiz);
data/tokyotyrant-1.1.40/scrext.c:122:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, kbuf, ksiz);
data/tokyotyrant-1.1.40/scrext.c:125:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, vbuf, vsiz);
data/tokyotyrant-1.1.40/scrext.c:1359:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wbuf[TTNUMBUFSIZ], *wp;
data/tokyotyrant-1.1.40/scrext.c:1842:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char obuf[48];
data/tokyotyrant-1.1.40/scrext.c:1847:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char obuf[48];
data/tokyotyrant-1.1.40/tcrdb.c:743:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typestr[TTNUMBUFSIZ];
data/tokyotyrant-1.1.40/tcrdb.c:744:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(typestr, "%d", type);
data/tokyotyrant-1.1.40/tcrdb.c:922:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[TTNUMBUFSIZ];
data/tokyotyrant-1.1.40/tcrdb.c:923:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int len = sprintf(buf, "mstype");
data/tokyotyrant-1.1.40/tcrdb.c:924:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len += 1 + sprintf(buf + len + 1, "%d", type);
data/tokyotyrant-1.1.40/tcrdb.c:1114:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[TTADDRBUFSIZ];
data/tokyotyrant-1.1.40/tcrdb.c:1191:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[TTADDRBUFSIZ];
data/tokyotyrant-1.1.40/tcrdb.c:1256:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/tcrdb.c:1264:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &num, sizeof(uint32_t));
data/tokyotyrant-1.1.40/tcrdb.c:1267:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &num, sizeof(uint32_t));
data/tokyotyrant-1.1.40/tcrdb.c:1269:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, kbuf, ksiz);
data/tokyotyrant-1.1.40/tcrdb.c:1271:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, vbuf, vsiz);
data/tokyotyrant-1.1.40/tcrdb.c:1305:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/tcrdb.c:1313:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &num, sizeof(uint32_t));
data/tokyotyrant-1.1.40/tcrdb.c:1316:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &num, sizeof(uint32_t));
data/tokyotyrant-1.1.40/tcrdb.c:1318:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, kbuf, ksiz);
data/tokyotyrant-1.1.40/tcrdb.c:1320:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, vbuf, vsiz);
data/tokyotyrant-1.1.40/tcrdb.c:1354:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/tcrdb.c:1362:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &num, sizeof(uint32_t));
data/tokyotyrant-1.1.40/tcrdb.c:1365:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &num, sizeof(uint32_t));
data/tokyotyrant-1.1.40/tcrdb.c:1367:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, kbuf, ksiz);
data/tokyotyrant-1.1.40/tcrdb.c:1369:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, vbuf, vsiz);
data/tokyotyrant-1.1.40/tcrdb.c:1405:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/tcrdb.c:1413:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &num, sizeof(uint32_t));
data/tokyotyrant-1.1.40/tcrdb.c:1416:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &num, sizeof(uint32_t));
data/tokyotyrant-1.1.40/tcrdb.c:1419:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &num, sizeof(uint32_t));
data/tokyotyrant-1.1.40/tcrdb.c:1421:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, kbuf, ksiz);
data/tokyotyrant-1.1.40/tcrdb.c:1423:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, vbuf, vsiz);
data/tokyotyrant-1.1.40/tcrdb.c:1457:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/tcrdb.c:1465:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &num, sizeof(uint32_t));
data/tokyotyrant-1.1.40/tcrdb.c:1468:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &num, sizeof(uint32_t));
data/tokyotyrant-1.1.40/tcrdb.c:1470:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, kbuf, ksiz);
data/tokyotyrant-1.1.40/tcrdb.c:1472:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, vbuf, vsiz);
data/tokyotyrant-1.1.40/tcrdb.c:1496:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/tcrdb.c:1504:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &num, sizeof(uint32_t));
data/tokyotyrant-1.1.40/tcrdb.c:1506:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, kbuf, ksiz);
data/tokyotyrant-1.1.40/tcrdb.c:1541:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/tcrdb.c:1549:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &num, sizeof(uint32_t));
data/tokyotyrant-1.1.40/tcrdb.c:1551:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, kbuf, ksiz);
data/tokyotyrant-1.1.40/tcrdb.c:1612:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/tcrdb.c:1669:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/tcrdb.c:1677:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &num, sizeof(uint32_t));
data/tokyotyrant-1.1.40/tcrdb.c:1679:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, kbuf, ksiz);
data/tokyotyrant-1.1.40/tcrdb.c:1711:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/tcrdb.c:1744:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/tcrdb.c:1791:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/tcrdb.c:1799:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &num, sizeof(uint32_t));
data/tokyotyrant-1.1.40/tcrdb.c:1802:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &num, sizeof(uint32_t));
data/tokyotyrant-1.1.40/tcrdb.c:1804:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, pbuf, psiz);
data/tokyotyrant-1.1.40/tcrdb.c:1854:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/tcrdb.c:1862:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &lnum, sizeof(uint32_t));
data/tokyotyrant-1.1.40/tcrdb.c:1865:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &lnum, sizeof(uint32_t));
data/tokyotyrant-1.1.40/tcrdb.c:1867:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, kbuf, ksiz);
data/tokyotyrant-1.1.40/tcrdb.c:1903:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/tcrdb.c:1911:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &lnum, sizeof(uint32_t));
data/tokyotyrant-1.1.40/tcrdb.c:1913:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dbuf[sizeof(uint64_t)*2];
data/tokyotyrant-1.1.40/tcrdb.c:1916:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, kbuf, ksiz);
data/tokyotyrant-1.1.40/tcrdb.c:1959:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/tcrdb.c:1967:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &num, sizeof(uint32_t));
data/tokyotyrant-1.1.40/tcrdb.c:1970:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &num, sizeof(uint32_t));
data/tokyotyrant-1.1.40/tcrdb.c:1973:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &num, sizeof(uint32_t));
data/tokyotyrant-1.1.40/tcrdb.c:1976:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &num, sizeof(uint32_t));
data/tokyotyrant-1.1.40/tcrdb.c:1978:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, name, nsiz);
data/tokyotyrant-1.1.40/tcrdb.c:1980:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, kbuf, ksiz);
data/tokyotyrant-1.1.40/tcrdb.c:1982:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, vbuf, vsiz);
data/tokyotyrant-1.1.40/tcrdb.c:2023:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/tcrdb.c:2056:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/tcrdb.c:2064:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &num, sizeof(uint32_t));
data/tokyotyrant-1.1.40/tcrdb.c:2066:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, params, psiz);
data/tokyotyrant-1.1.40/tcrdb.c:2095:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/tcrdb.c:2128:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/tcrdb.c:2136:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &num, sizeof(uint32_t));
data/tokyotyrant-1.1.40/tcrdb.c:2138:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, path, psiz);
data/tokyotyrant-1.1.40/tcrdb.c:2172:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/tcrdb.c:2179:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &lnum, sizeof(uint32_t));
