Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/trustedqsl-2.5.7/src/xml.h
Examining data/trustedqsl-2.5.7/src/xml.cpp
Examining data/trustedqsl-2.5.7/src/winstrdefs.h
Examining data/trustedqsl-2.5.7/src/windirent.h
Examining data/trustedqsl-2.5.7/src/tqsllib.h
Examining data/trustedqsl-2.5.7/src/tqsllib.cpp
Examining data/trustedqsl-2.5.7/src/tqsllib-doc.h
Examining data/trustedqsl-2.5.7/src/tqslexc.h
Examining data/trustedqsl-2.5.7/src/tqslerrno.h
Examining data/trustedqsl-2.5.7/src/tqslconvert.h
Examining data/trustedqsl-2.5.7/src/tqslconvert.cpp
Examining data/trustedqsl-2.5.7/src/station_loc.cpp
Examining data/trustedqsl-2.5.7/src/openssl_cert.h
Examining data/trustedqsl-2.5.7/src/openssl_cert.cpp
Examining data/trustedqsl-2.5.7/src/location.h
Examining data/trustedqsl-2.5.7/src/load_cert.cpp
Examining data/trustedqsl-2.5.7/src/gen_crq.cpp
Examining data/trustedqsl-2.5.7/src/dumptqsldata.cpp
Examining data/trustedqsl-2.5.7/src/converter.cpp
Examining data/trustedqsl-2.5.7/src/converter.c
Examining data/trustedqsl-2.5.7/src/cabrillo.h
Examining data/trustedqsl-2.5.7/src/cabrillo.cpp
Examining data/trustedqsl-2.5.7/src/adif.h
Examining data/trustedqsl-2.5.7/src/adif.cpp
Examining data/trustedqsl-2.5.7/src/location.cpp
Examining data/trustedqsl-2.5.7/apps/tqslbuild.h
Examining data/trustedqsl-2.5.7/apps/wxutil.h
Examining data/trustedqsl-2.5.7/apps/wxutil.cpp
Examining data/trustedqsl-2.5.7/apps/util.h
Examining data/trustedqsl-2.5.7/apps/tqslwiz.h
Examining data/trustedqsl-2.5.7/apps/tqslwiz.cpp
Examining data/trustedqsl-2.5.7/apps/tqslvalidator.h
Examining data/trustedqsl-2.5.7/apps/tqslvalidator.cpp
Examining data/trustedqsl-2.5.7/apps/tqsltrace.h
Examining data/trustedqsl-2.5.7/apps/tqslsign.cpp
Examining data/trustedqsl-2.5.7/apps/tqslpaths.h
Examining data/trustedqsl-2.5.7/apps/tqslhelp.h
Examining data/trustedqsl-2.5.7/apps/tqslhelp.cpp
Examining data/trustedqsl-2.5.7/apps/tqslexcept.h
Examining data/trustedqsl-2.5.7/apps/tqslctrls.h
Examining data/trustedqsl-2.5.7/apps/tqslapp.h
Examining data/trustedqsl-2.5.7/apps/tqsl_prefs.h
Examining data/trustedqsl-2.5.7/apps/tqsl_prefs.cpp
Examining data/trustedqsl-2.5.7/apps/stationdial.h
Examining data/trustedqsl-2.5.7/apps/stationdial.cpp
Examining data/trustedqsl-2.5.7/apps/qsodatadialog.h
Examining data/trustedqsl-2.5.7/apps/qsodatadialog.cpp
Examining data/trustedqsl-2.5.7/apps/loctree.h
Examining data/trustedqsl-2.5.7/apps/loctree.cpp
Examining data/trustedqsl-2.5.7/apps/loadcertwiz.h
Examining data/trustedqsl-2.5.7/apps/loadcertwiz.cpp
Examining data/trustedqsl-2.5.7/apps/jsonwriter.h
Examining data/trustedqsl-2.5.7/apps/jsonwriter.cpp
Examining data/trustedqsl-2.5.7/apps/jsonval.h
Examining data/trustedqsl-2.5.7/apps/jsonval.cpp
Examining data/trustedqsl-2.5.7/apps/jsonreader.h
Examining data/trustedqsl-2.5.7/apps/jsonreader.cpp
Examining data/trustedqsl-2.5.7/apps/json_defs.h
Examining data/trustedqsl-2.5.7/apps/getpassword.h
Examining data/trustedqsl-2.5.7/apps/getpassword.cpp
Examining data/trustedqsl-2.5.7/apps/extwizard.h
Examining data/trustedqsl-2.5.7/apps/extwizard.cpp
Examining data/trustedqsl-2.5.7/apps/dxcc.h
Examining data/trustedqsl-2.5.7/apps/dxcc.cpp
Examining data/trustedqsl-2.5.7/apps/crqwiz.h
Examining data/trustedqsl-2.5.7/apps/crqwiz.cpp
Examining data/trustedqsl-2.5.7/apps/certtree.h
Examining data/trustedqsl-2.5.7/apps/certtree.cpp
Examining data/trustedqsl-2.5.7/apps/tqsl.cpp
Examining data/trustedqsl-2.5.7/apps/tqslupdater.cpp
FINAL RESULTS:
data/trustedqsl-2.5.7/apps/json_defs.h:189:14: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#if !defined(snprintf) && defined(_MSC_VER)
data/trustedqsl-2.5.7/apps/json_defs.h:190:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/trustedqsl-2.5.7/apps/json_defs.h:190:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/trustedqsl-2.5.7/apps/jsonwriter.cpp:1002:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buffer, sizeof buffer, m_fmt, data->m_value.m_valDouble);
data/trustedqsl-2.5.7/src/adif.cpp:205:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(errorText, sizeof errorText, fmt, ADIF_ErrorField);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1334:6: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tQSL_CustomError, sizeof tQSL_CustomError, errfmt, my, val);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1353:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tQSL_CustomError, sizeof tQSL_CustomError, errfmt, val, my);
data/trustedqsl-2.5.7/src/tqsllib.cpp:1006:2: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(tQSL_DiagFile, format, ap);
data/trustedqsl-2.5.7/src/winstrdefs.h:5:11: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/trustedqsl-2.5.7/src/winstrdefs.h:5:20: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/trustedqsl-2.5.7/src/winstrdefs.h:6:11: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define vsnprintf _vsnprintf
data/trustedqsl-2.5.7/src/converter.c:54:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt(argc, argv, "ca")) != -1) {