data/tokyotyrant-1.1.40/tcrdb.c:2182:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &llnum, sizeof(uint64_t));
data/tokyotyrant-1.1.40/tcrdb.c:2185:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &lnum, sizeof(uint32_t));
data/tokyotyrant-1.1.40/tcrdb.c:2187:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, path, psiz);
data/tokyotyrant-1.1.40/tcrdb.c:2224:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/tcrdb.c:2232:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &lnum, sizeof(uint32_t));
data/tokyotyrant-1.1.40/tcrdb.c:2235:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &lnum, sizeof(uint32_t));
data/tokyotyrant-1.1.40/tcrdb.c:2239:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &llnum, sizeof(uint64_t));
data/tokyotyrant-1.1.40/tcrdb.c:2242:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &lnum, sizeof(uint32_t));
data/tokyotyrant-1.1.40/tcrdb.c:2244:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, host, hsiz);
data/tokyotyrant-1.1.40/tcrdb.c:2287:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/tcrdb.c:2321:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/tcrdb.c:2355:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/tcrdb.c:2421:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/tcrmgr.c:1372:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *ifp = file ? fopen(file, "rb") : stdin;
data/tokyotyrant-1.1.40/tcrmgr.c:1488:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/tcrmgr.c:1495:50: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
printf("%s\t", ttcmdidtostr(((unsigned char *)rbuf)[1]));
data/tokyotyrant-1.1.40/tcrmgr.c:1508:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &llnum, sizeof(llnum));
data/tokyotyrant-1.1.40/tcrmgr.c:1511:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &snum, sizeof(snum));
data/tokyotyrant-1.1.40/tcrmgr.c:1514:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &snum, sizeof(snum));
data/tokyotyrant-1.1.40/tcrmgr.c:1517:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &lnum, sizeof(lnum));
data/tokyotyrant-1.1.40/tcrmgr.c:1519:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, rbuf, rsiz);
data/tokyotyrant-1.1.40/tcrmttest.c:688:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[RECBUFSIZ];
data/tokyotyrant-1.1.40/tcrmttest.c:689:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int len = sprintf(buf, "%08d", base + (rnd ? myrand(i) + 1 : i));
data/tokyotyrant-1.1.40/tcrmttest.c:733:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kbuf[RECBUFSIZ];
data/tokyotyrant-1.1.40/tcrmttest.c:734:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int ksiz = sprintf(kbuf, "%08d", base + (rnd ? myrandnd(i) + 1 : i));
data/tokyotyrant-1.1.40/tcrmttest.c:775:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kbuf[RECBUFSIZ];
data/tokyotyrant-1.1.40/tcrmttest.c:776:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int ksiz = sprintf(kbuf, "%08d", base + (rnd ? myrandnd(i) + 1 : i));
data/tokyotyrant-1.1.40/tcrmttest.c:800:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kbuf[RECBUFSIZ];
data/tokyotyrant-1.1.40/tcrmttest.c:801:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int ksiz = sprintf(kbuf, "%d", myrand(range) + 1);
data/tokyotyrant-1.1.40/tcrmttest.c:863:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pkbuf[RECBUFSIZ];
data/tokyotyrant-1.1.40/tcrmttest.c:864:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int pksiz = sprintf(pkbuf, "%08d", base + (rnd ? myrand(rnum / 2 + i) : i));
data/tokyotyrant-1.1.40/tcrmttest.c:866:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vbuf[RECBUFSIZ*5];
data/tokyotyrant-1.1.40/tcrmttest.c:867:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int vsiz = sprintf(vbuf, "%d", myrand(i) + 1);
data/tokyotyrant-1.1.40/tcrmttest.c:869:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
vsiz = sprintf(vbuf, "%lld", (long long)tctime() + (rnd ? myrand(3600) + 1 : 60));
data/tokyotyrant-1.1.40/tcrmttest.c:876:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(vbuf, "%d", myrand(i));
data/tokyotyrant-1.1.40/tcrmttest.c:879:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(vbuf, "%d,%d", myrand(rnum), myrand(rnum));
data/tokyotyrant-1.1.40/tcrtest.c:459:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[RECBUFSIZ];
data/tokyotyrant-1.1.40/tcrtest.c:460:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int len = sprintf(buf, "%08d", rnd ? myrand(rnum) + 1 : i);
data/tokyotyrant-1.1.40/tcrtest.c:514:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kbuf[RECBUFSIZ];
data/tokyotyrant-1.1.40/tcrtest.c:515:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int ksiz = sprintf(kbuf, "%08d", rnd ? myrand(rnum) + 1 : i);
data/tokyotyrant-1.1.40/tcrtest.c:576:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kbuf[RECBUFSIZ];
data/tokyotyrant-1.1.40/tcrtest.c:577:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int ksiz = sprintf(kbuf, "%08d", rnd ? myrand(rnum) + 1 : i);
data/tokyotyrant-1.1.40/tcrtest.c:624:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kbuf[RECBUFSIZ];
data/tokyotyrant-1.1.40/tcrtest.c:625:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int ksiz = sprintf(kbuf, "%d", myrand(pnum) + 1);
data/tokyotyrant-1.1.40/tcrtest.c:703:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[RECBUFSIZ];
data/tokyotyrant-1.1.40/tcrtest.c:704:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int len = sprintf(buf, "%08d", i);
data/tokyotyrant-1.1.40/tcrtest.c:733:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kbuf[RECBUFSIZ];
data/tokyotyrant-1.1.40/tcrtest.c:734:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int ksiz = sprintf(kbuf, "%08d", i);
data/tokyotyrant-1.1.40/tcrtest.c:760:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kbuf[RECBUFSIZ];
data/tokyotyrant-1.1.40/tcrtest.c:761:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int ksiz = sprintf(kbuf, "%d", myrand(rnum) + 1);
data/tokyotyrant-1.1.40/tcrtest.c:762:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vbuf[RECBUFSIZ];
data/tokyotyrant-1.1.40/tcrtest.c:813:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kbuf[RECBUFSIZ];
data/tokyotyrant-1.1.40/tcrtest.c:814:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int ksiz = sprintf(kbuf, "%d", myrand(rnum));
data/tokyotyrant-1.1.40/tcrtest.c:828:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kbuf[RECBUFSIZ];
data/tokyotyrant-1.1.40/tcrtest.c:829:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int ksiz = sprintf(kbuf, "[%d]", i);
data/tokyotyrant-1.1.40/tcrtest.c:830:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vbuf[RECBUFSIZ];
data/tokyotyrant-1.1.40/tcrtest.c:839:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[PATH_MAX];
data/tokyotyrant-1.1.40/tcrtest.c:858:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kbuf[RECBUFSIZ];
data/tokyotyrant-1.1.40/tcrtest.c:859:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int ksiz = sprintf(kbuf, "[%d]", i);
data/tokyotyrant-1.1.40/tcrtest.c:879:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pbuf[RECBUFSIZ];
data/tokyotyrant-1.1.40/tcrtest.c:880:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int psiz = sprintf(pbuf, "%d", myrand(100) + 1);
data/tokyotyrant-1.1.40/tcrtest.c:890:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kbuf[RECBUFSIZ];
data/tokyotyrant-1.1.40/tcrtest.c:891:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int ksiz = sprintf(kbuf, "%d", myrand(rnum) + 1);
data/tokyotyrant-1.1.40/tcrtest.c:929:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kbuf[RECBUFSIZ];
data/tokyotyrant-1.1.40/tcrtest.c:930:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int ksiz = sprintf(kbuf, "(%d)", i);
data/tokyotyrant-1.1.40/tcrtest.c:975:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kbuf[RECBUFSIZ];
data/tokyotyrant-1.1.40/tcrtest.c:976:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int ksiz = sprintf(kbuf, "(%d)", myrand(rnum));
data/tokyotyrant-1.1.40/tcrtest.c:1041:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kbuf[RECBUFSIZ];
data/tokyotyrant-1.1.40/tcrtest.c:1042:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int ksiz = sprintf(kbuf, "%d", myrand(rnum));
data/tokyotyrant-1.1.40/tcrtest.c:1043:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vbuf[RECBUFSIZ];
data/tokyotyrant-1.1.40/tcrtest.c:1178:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kbuf[RECBUFSIZ];
data/tokyotyrant-1.1.40/tcrtest.c:1179:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int ksiz = sprintf(kbuf, "%d", i - 1);
data/tokyotyrant-1.1.40/tcrtest.c:1275:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pkbuf[RECBUFSIZ];
data/tokyotyrant-1.1.40/tcrtest.c:1276:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int pksiz = sprintf(pkbuf, "%d", myrand(rnum) + 1);
data/tokyotyrant-1.1.40/tcrtest.c:1280:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vbuf[RECBUFSIZ*5];
data/tokyotyrant-1.1.40/tcrtest.c:1281:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int vsiz = sprintf(vbuf, "%08d", i);
data/tokyotyrant-1.1.40/tcrtest.c:1283:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
vsiz = sprintf(vbuf, "%d", (int)tctime() + exp);
data/tokyotyrant-1.1.40/tcrtest.c:1338:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pkbuf[RECBUFSIZ];
data/tokyotyrant-1.1.40/tcrtest.c:1339:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int pksiz = sprintf(pkbuf, "%d", id);
data/tokyotyrant-1.1.40/tcrtest.c:1341:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vbuf[RECBUFSIZ*5];
data/tokyotyrant-1.1.40/tcrtest.c:1342:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int vsiz = sprintf(vbuf, "%d", id);
data/tokyotyrant-1.1.40/tcrtest.c:1344:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
vsiz = sprintf(vbuf, "%d", myrand(i) + 1);
data/tokyotyrant-1.1.40/tcrtest.c:1346:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
vsiz = sprintf(vbuf, "%d", myrand(32) + 1);
data/tokyotyrant-1.1.40/tcrtest.c:1354:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "%d", pt);
data/tokyotyrant-1.1.40/tcrtest.c:1390:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pkbuf[RECBUFSIZ];
data/tokyotyrant-1.1.40/tcrtest.c:1391:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int pksiz = sprintf(pkbuf, "%d", myrand(rnum) + 1);
data/tokyotyrant-1.1.40/tcrtest.c:1404:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pkbuf[RECBUFSIZ];
data/tokyotyrant-1.1.40/tcrtest.c:1405:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int pksiz = sprintf(pkbuf, "%d", myrand(rnum) + 1);
data/tokyotyrant-1.1.40/tcrtest.c:1436:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expr[RECBUFSIZ*3];
data/tokyotyrant-1.1.40/tcrtest.c:1438:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(expr, "%d", myrand(i));
data/tokyotyrant-1.1.40/tcrtest.c:1439:35: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if(myrand(10) == 0) wp += sprintf(wp, ",%d", myrand(i));
data/tokyotyrant-1.1.40/tcrtest.c:1440:35: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if(myrand(10) == 0) wp += sprintf(wp, ",%d", myrand(i));
data/tokyotyrant-1.1.40/tculog.c:211:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(path, O_WRONLY | O_CREAT | O_APPEND, 00644);
data/tokyotyrant-1.1.40/tculog.c:222:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/tculog.c:228:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &llnum, sizeof(llnum));
data/tokyotyrant-1.1.40/tculog.c:231:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &snum, sizeof(snum));
data/tokyotyrant-1.1.40/tculog.c:234:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &snum, sizeof(snum));
data/tokyotyrant-1.1.40/tculog.c:237:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &lnum, sizeof(lnum));
data/tokyotyrant-1.1.40/tculog.c:239:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, ptr, size);
data/tokyotyrant-1.1.40/tculog.c:286:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(path, O_WRONLY | O_CREAT | O_APPEND, 00644);
data/tokyotyrant-1.1.40/tculog.c:335:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(path, O_RDONLY, 00644);
data/tokyotyrant-1.1.40/tculog.c:339:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[rsiz];
data/tokyotyrant-1.1.40/tculog.c:342:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&fts, buf + sizeof(uint8_t), sizeof(ts));
data/tokyotyrant-1.1.40/tculog.c:401:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ulrd->fd = open(path, O_RDONLY, 00644);
data/tokyotyrant-1.1.40/tculog.c:409:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[rsiz];
data/tokyotyrant-1.1.40/tculog.c:426:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ulrd->fd = open(path, O_RDONLY, 00644);
data/tokyotyrant-1.1.40/tculog.c:486:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mstack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/tculog.c:494:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &lnum, sizeof(lnum));
data/tokyotyrant-1.1.40/tculog.c:497:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &lnum, sizeof(lnum));
data/tokyotyrant-1.1.40/tculog.c:499:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, kbuf, ksiz);
data/tokyotyrant-1.1.40/tculog.c:501:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, vbuf, vsiz);
data/tokyotyrant-1.1.40/tculog.c:521:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mstack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/tculog.c:529:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &lnum, sizeof(lnum));
data/tokyotyrant-1.1.40/tculog.c:532:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &lnum, sizeof(lnum));
data/tokyotyrant-1.1.40/tculog.c:534:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, kbuf, ksiz);
data/tokyotyrant-1.1.40/tculog.c:536:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, vbuf, vsiz);
data/tokyotyrant-1.1.40/tculog.c:556:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mstack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/tculog.c:564:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &lnum, sizeof(lnum));
data/tokyotyrant-1.1.40/tculog.c:567:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &lnum, sizeof(lnum));
data/tokyotyrant-1.1.40/tculog.c:569:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, kbuf, ksiz);
data/tokyotyrant-1.1.40/tculog.c:571:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, vbuf, vsiz);
data/tokyotyrant-1.1.40/tculog.c:596:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mstack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/tculog.c:604:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &lnum, sizeof(lnum));
data/tokyotyrant-1.1.40/tculog.c:607:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &lnum, sizeof(lnum));
data/tokyotyrant-1.1.40/tculog.c:610:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &lnum, sizeof(lnum));
data/tokyotyrant-1.1.40/tculog.c:612:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, kbuf, ksiz);
data/tokyotyrant-1.1.40/tculog.c:614:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, vbuf, vsiz);
data/tokyotyrant-1.1.40/tculog.c:634:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mstack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/tculog.c:642:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &lnum, sizeof(lnum));
data/tokyotyrant-1.1.40/tculog.c:644:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, kbuf, ksiz);
data/tokyotyrant-1.1.40/tculog.c:663:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mstack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/tculog.c:671:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &lnum, sizeof(lnum));
data/tokyotyrant-1.1.40/tculog.c:674:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &lnum, sizeof(lnum));
data/tokyotyrant-1.1.40/tculog.c:676:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, kbuf, ksiz);