data/trustedqsl-2.5.7/src/converter.cpp:41:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt(argc, argv, "ca")) != -1) {
data/trustedqsl-2.5.7/src/gen_crq.cpp:51:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "c:x:e:d:")) != -1) {
data/trustedqsl-2.5.7/src/location.cpp:1529:29: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *dxcc_test = getenv("TQSL_DXCC");
data/trustedqsl-2.5.7/src/tqsllib.cpp:316:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((cp = getenv("TQSLDIR")) != NULL && *cp != '\0') {
data/trustedqsl-2.5.7/src/tqsllib.cpp:328:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("HOME") != NULL) {
data/trustedqsl-2.5.7/src/tqsllib.cpp:329:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
strncpy(path, getenv("HOME"), sizeof path);
data/trustedqsl-2.5.7/apps/certtree.cpp:111:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char issname[129];
data/trustedqsl-2.5.7/apps/certtree.cpp:116:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char callsign[129] = "";
data/trustedqsl-2.5.7/apps/certtree.cpp:231:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char callsign[129];
data/trustedqsl-2.5.7/apps/crqwiz.cpp:973:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char startStr[50], endStr[50];
data/trustedqsl-2.5.7/apps/crqwiz.cpp:1036:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cert_before_buf[40], cert_after_buf[40];
data/trustedqsl-2.5.7/apps/crqwiz.cpp:1090:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char csign[512];
data/trustedqsl-2.5.7/apps/crqwiz.cpp:1433:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char callsign[512];
data/trustedqsl-2.5.7/apps/dxcc.cpp:50:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cdel[128];
data/trustedqsl-2.5.7/apps/dxcc.cpp:70:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char testName[TQSL_CRQ_COUNTRY_MAX+1];
data/trustedqsl-2.5.7/apps/dxcc.cpp:75:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fixedName[TQSL_CRQ_COUNTRY_MAX+1];
data/trustedqsl-2.5.7/apps/jsonreader.cpp:1111:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ues[8]; // stores a Unicode Escaped Esquence: \uXXXX
data/trustedqsl-2.5.7/apps/jsonreader.cpp:1577:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[16];
data/trustedqsl-2.5.7/apps/jsonreader.cpp:1809:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[16]; // the UTF-8 code-point
data/trustedqsl-2.5.7/apps/jsonreader.cpp:1827:9: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t dst[10];
data/trustedqsl-2.5.7/apps/jsonwriter.cpp:742:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b[8];
data/trustedqsl-2.5.7/apps/jsonwriter.cpp:894:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[32]; // need to store 64-bits integers (max 20 digits)
data/trustedqsl-2.5.7/apps/jsonwriter.cpp:916:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, cbData, len);
data/trustedqsl-2.5.7/apps/jsonwriter.cpp:949:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[32]; // need to store 64-bits integers (max 20 digits)
data/trustedqsl-2.5.7/apps/jsonwriter.cpp:969:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, cbData, len);
data/trustedqsl-2.5.7/apps/jsonwriter.cpp:999:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[32];
data/trustedqsl-2.5.7/apps/jsonwriter.cpp:1097:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[16];
data/trustedqsl-2.5.7/apps/loadcertwiz.cpp:355:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unipwd[64];
data/trustedqsl-2.5.7/apps/loctree.cpp:91:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char locname[256];
data/trustedqsl-2.5.7/apps/loctree.cpp:93:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char callsign[256];
data/trustedqsl-2.5.7/apps/qsodatadialog.cpp:248:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err[256];
data/trustedqsl-2.5.7/apps/qsodatadialog.cpp:627:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[2048];
data/trustedqsl-2.5.7/apps/qsodatadialog.cpp:639:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mode[128], submode[128];
data/trustedqsl-2.5.7/apps/stationdial.cpp:154:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/trustedqsl-2.5.7/apps/stationdial.cpp:157:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cbuf[256];
data/trustedqsl-2.5.7/apps/stationdial.cpp:386:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/trustedqsl-2.5.7/apps/tqsl.cpp:164:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char unipwd[64];
data/trustedqsl-2.5.7/apps/tqsl.cpp:239:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char call[TQSL_CALLSIGN_MAX+1] = "";
data/trustedqsl-2.5.7/apps/tqsl.cpp:1717:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[512];
data/trustedqsl-2.5.7/apps/tqsl.cpp:1731:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loccall[512];
data/trustedqsl-2.5.7/apps/tqsl.cpp:1752:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char deflocn[512];
data/trustedqsl-2.5.7/apps/tqsl.cpp:1757:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loccall[512];
data/trustedqsl-2.5.7/apps/tqsl.cpp:1824:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char amode[40];