data/tokyotyrant-1.1.40/tculog.c:695:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mstack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/tculog.c:703:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &lnum, sizeof(lnum));
data/tokyotyrant-1.1.40/tculog.c:707:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, kbuf, ksiz);
data/tokyotyrant-1.1.40/tculog.c:725:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mbuf[sizeof(uint8_t)*3];
data/tokyotyrant-1.1.40/tculog.c:745:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mstack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/tculog.c:753:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &lnum, sizeof(lnum));
data/tokyotyrant-1.1.40/tculog.c:755:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, params, psiz);
data/tokyotyrant-1.1.40/tculog.c:773:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mbuf[sizeof(uint8_t)*3];
data/tokyotyrant-1.1.40/tculog.c:800:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mstack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/tculog.c:807:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &lnum, sizeof(lnum));
data/tokyotyrant-1.1.40/tculog.c:810:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &lnum, sizeof(lnum));
data/tokyotyrant-1.1.40/tculog.c:812:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, name, nsiz);
data/tokyotyrant-1.1.40/tculog.c:818:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &lnum, sizeof(lnum));
data/tokyotyrant-1.1.40/tculog.c:820:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, ebuf, esiz);
data/tokyotyrant-1.1.40/tculog.c:875:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
bool exp = (((unsigned char *)ptr)[size-1] == 0) ? true : false;
data/tokyotyrant-1.1.40/tculog.c:1079:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[TTADDRBUFSIZ];
data/tokyotyrant-1.1.40/tculog.c:1083:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/tculog.c:1088:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &llnum, sizeof(llnum));
data/tokyotyrant-1.1.40/tculog.c:1091:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &lnum, sizeof(lnum));
data/tokyotyrant-1.1.40/tculog.c:1200:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, (char *)vbuf + vsiz - left, left);
data/tokyotyrant-1.1.40/tculog.c:1204:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if(wsiz > 0) memcpy(wp, op->vbuf + op->vsiz - wsiz, wsiz);
data/tokyotyrant-1.1.40/ttserver.c:84:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[TTADDRBUFSIZ]; // host name
data/tokyotyrant-1.1.40/ttserver.c:538:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(logpath, O_WRONLY | O_APPEND | O_CREAT, 00644);
data/tokyotyrant-1.1.40/ttserver.c:549:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/tokyotyrant-1.1.40/ttserver.c:550:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%lld\n", (long long)pid);
data/tokyotyrant-1.1.40/ttserver.c:596:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&initfunc, &initsym, sizeof(initsym));
data/tokyotyrant-1.1.40/ttserver.c:737:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(logpath, O_WRONLY | O_APPEND | O_CREAT, 00644);
data/tokyotyrant-1.1.40/ttserver.c:810:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date[48];
data/tokyotyrant-1.1.40/ttserver.c:819:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LINEBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:838:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rtsbuf[NUMBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:839:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int len = sprintf(rtsbuf, "%llu\n", (unsigned long long)arg->mts);
data/tokyotyrant-1.1.40/ttserver.c:844:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int rtsfd = open(arg->rtspath, O_RDWR | O_CREAT, 00644);
data/tokyotyrant-1.1.40/ttserver.c:855:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rtsbuf[NUMBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:889:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int len = sprintf(rtsbuf, "%llu\n", (unsigned long long)rts);
data/tokyotyrant-1.1.40/ttserver.c:1139:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:1179:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:1218:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:1260:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:1300:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:1334:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:1369:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:1389:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rbuf + sizeof(uint8_t), &num, sizeof(uint32_t));
data/tokyotyrant-1.1.40/ttserver.c:1390:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rbuf + sizeof(uint8_t) + sizeof(uint32_t), vbuf, vsiz);
data/tokyotyrant-1.1.40/ttserver.c:1427:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:1465:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)tcxstrptr(xstr) + sizeof(code), &num, sizeof(num));
data/tokyotyrant-1.1.40/ttserver.c:1490:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:1505:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(stack + sizeof(uint8_t), &num, sizeof(uint32_t));
data/tokyotyrant-1.1.40/ttserver.c:1565:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:1571:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rbuf + sizeof(uint8_t), &num, sizeof(uint32_t));
data/tokyotyrant-1.1.40/ttserver.c:1572:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rbuf + sizeof(uint8_t) + sizeof(uint32_t), vbuf, vsiz);
data/tokyotyrant-1.1.40/ttserver.c:1603:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:1629:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)tcxstrptr(xstr) + sizeof(code), &num, sizeof(num));
data/tokyotyrant-1.1.40/ttserver.c:1658:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:1673:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(stack + sizeof(uint8_t), &num, sizeof(uint32_t));
data/tokyotyrant-1.1.40/ttserver.c:1703:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char abuf[sizeof(uint64_t)*2];
data/tokyotyrant-1.1.40/ttserver.c:1710:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:1724:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(stack + sizeof(uint8_t), abuf, sizeof(abuf));
data/tokyotyrant-1.1.40/ttserver.c:1762:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:1766:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[TTADDRBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:1767:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, buf, nsiz);
data/tokyotyrant-1.1.40/ttserver.c:1815:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rbuf + sizeof(uint8_t), &num, sizeof(uint32_t));
data/tokyotyrant-1.1.40/ttserver.c:1816:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rbuf + sizeof(uint8_t) + sizeof(uint32_t), xbuf, xsiz);
data/tokyotyrant-1.1.40/ttserver.c:1876:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:1935:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:1974:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:2014:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:2049:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LINEBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:2059:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + sizeof(uint8_t), &rnum, sizeof(uint64_t));
data/tokyotyrant-1.1.40/ttserver.c:2074:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LINEBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:2084:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + sizeof(uint8_t), &size, sizeof(uint64_t));
data/tokyotyrant-1.1.40/ttserver.c:2100:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:2107:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "libver\t%d\n", _TT_LIBVER);
data/tokyotyrant-1.1.40/ttserver.c:2110:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "time\t%.6f\n", now);
data/tokyotyrant-1.1.40/ttserver.c:2111:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "pid\t%lld\n", (long long)getpid());
data/tokyotyrant-1.1.40/ttserver.c:2112:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "sid\t%d\n", arg->sid);
data/tokyotyrant-1.1.40/ttserver.c:2114:28: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case ADBOVOID: wp += sprintf(wp, "type\tvoid\n"); break;
data/tokyotyrant-1.1.40/ttserver.c:2115:27: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case ADBOMDB: wp += sprintf(wp, "type\ton-memory hash\n"); break;
data/tokyotyrant-1.1.40/ttserver.c:2116:27: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case ADBONDB: wp += sprintf(wp, "type\ton-memory tree\n"); break;
data/tokyotyrant-1.1.40/ttserver.c:2117:27: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case ADBOHDB: wp += sprintf(wp, "type\thash\n"); break;
data/tokyotyrant-1.1.40/ttserver.c:2118:27: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case ADBOBDB: wp += sprintf(wp, "type\tB+ tree\n"); break;
data/tokyotyrant-1.1.40/ttserver.c:2119:27: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case ADBOFDB: wp += sprintf(wp, "type\tfixed-length\n"); break;
data/tokyotyrant-1.1.40/ttserver.c:2120:27: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case ADBOTDB: wp += sprintf(wp, "type\ttable\n"); break;
data/tokyotyrant-1.1.40/ttserver.c:2121:28: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case ADBOSKEL: wp += sprintf(wp, "type\tskeleton\n"); break;
data/tokyotyrant-1.1.40/ttserver.c:2125:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "rnum\t%llu\n", (unsigned long long)tcadbrnum(adb));
data/tokyotyrant-1.1.40/ttserver.c:2126:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "size\t%llu\n", (unsigned long long)tcadbsize(adb));
data/tokyotyrant-1.1.40/ttserver.c:2146:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "bigend\t%d\n", TTBIGEND);
data/tokyotyrant-1.1.40/ttserver.c:2149:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "mport\t%d\n", sarg->port);
data/tokyotyrant-1.1.40/ttserver.c:2150:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "rts\t%llu\n", (unsigned long long)sarg->rts);
data/tokyotyrant-1.1.40/ttserver.c:2152:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "delay\t%.6f\n", delay >= 0 ? delay : 0.0);
data/tokyotyrant-1.1.40/ttserver.c:2154:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "fd\t%d\n", sock->fd);
data/tokyotyrant-1.1.40/ttserver.c:2155:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "loadavg\t%.6f\n", ttgetloadavg());
data/tokyotyrant-1.1.40/ttserver.c:2168:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "ru_real\t%.6f\n", now - g_starttime);
data/tokyotyrant-1.1.40/ttserver.c:2170:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "cnt_put\t%llu\n", (unsigned long long)sumstat(arg, TTSEQPUT));
data/tokyotyrant-1.1.40/ttserver.c:2171:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "cnt_putkeep\t%llu\n", (unsigned long long)sumstat(arg, TTSEQPUTKEEP));
data/tokyotyrant-1.1.40/ttserver.c:2172:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "cnt_putcat\t%llu\n", (unsigned long long)sumstat(arg, TTSEQPUTCAT));
data/tokyotyrant-1.1.40/ttserver.c:2173:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "cnt_putshl\t%llu\n", (unsigned long long)sumstat(arg, TTSEQPUTSHL));
data/tokyotyrant-1.1.40/ttserver.c:2174:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "cnt_putnr\t%llu\n", (unsigned long long)sumstat(arg, TTSEQPUTNR));
data/tokyotyrant-1.1.40/ttserver.c:2175:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "cnt_out\t%llu\n", (unsigned long long)sumstat(arg, TTSEQOUT));
data/tokyotyrant-1.1.40/ttserver.c:2176:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "cnt_get\t%llu\n", (unsigned long long)sumstat(arg, TTSEQGET));
data/tokyotyrant-1.1.40/ttserver.c:2177:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "cnt_mget\t%llu\n", (unsigned long long)sumstat(arg, TTSEQMGET));
data/tokyotyrant-1.1.40/ttserver.c:2178:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "cnt_vsiz\t%llu\n", (unsigned long long)sumstat(arg, TTSEQVSIZ));
data/tokyotyrant-1.1.40/ttserver.c:2179:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "cnt_iterinit\t%llu\n", (unsigned long long)sumstat(arg, TTSEQITERINIT));
data/tokyotyrant-1.1.40/ttserver.c:2180:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "cnt_iternext\t%llu\n", (unsigned long long)sumstat(arg, TTSEQITERNEXT));
data/tokyotyrant-1.1.40/ttserver.c:2181:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "cnt_fwmkeys\t%llu\n", (unsigned long long)sumstat(arg, TTSEQFWMKEYS));
data/tokyotyrant-1.1.40/ttserver.c:2182:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "cnt_addint\t%llu\n", (unsigned long long)sumstat(arg, TTSEQADDINT));
data/tokyotyrant-1.1.40/ttserver.c:2183:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "cnt_adddouble\t%llu\n", (unsigned long long)sumstat(arg, TTSEQADDDOUBLE));
data/tokyotyrant-1.1.40/ttserver.c:2184:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "cnt_ext\t%llu\n", (unsigned long long)sumstat(arg, TTSEQEXT));
data/tokyotyrant-1.1.40/ttserver.c:2185:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "cnt_sync\t%llu\n", (unsigned long long)sumstat(arg, TTSEQSYNC));
data/tokyotyrant-1.1.40/ttserver.c:2186:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "cnt_optimize\t%llu\n", (unsigned long long)sumstat(arg, TTSEQOPTIMIZE));
data/tokyotyrant-1.1.40/ttserver.c:2187:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "cnt_vanish\t%llu\n", (unsigned long long)sumstat(arg, TTSEQVANISH));
data/tokyotyrant-1.1.40/ttserver.c:2188:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "cnt_copy\t%llu\n", (unsigned long long)sumstat(arg, TTSEQCOPY));
data/tokyotyrant-1.1.40/ttserver.c:2189:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "cnt_restore\t%llu\n", (unsigned long long)sumstat(arg, TTSEQRESTORE));
data/tokyotyrant-1.1.40/ttserver.c:2190:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "cnt_setmst\t%llu\n", (unsigned long long)sumstat(arg, TTSEQSETMST));
data/tokyotyrant-1.1.40/ttserver.c:2191:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "cnt_rnum\t%llu\n", (unsigned long long)sumstat(arg, TTSEQRNUM));
data/tokyotyrant-1.1.40/ttserver.c:2192:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "cnt_size\t%llu\n", (unsigned long long)sumstat(arg, TTSEQSIZE));
data/tokyotyrant-1.1.40/ttserver.c:2193:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "cnt_stat\t%llu\n", (unsigned long long)sumstat(arg, TTSEQSTAT));
data/tokyotyrant-1.1.40/ttserver.c:2194:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "cnt_misc\t%llu\n", (unsigned long long)sumstat(arg, TTSEQMISC));
data/tokyotyrant-1.1.40/ttserver.c:2195:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "cnt_repl\t%llu\n", (unsigned long long)sumstat(arg, TTSEQREPL));
data/tokyotyrant-1.1.40/ttserver.c:2196:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "cnt_put_miss\t%llu\n", (unsigned long long)sumstat(arg, TTSEQPUTMISS));
data/tokyotyrant-1.1.40/ttserver.c:2197:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "cnt_out_miss\t%llu\n", (unsigned long long)sumstat(arg, TTSEQOUTMISS));
data/tokyotyrant-1.1.40/ttserver.c:2198:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "cnt_get_miss\t%llu\n", (unsigned long long)sumstat(arg, TTSEQGETMISS));
data/tokyotyrant-1.1.40/ttserver.c:2202:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + sizeof(uint8_t), &size, sizeof(uint32_t));
data/tokyotyrant-1.1.40/ttserver.c:2226:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[TTADDRBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:2234:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:2271:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)tcxstrptr(xstr) + sizeof(code), &num, sizeof(num));
data/tokyotyrant-1.1.40/ttserver.c:2317:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:2357:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &llnum, sizeof(llnum));
data/tokyotyrant-1.1.40/ttserver.c:2360:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &lnum, sizeof(lnum));