data/trustedqsl-2.5.7/apps/tqsl.cpp:1828:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char amode[40];
data/trustedqsl-2.5.7/apps/tqsl.cpp:1915:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char callsign[40];
data/trustedqsl-2.5.7/apps/tqsl.cpp:2011:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loc_name[128];
data/trustedqsl-2.5.7/apps/tqsl.cpp:2196:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dupeErrString[256];
data/trustedqsl-2.5.7/apps/tqsl.cpp:2424:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out.open(lfn, ios::out|ios::trunc|ios::binary);
data/trustedqsl-2.5.7/apps/tqsl.cpp:2427:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out.open(outfile.ToUTF8(), ios::out|ios::trunc|ios::binary);
data/trustedqsl-2.5.7/apps/tqsl.cpp:2609:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[1024];
data/trustedqsl-2.5.7/apps/tqsl.cpp:2665:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
*curlLogFile = fopen(filename.ToUTF8(), newFile ? "wb" : "ab");
data/trustedqsl-2.5.7/apps/tqsl.cpp:2693:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char caBundle[256];
data/trustedqsl-2.5.7/apps/tqsl.cpp:2779:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errorbuf[CURL_ERROR_SIZE];
data/trustedqsl-2.5.7/apps/tqsl.cpp:2954:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char call[128];
data/trustedqsl-2.5.7/apps/tqsl.cpp:2982:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[512];
data/trustedqsl-2.5.7/apps/tqsl.cpp:3013:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loccall[512];
data/trustedqsl-2.5.7/apps/tqsl.cpp:3293:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *configFile = fopen(filename.ToUTF8(), "wb");
data/trustedqsl-2.5.7/apps/tqsl.cpp:3306:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errorbuf[CURL_ERROR_SIZE];
data/trustedqsl-2.5.7/apps/tqsl.cpp:3372:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *updateFile = fopen(filename.ToUTF8(), "wb");
data/trustedqsl-2.5.7/apps/tqsl.cpp:3385:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errorbuf[CURL_ERROR_SIZE];
data/trustedqsl-2.5.7/apps/tqsl.cpp:3463:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errorbuf[CURL_ERROR_SIZE];
data/trustedqsl-2.5.7/apps/tqsl.cpp:3569:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char callsign[64];
data/trustedqsl-2.5.7/apps/tqsl.cpp:3821:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errorbuf[CURL_ERROR_SIZE];
data/trustedqsl-2.5.7/apps/tqsl.cpp:4018:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char url[512];
data/trustedqsl-2.5.7/apps/tqsl.cpp:4034:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errorbuf[CURL_ERROR_SIZE];
data/trustedqsl-2.5.7/apps/tqsl.cpp:4191:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char url[512];
data/trustedqsl-2.5.7/apps/tqsl.cpp:4207:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errorbuf[CURL_ERROR_SIZE];
data/trustedqsl-2.5.7/apps/tqsl.cpp:4348:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char deflocn[512];
data/trustedqsl-2.5.7/apps/tqsl.cpp:4358:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char callsign[40];
data/trustedqsl-2.5.7/apps/tqsl.cpp:4359:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loc_name[256];
data/trustedqsl-2.5.7/apps/tqsl.cpp:4507:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *)name.ToUTF8(), (const char *)groupNames[i].ToUTF8()) < 0) {
data/trustedqsl-2.5.7/apps/tqsl.cpp:4609:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8192];
data/trustedqsl-2.5.7/apps/tqsl.cpp:4636:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char callsign[64];
data/trustedqsl-2.5.7/apps/tqsl.cpp:4722:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dupekey[256];
data/trustedqsl-2.5.7/apps/tqsl.cpp:4723:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dupedata[256];
data/trustedqsl-2.5.7/apps/tqsl.cpp:4812:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8192];
data/trustedqsl-2.5.7/apps/tqsl.cpp:4995:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[500];
data/trustedqsl-2.5.7/apps/tqsl.cpp:5046:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/trustedqsl-2.5.7/apps/tqsl.cpp:5047:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, text, len);
data/trustedqsl-2.5.7/apps/tqsl.cpp:5061:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/trustedqsl-2.5.7/apps/tqsl.cpp:5231:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char langfile[1024];
data/trustedqsl-2.5.7/apps/tqsl.cpp:5240:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((lfp = fopen(langfile, "rb")) == NULL) {
data/trustedqsl-2.5.7/apps/tqsl.cpp:5248:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lBuf[128];
data/trustedqsl-2.5.7/apps/tqsl.cpp:5266:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((lfp = fopen(langfile, "rb")) == NULL) {
data/trustedqsl-2.5.7/apps/tqsl.cpp:5670:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[100];
data/trustedqsl-2.5.7/apps/tqsl.cpp:5690:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[100];
data/trustedqsl-2.5.7/apps/tqsl.cpp:5829:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char deflocn[512];
data/trustedqsl-2.5.7/apps/tqsl.cpp:6131:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/trustedqsl-2.5.7/apps/tqsl.cpp:6288:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[40];
data/trustedqsl-2.5.7/apps/tqsl.cpp:6321:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m[500];
data/trustedqsl-2.5.7/apps/tqsl.cpp:6428:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char call[40];
data/trustedqsl-2.5.7/apps/tqsl.cpp:6485:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char call[40];
data/trustedqsl-2.5.7/apps/tqsl.cpp:6541:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[500];
data/trustedqsl-2.5.7/apps/tqsl.cpp:6568:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/trustedqsl-2.5.7/apps/tqsl.cpp:6749:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[512];
data/trustedqsl-2.5.7/apps/tqsl.cpp:6760:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loccall[512];
data/trustedqsl-2.5.7/apps/tqsl.cpp:6893:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char callsign[40];
data/trustedqsl-2.5.7/apps/tqsl.cpp:6907:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128] = "";
data/trustedqsl-2.5.7/apps/tqsl.cpp:7100:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fieldbuf[512];
data/trustedqsl-2.5.7/apps/tqsl.cpp:7211:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
lockfileFD = open(lfname.ToUTF8(), O_RDWR| O_CREAT, 0644);
data/trustedqsl-2.5.7/apps/tqslpaths.h:40:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[256];
data/trustedqsl-2.5.7/apps/tqslsign.cpp:182:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char callsign[40];
data/trustedqsl-2.5.7/apps/tqslsign.cpp:210:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out.open(outfile.ToUTF8(), ios::out|ios::trunc|ios::binary);
data/trustedqsl-2.5.7/apps/tqslsign.cpp:463:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[100];
data/trustedqsl-2.5.7/apps/tqslupdater.cpp:139:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char caBundle[256];
data/trustedqsl-2.5.7/apps/tqslupdater.cpp:205:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errorbuf[CURL_ERROR_SIZE];
data/trustedqsl-2.5.7/apps/tqslupdater.cpp:262:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errorbuf[CURL_ERROR_SIZE];
data/trustedqsl-2.5.7/apps/tqslupdater.cpp:339:15: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
int needed = MultiByteToWideChar(CP_UTF8, 0, str, -1, 0, 0);
data/trustedqsl-2.5.7/apps/tqslupdater.cpp:343:2: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
MultiByteToWideChar(CP_UTF8, 0, str, -1, &buffer[0], needed);
data/trustedqsl-2.5.7/apps/tqslvalidator.cpp:96:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/trustedqsl-2.5.7/apps/tqslvalidator.cpp:122:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/trustedqsl-2.5.7/apps/tqslwiz.cpp:44:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char callsign[TQSL_CALLSIGN_MAX+1];
data/trustedqsl-2.5.7/apps/tqslwiz.cpp:59:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/trustedqsl-2.5.7/apps/tqslwiz.cpp:144:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gabbi_name[40];
data/trustedqsl-2.5.7/apps/tqslwiz.cpp:172:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/trustedqsl-2.5.7/apps/tqslwiz.cpp:248:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gabbi_name[40];
data/trustedqsl-2.5.7/apps/tqslwiz.cpp:262:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/trustedqsl-2.5.7/apps/tqslwiz.cpp:271:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char item[200];
data/trustedqsl-2.5.7/apps/tqslwiz.cpp:297:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/trustedqsl-2.5.7/apps/tqslwiz.cpp:310:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/trustedqsl-2.5.7/apps/tqslwiz.cpp:334:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gabbi_name[40];
data/trustedqsl-2.5.7/apps/tqslwiz.cpp:354:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gabbi_name[40];
data/trustedqsl-2.5.7/apps/tqslwiz.cpp:388:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[256];
data/trustedqsl-2.5.7/apps/tqslwiz.cpp:400:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[256];
data/trustedqsl-2.5.7/apps/tqslwiz.cpp:412:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gabbi_name[256];
data/trustedqsl-2.5.7/apps/tqslwiz.cpp:475:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gabbi_name[40];
data/trustedqsl-2.5.7/apps/tqslwiz.cpp:485:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[256];
data/trustedqsl-2.5.7/apps/tqslwiz.cpp:577:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/trustedqsl-2.5.7/apps/tqslwiz.cpp:669:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/trustedqsl-2.5.7/apps/tqslwiz.cpp:672:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cbuf[256];
data/trustedqsl-2.5.7/src/adif.cpp:42:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ADIF_ErrorField[TQSL_ADIF_FIELD_NAME_LENGTH_MAX + 1];
data/trustedqsl-2.5.7/src/adif.cpp:91:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((adif->fp = fopen(filename, "rb")) == NULL) {