data/tokyotyrant-1.1.40/ttserver.c:2363:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, &lnum, sizeof(lnum));
data/tokyotyrant-1.1.40/ttserver.c:2365:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wp, rbuf, rsiz);
data/tokyotyrant-1.1.40/ttserver.c:2396:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:2403:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(stack, "CLIENT_ERROR forbidden\r\n");
data/tokyotyrant-1.1.40/ttserver.c:2406:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(stack, "STORED\r\n");
data/tokyotyrant-1.1.40/ttserver.c:2409:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(stack, "SERVER_ERROR unexpected\r\n");
data/tokyotyrant-1.1.40/ttserver.c:2440:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:2447:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(stack, "CLIENT_ERROR forbidden\r\n");
data/tokyotyrant-1.1.40/ttserver.c:2450:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(stack, "STORED\r\n");
data/tokyotyrant-1.1.40/ttserver.c:2453:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(stack, "NOT_STORED\r\n");
data/tokyotyrant-1.1.40/ttserver.c:2485:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:2492:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(stack, "CLIENT_ERROR forbidden\r\n");
data/tokyotyrant-1.1.40/ttserver.c:2496:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(stack, "SERVER_ERROR unexpected\r\n");
data/tokyotyrant-1.1.40/ttserver.c:2500:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(stack, "STORED\r\n");
data/tokyotyrant-1.1.40/ttserver.c:2502:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(stack, "SERVER_ERROR unexpected\r\n");
data/tokyotyrant-1.1.40/ttserver.c:2507:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(stack, "NOT_STORED\r\n");
data/tokyotyrant-1.1.40/ttserver.c:2542:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:2549:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(stack, "CLIENT_ERROR forbidden\r\n");
data/tokyotyrant-1.1.40/ttserver.c:2553:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(stack, "SERVER_ERROR unexpected\r\n");
data/tokyotyrant-1.1.40/ttserver.c:2557:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(stack, "STORED\r\n");
data/tokyotyrant-1.1.40/ttserver.c:2559:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(stack, "SERVER_ERROR unexpected\r\n");
data/tokyotyrant-1.1.40/ttserver.c:2564:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(stack, "NOT_STORED\r\n");
data/tokyotyrant-1.1.40/ttserver.c:2599:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:2606:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(stack, "CLIENT_ERROR forbidden\r\n");
data/tokyotyrant-1.1.40/ttserver.c:2612:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(stack, "SERVER_ERROR unexpected\r\n");
data/tokyotyrant-1.1.40/ttserver.c:2616:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nbuf, vbuf, vsiz);
data/tokyotyrant-1.1.40/ttserver.c:2617:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nbuf + vsiz, obuf, osiz);
data/tokyotyrant-1.1.40/ttserver.c:2619:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(stack, "STORED\r\n");
data/tokyotyrant-1.1.40/ttserver.c:2624:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(stack, "NOT_STORED\r\n");
data/tokyotyrant-1.1.40/ttserver.c:2700:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:2703:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(stack, "CLIENT_ERROR forbidden\r\n");
data/tokyotyrant-1.1.40/ttserver.c:2706:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(stack, "DELETED\r\n");
data/tokyotyrant-1.1.40/ttserver.c:2709:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(stack, "NOT_FOUND\r\n");
data/tokyotyrant-1.1.40/ttserver.c:2737:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:2740:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(stack, "CLIENT_ERROR forbidden\r\n");
data/tokyotyrant-1.1.40/ttserver.c:2753:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(stack, "%lld", (long long)num);
data/tokyotyrant-1.1.40/ttserver.c:2755:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(stack, "%lld\r\n", (long long)num);
data/tokyotyrant-1.1.40/ttserver.c:2757:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(stack, "SERVER_ERROR unexpected\r\n");
data/tokyotyrant-1.1.40/ttserver.c:2762:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(stack, "NOT_FOUND\r\n");
data/tokyotyrant-1.1.40/ttserver.c:2793:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:2796:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(stack, "CLIENT_ERROR forbidden\r\n");
data/tokyotyrant-1.1.40/ttserver.c:2809:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(stack, "%lld", (long long)num);
data/tokyotyrant-1.1.40/ttserver.c:2811:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(stack, "%lld\r\n", (long long)num);
data/tokyotyrant-1.1.40/ttserver.c:2813:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(stack, "SERVER_ERROR unexpected\r\n");
data/tokyotyrant-1.1.40/ttserver.c:2818:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(stack, "NOT_FOUND\r\n");
data/tokyotyrant-1.1.40/ttserver.c:2837:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:2842:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "STAT pid %lld\r\n", (long long)getpid());
data/tokyotyrant-1.1.40/ttserver.c:2844:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "STAT uptime %lld\r\n", (long long)(now - (int)g_starttime));
data/tokyotyrant-1.1.40/ttserver.c:2845:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "STAT time %lld\r\n", (long long)now);
data/tokyotyrant-1.1.40/ttserver.c:2847:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "STAT pointer_size %d\r\n", (int)sizeof(void *) * 8);
data/tokyotyrant-1.1.40/ttserver.c:2851:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "STAT rusage_user %d.%06d\r\n",
data/tokyotyrant-1.1.40/ttserver.c:2853:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "STAT rusage_system %d.%06d\r\n",
data/tokyotyrant-1.1.40/ttserver.c:2859:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "STAT cmd_set %llu\r\n", (unsigned long long)putsum);
data/tokyotyrant-1.1.40/ttserver.c:2860:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "STAT cmd_set_hits %llu\r\n", (unsigned long long)(putsum - putmiss));
data/tokyotyrant-1.1.40/ttserver.c:2861:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "STAT cmd_set_misses %llu\r\n", (unsigned long long)putmiss);
data/tokyotyrant-1.1.40/ttserver.c:2864:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "STAT cmd_delete %llu\r\n", (unsigned long long)outsum);
data/tokyotyrant-1.1.40/ttserver.c:2865:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "STAT cmd_delete_hits %llu\r\n", (unsigned long long)(outsum - outmiss));
data/tokyotyrant-1.1.40/ttserver.c:2866:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "STAT cmd_delete_misses %llu\r\n", (unsigned long long)outmiss);
data/tokyotyrant-1.1.40/ttserver.c:2869:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "STAT cmd_get %llu\r\n", (unsigned long long)getsum);
data/tokyotyrant-1.1.40/ttserver.c:2870:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "STAT cmd_get_hits %llu\r\n", (unsigned long long)(getsum - getmiss));
data/tokyotyrant-1.1.40/ttserver.c:2871:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "STAT cmd_get_misses %llu\r\n", (unsigned long long)getmiss);
data/tokyotyrant-1.1.40/ttserver.c:2872:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "STAT cmd_flush %llu\r\n", (unsigned long long)sumstat(arg, TTSEQVANISH));
data/tokyotyrant-1.1.40/ttserver.c:2874:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "STAT curr_items %lld\r\n", (long long)rnum);
data/tokyotyrant-1.1.40/ttserver.c:2875:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "STAT total_items %lld\r\n", (long long)rnum);
data/tokyotyrant-1.1.40/ttserver.c:2876:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "STAT bytes %lld\r\n", (long long)tcadbsize(adb));
data/tokyotyrant-1.1.40/ttserver.c:2877:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "STAT threads %d\r\n", arg->thnum);
data/tokyotyrant-1.1.40/ttserver.c:2878:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
wp += sprintf(wp, "END\r\n");
data/tokyotyrant-1.1.40/ttserver.c:2898:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:2901:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(stack, "CLIENT_ERROR forbidden\r\n");
data/tokyotyrant-1.1.40/ttserver.c:2904:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(stack, "OK\r\n");
data/tokyotyrant-1.1.40/ttserver.c:2906:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(stack, "SERVER_ERROR unexpected\r\n");
data/tokyotyrant-1.1.40/ttserver.c:2922:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:2925:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(stack, "CLIENT_ERROR forbidden\r\n");
data/tokyotyrant-1.1.40/ttserver.c:2951:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINEBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:2974:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int len = sprintf(line, "Forbidden\n");
data/tokyotyrant-1.1.40/ttserver.c:2993:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int len = sprintf(line, "Not Found\n");
data/tokyotyrant-1.1.40/ttserver.c:3018:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINEBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:3077:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINEBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:3101:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:3108:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int len = sprintf(line, "Forbidden\n");
data/tokyotyrant-1.1.40/ttserver.c:3119:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int len = sprintf(line, "Created\n");
data/tokyotyrant-1.1.40/ttserver.c:3127:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int len = sprintf(line, "Conflict\n");
data/tokyotyrant-1.1.40/ttserver.c:3137:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int len = sprintf(line, "Created\n");
data/tokyotyrant-1.1.40/ttserver.c:3145:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int len = sprintf(line, "Internal Server Error\n");
data/tokyotyrant-1.1.40/ttserver.c:3156:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int len = sprintf(line, "Created\n");
data/tokyotyrant-1.1.40/ttserver.c:3164:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int len = sprintf(line, "Internal Server Error\n");
data/tokyotyrant-1.1.40/ttserver.c:3200:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype[LINEBUFSIZ/4+1];
data/tokyotyrant-1.1.40/ttserver.c:3202:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xname[LINEBUFSIZ/4+1];
data/tokyotyrant-1.1.40/ttserver.c:3204:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mname[LINEBUFSIZ/4+1];
data/tokyotyrant-1.1.40/ttserver.c:3208:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINEBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:3243:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:3251:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int len = sprintf(line, "Forbidden\n");
data/tokyotyrant-1.1.40/ttserver.c:3302:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int len = sprintf(line, "Internal Server Error\n");
data/tokyotyrant-1.1.40/ttserver.c:3312:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int len = sprintf(line, "Forbidden\n");
data/tokyotyrant-1.1.40/ttserver.c:3346:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int len = sprintf(line, "Internal Server Error\n");
data/tokyotyrant-1.1.40/ttserver.c:3357:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int len = sprintf(line, "Bad Request\n");
data/tokyotyrant-1.1.40/ttserver.c:3388:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINEBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:3411:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int len = sprintf(line, "Forbidden\n");
data/tokyotyrant-1.1.40/ttserver.c:3420:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int len = sprintf(line, "OK\n");
data/tokyotyrant-1.1.40/ttserver.c:3428:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int len = sprintf(line, "Not Found\n");
data/tokyotyrant-1.1.40/ttserver.c:3454:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINEBUFSIZ];
data/tokyotyrant-1.1.40/ttserver.c:3473:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int len = sprintf(line, "Forbidden\n");
data/tokyotyrant-1.1.40/ttulmgr.c:188:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
printf("%s\t", ttcmdidtostr(((unsigned char *)rbuf)[1]));
data/tokyotyrant-1.1.40/ttultest.c:206:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[RECBUFSIZ];
data/tokyotyrant-1.1.40/ttultest.c:207:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int len = sprintf(buf, "%08d", i);
data/tokyotyrant-1.1.40/ttultest.c:253:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
printf("%02X", ((unsigned char *)rbuf)[i]);
data/tokyotyrant-1.1.40/ttultest.c:339:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[RECBUFSIZ];
data/tokyotyrant-1.1.40/ttultest.c:340:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int len = sprintf(buf, "%08d", i);
data/tokyotyrant-1.1.40/ttutil.c:45:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "localhost");
data/tokyotyrant-1.1.40/ttutil.c:225:55: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
NULL, 0, NI_NUMERICHOST) != 0) sprintf(addr, "0.0.0.0");
data/tokyotyrant-1.1.40/ttutil.c:374:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cbuf[TTNUMBUFSIZ];
data/tokyotyrant-1.1.40/ttutil.c:387:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *tmp, tbuf[TTNUMBUFSIZ*2];
data/tokyotyrant-1.1.40/ttutil.c:448:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
tlen = sprintf(tbuf, "%%%02X", c);
data/tokyotyrant-1.1.40/ttutil.c:474:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, sock->rp, size);
data/tokyotyrant-1.1.40/ttutil.c:633:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[TTADDRBUFSIZ];
data/tokyotyrant-1.1.40/ttutil.c:683:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[SOCKLINEBUFSIZ];
data/tokyotyrant-1.1.40/ttutil.c:814:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, &linteg, sizeof(linteg));
data/tokyotyrant-1.1.40/ttutil.c:816:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + sizeof(linteg), &lfract, sizeof(lfract));
data/tokyotyrant-1.1.40/ttutil.c:1031:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[TTADDRBUFSIZ];
data/tokyotyrant-1.1.40/ttutil.c:1036:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(addr, "(unix)");
data/tokyotyrant-1.1.40/ttutil.c:1205:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[TTIOBUFSIZ];
data/tokyotyrant-1.1.40/ttutil.c:1445:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(NULLDEV, O_RDWR, 0);
data/tokyotyrant-1.1.40/ttutil.h:50:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[TTIOBUFSIZ]; /* reading buffer */
data/tokyotyrant-1.1.40/ttutil.h:324:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[TTADDRBUFSIZ]; /* host name */
data/tokyotyrant-1.1.40/ttutil.h:325:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[TTADDRBUFSIZ]; /* host address */
data/tokyotyrant-1.1.40/scrext.c:83:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*sp = strlen(msg);
data/tokyotyrant-1.1.40/scrext.c:89:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*sp = strlen(msg);
data/tokyotyrant-1.1.40/scrext.c:95:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*sp = strlen(msg);
data/tokyotyrant-1.1.40/scrext.c:100:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*sp = strlen(msg);
data/tokyotyrant-1.1.40/scrext.c:109:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*sp = strlen(msg);
data/tokyotyrant-1.1.40/scrext.c:112:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int psiz = strlen(myscr->path);
data/tokyotyrant-1.1.40/scrext.c:113:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nsiz = strlen(name);