data/trustedqsl-2.5.7/src/adif.cpp:151:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char errorText[512];
data/trustedqsl-2.5.7/src/adif.cpp:474:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, src, slen);
data/trustedqsl-2.5.7/src/adif.cpp:496:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nbuf[20];
data/trustedqsl-2.5.7/src/adif.h:69:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[TQSL_ADIF_FIELD_NAME_LENGTH_MAX + 1]; ///< Field name
data/trustedqsl-2.5.7/src/adif.h:70:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[TQSL_ADIF_FIELD_TYPE_LENGTH_MAX + 1]; ///< Field type
data/trustedqsl-2.5.7/src/adif.h:81:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[TQSL_ADIF_FIELD_NAME_LENGTH_MAX + 1]; ///< Field name
data/trustedqsl-2.5.7/src/adif.h:82:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char size[TQSL_ADIF_FIELD_SIZE_LENGTH_MAX + 1]; ///< Size
data/trustedqsl-2.5.7/src/adif.h:83:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[TQSL_ADIF_FIELD_TYPE_LENGTH_MAX + 1]; ///< Type
data/trustedqsl-2.5.7/src/cabrillo.cpp:33:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char errmsgbuf[256];
data/trustedqsl-2.5.7/src/cabrillo.cpp:34:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char errmsgdata[128];
data/trustedqsl-2.5.7/src/cabrillo.cpp:122:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rec[TQSL_CABRILLO_MAX_RECORD_LENGTH+1];
data/trustedqsl-2.5.7/src/cabrillo.cpp:125:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fields[TQSL_CABRILLO_MAX_FIELDS];
data/trustedqsl-2.5.7/src/cabrillo.cpp:355:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modebuf[80];
data/trustedqsl-2.5.7/src/cabrillo.cpp:368:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((cfile = fopen(default_path.c_str(), "r")) == NULL) {
data/trustedqsl-2.5.7/src/cabrillo.cpp:393:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((cfile = fopen(user_path.c_str(), "r")) == NULL) {
data/trustedqsl-2.5.7/src/cabrillo.cpp:459:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(c->fields, cabrillo_dummy, sizeof cabrillo_dummy);
data/trustedqsl-2.5.7/src/cabrillo.cpp:500:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((cab->fp = fopen(filename, "r")) == NULL) {
data/trustedqsl-2.5.7/src/cabrillo.h:70:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[TQSL_CABRILLO_FIELD_NAME_LENGTH_MAX +1]; ///< Field name
data/trustedqsl-2.5.7/src/cabrillo.h:71:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[TQSL_CABRILLO_FIELD_VALUE_LENGTH_MAX +1]; ///< Field value
data/trustedqsl-2.5.7/src/converter.c:28:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[40];
data/trustedqsl-2.5.7/src/converter.c:33:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, " on line %d", lineno);
data/trustedqsl-2.5.7/src/converter.c:46:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char call[256];
data/trustedqsl-2.5.7/src/converter.cpp:64:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char call[256];
data/trustedqsl-2.5.7/src/converter.cpp:91:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out.open(ofile, std::ios::out|std::ios::trunc|std::ios::binary);
data/trustedqsl-2.5.7/src/converter.cpp:120:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[40] = "";
data/trustedqsl-2.5.7/src/dumptqsldata.cpp:31:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[20], buf2[20];
data/trustedqsl-2.5.7/src/gen_crq.cpp:93:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/trustedqsl-2.5.7/src/location.cpp:136:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data_errors[512];
data/trustedqsl-2.5.7/src/location.cpp:493:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/trustedqsl-2.5.7/src/location.cpp:1479:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char callsign[40];
data/trustedqsl-2.5.7/src/location.cpp:1482:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ibuf[10];
data/trustedqsl-2.5.7/src/location.cpp:1561:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[10];
data/trustedqsl-2.5.7/src/location.cpp:1715:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[40];
data/trustedqsl-2.5.7/src/location.cpp:2472:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out.open(wfn);
data/trustedqsl-2.5.7/src/location.cpp:2475:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out.open(fn.c_str());
data/trustedqsl-2.5.7/src/location.cpp:2590:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2048];
data/trustedqsl-2.5.7/src/location.cpp:2944:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[20];
data/trustedqsl-2.5.7/src/location.cpp:3019:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[20];
data/trustedqsl-2.5.7/src/location.cpp:3155:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/trustedqsl-2.5.7/src/location.cpp:3208:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[3000];
data/trustedqsl-2.5.7/src/location.cpp:3219:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sbuf[10], lbuf[40];
data/trustedqsl-2.5.7/src/location.cpp:3240:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sbuf[10], lbuf[40];