data/tokyotyrant-1.1.40/scrext.c:245:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
isiz = strlen(ibuf);
data/tokyotyrant-1.1.40/scrext.c:388:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rsiz = strlen(rbuf);
data/tokyotyrant-1.1.40/scrext.c:402:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rsiz = strlen(rbuf);
data/tokyotyrant-1.1.40/scrext.c:1786:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
osiz = obuf ? strlen(obuf) : 0;
data/tokyotyrant-1.1.40/scrext.c:1791:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
osiz = obuf ? strlen(obuf) : 0;
data/tokyotyrant-1.1.40/scrext.c:1794:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
osiz = obuf ? strlen(obuf) : 0;
data/tokyotyrant-1.1.40/scrext.c:1797:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
osiz = obuf ? strlen(obuf) : 0;
data/tokyotyrant-1.1.40/scrext.c:1800:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
osiz = obuf ? strlen(obuf) : 0;
data/tokyotyrant-1.1.40/scrext.c:1813:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
osiz = obuf ? strlen(obuf) : 0;
data/tokyotyrant-1.1.40/scrext.c:1917:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int plen = strlen(pat);
data/tokyotyrant-1.1.40/scrext.c:1918:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int alen = strlen(alt);
data/tokyotyrant-1.1.40/tcrdb.c:231:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return tcrdbput(rdb, kstr, strlen(kstr), vstr, strlen(vstr));
data/tokyotyrant-1.1.40/tcrdb.c:231:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return tcrdbput(rdb, kstr, strlen(kstr), vstr, strlen(vstr));
data/tokyotyrant-1.1.40/tcrdb.c:250:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return tcrdbputkeep(rdb, kstr, strlen(kstr), vstr, strlen(vstr));
data/tokyotyrant-1.1.40/tcrdb.c:250:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return tcrdbputkeep(rdb, kstr, strlen(kstr), vstr, strlen(vstr));
data/tokyotyrant-1.1.40/tcrdb.c:269:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return tcrdbputcat(rdb, kstr, strlen(kstr), vstr, strlen(vstr));
data/tokyotyrant-1.1.40/tcrdb.c:269:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return tcrdbputcat(rdb, kstr, strlen(kstr), vstr, strlen(vstr));
data/tokyotyrant-1.1.40/tcrdb.c:288:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return tcrdbputshl(rdb, kstr, strlen(kstr), vstr, strlen(vstr), width);
data/tokyotyrant-1.1.40/tcrdb.c:288:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return tcrdbputshl(rdb, kstr, strlen(kstr), vstr, strlen(vstr), width);
data/tokyotyrant-1.1.40/tcrdb.c:307:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return tcrdbputnr(rdb, kstr, strlen(kstr), vstr, strlen(vstr));
data/tokyotyrant-1.1.40/tcrdb.c:307:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return tcrdbputnr(rdb, kstr, strlen(kstr), vstr, strlen(vstr));
data/tokyotyrant-1.1.40/tcrdb.c:326:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return tcrdbout(rdb, kstr, strlen(kstr));
data/tokyotyrant-1.1.40/tcrdb.c:346:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return tcrdbget(rdb, kstr, strlen(kstr), &vsiz);
data/tokyotyrant-1.1.40/tcrdb.c:377:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return tcrdbvsiz(rdb, kstr, strlen(kstr));
data/tokyotyrant-1.1.40/tcrdb.c:428:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return tcrdbfwmkeys(rdb, pstr, strlen(pstr), max);
data/tokyotyrant-1.1.40/tcrdb.c:473:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return tcrdbext(rdb, name, opts, kstr, strlen(kstr), vstr, strlen(vstr), &vsiz);
data/tokyotyrant-1.1.40/tcrdb.c:473:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return tcrdbext(rdb, name, opts, kstr, strlen(kstr), vstr, strlen(vstr), &vsiz);
data/tokyotyrant-1.1.40/tcrdb.c:964:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int onsiz = oname ? strlen(oname) : 0;
data/tokyotyrant-1.1.40/tcrdb.c:1957:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nsiz = strlen(name);
data/tokyotyrant-1.1.40/tcrdb.c:2053:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int psiz = strlen(params);
data/tokyotyrant-1.1.40/tcrdb.c:2126:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int psiz = strlen(path);
data/tokyotyrant-1.1.40/tcrdb.c:2170:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int psiz = strlen(path);
data/tokyotyrant-1.1.40/tcrdb.c:2222:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int hsiz = strlen(host);
data/tokyotyrant-1.1.40/tcrdb.c:2404:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nsiz = strlen(name);
data/tokyotyrant-1.1.40/tcrmgr.c:185:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int size = strlen(str);
data/tokyotyrant-1.1.40/tcrmgr.c:226:14: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while((c = fgetc(ifp)) != EOF){
data/tokyotyrant-1.1.40/tcrmgr.c:351:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ksiz = strlen(key);
data/tokyotyrant-1.1.40/tcrmgr.c:353:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vsiz = strlen(value);
data/tokyotyrant-1.1.40/tcrmgr.c:399:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ksiz = strlen(key);
data/tokyotyrant-1.1.40/tcrmgr.c:450:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ksiz = strlen(key);
data/tokyotyrant-1.1.40/tcrmgr.c:608:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ksiz = strlen(key);
data/tokyotyrant-1.1.40/tcrmgr.c:610:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vsiz = strlen(value);
data/tokyotyrant-1.1.40/tcrmgr.c:1400:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vsiz = strlen(pv + 1);
data/tokyotyrant-1.1.40/tcrtest.c:800:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int ksiz = strlen(kbuf);
data/tokyotyrant-1.1.40/tcrtest.c:802:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int vsiz = strlen(vbuf);
data/tokyotyrant-1.1.40/tculog.c:744:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int psiz = strlen(params);
data/tokyotyrant-1.1.40/tculog.c:792:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nsiz = strlen(name);
data/tokyotyrant-1.1.40/ttserver.c:551:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(!tcwritefile(pidpath, buf, strlen(buf))){
data/tokyotyrant-1.1.40/ttserver.c:2394:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int ksiz = strlen(kbuf);
data/tokyotyrant-1.1.40/ttserver.c:2438:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int ksiz = strlen(kbuf);
data/tokyotyrant-1.1.40/ttserver.c:2482:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int ksiz = strlen(kbuf);
data/tokyotyrant-1.1.40/ttserver.c:2539:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int ksiz = strlen(kbuf);
data/tokyotyrant-1.1.40/ttserver.c:2596:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int ksiz = strlen(kbuf);
data/tokyotyrant-1.1.40/ttserver.c:2655:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int ksiz = strlen(kbuf);
data/tokyotyrant-1.1.40/ttserver.c:2699:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int ksiz = strlen(kbuf);
data/tokyotyrant-1.1.40/ttserver.c:2734:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int ksiz = strlen(kbuf);
data/tokyotyrant-1.1.40/ttserver.c:2790:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int ksiz = strlen(kbuf);
data/tokyotyrant-1.1.40/ttulmgr.c:98:14: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while((c = fgetc(ifp)) != EOF){
data/tokyotyrant-1.1.40/ttutil.c:653:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *enc = tcbaseencode(authority, strlen(authority));
data/tokyotyrant-1.1.40/ttutil.c:1440:3: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(0);
ANALYSIS SUMMARY:
Hits = 579
Lines analyzed = 18866 in approximately 0.61 seconds (30817 lines/second)
Physical Source Lines of Code (SLOC) = 15336
Hits@level = [0] 117 [1] 67 [2] 484 [3] 4 [4] 24 [5] 0
Hits@level+ = [0+] 696 [1+] 579 [2+] 512 [3+] 28 [4+] 24 [5+] 0
Hits/KSLOC@level+ = [0+] 45.3834 [1+] 37.7543 [2+] 33.3855 [3+] 1.82577 [4+] 1.56495 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.