data/trustedqsl-2.5.7/src/location.cpp:3264:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/trustedqsl-2.5.7/src/location.cpp:3317:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/trustedqsl-2.5.7/src/location.cpp:3363:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sig[129];
data/trustedqsl-2.5.7/src/location.cpp:3368:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b64[512];
data/trustedqsl-2.5.7/src/location.cpp:3372:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sbuf[10], lbuf[40];
data/trustedqsl-2.5.7/src/location.cpp:3376:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/trustedqsl-2.5.7/src/location.cpp:3413:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date_buf[40] = "";
data/trustedqsl-2.5.7/src/location.cpp:3915:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out.open(wfn);
data/trustedqsl-2.5.7/src/location.cpp:3918:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out.open(fn.c_str());
data/trustedqsl-2.5.7/src/openssl_cert.cpp:350:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char tqsl_static_buf[2001];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:352:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ImportCall[256];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:468:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:469:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[256];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:565:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((out = fopen(filename, TQSL_OPEN_WRITE)) == NULL) {
data/trustedqsl-2.5.7/src/openssl_cert.cpp:660:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ibuf[256];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:697:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((out = fopen(path, TQSL_OPEN_APPEND)) == NULL) {
data/trustedqsl-2.5.7/src/openssl_cert.cpp:860:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[256];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:869:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:950:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[256];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1155:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[256];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1239:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, cp, len);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1261:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char callsign[40];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1302:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[10];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1344:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char datebuf[20];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1374:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, cp, len);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1446:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, cp, len);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1469:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[TQSL_MAX_PATH_LEN];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1470:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temppath[TQSL_MAX_PATH_LEN];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1471:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char biobuf[4096];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1527:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((temp = fopen(temppath, TQSL_OPEN_WRITE)) == NULL) {
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1608:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nbuf[40];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1642:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nbuf[40];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1663:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nbuf[40];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1757:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nbuf[40];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1795:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nbuf[40];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1833:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char datebuf[40];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1858:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char datebuf[40];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1932:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[40];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:2301:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rootpath[256], capath[256];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:2302:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:2303:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char keyid[EVP_MAX_MD_SIZE];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:2625:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hex[3] = " ";
data/trustedqsl-2.5.7/src/openssl_cert.cpp:2688:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[256], pw[256];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:2801:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nbuf[40];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:2802:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char callbuf[256];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:3029:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char savepath[1024], badpath[1024];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:3114:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char callsign[64];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:3127:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char backupPath[PATH_MAX];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:3138:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen(backupPath, "wb");
data/trustedqsl-2.5.7/src/openssl_cert.cpp:3148:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8192];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:3204:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dname[TQSL_MAX_PATH_LEN];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:3271:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char callsign[256], path[256], newpath[256];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:3434:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char backupPath[PATH_MAX];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:3658:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256], name_buf[256];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:3784:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((cfile = fopen(filename, "r")) == NULL) {
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4004:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[256];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4135:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[20];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4213:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fixcall[256];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4244:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fixcall[256];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4301:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rootpath[256];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4325:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rootpath[256], capath[256];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4326:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pem[sizeof tqsl_static_buf];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4373:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[256];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4374:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char issuer[256];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4375:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[256];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4376:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[256];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4455:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4541:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((out = fopen(path, "a")) == NULL) {
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4669:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newpath[300];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4670:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char savepath[300];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4739:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((out = fopen(newpath, TQSL_OPEN_WRITE)) == NULL) {
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4891:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[256];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4892:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aro[256];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5076:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dname[TQSL_MAX_PATH_LEN];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5087:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fixcall[256];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5170:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5206:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(userbuf, ASN1_STRING_get0_data(data), datasiz);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5259:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char sig[256];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5328:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out.open(wfn);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5331:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out.open(fn.c_str());
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5386:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sstr[32];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5433:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newpath[300];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5434:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char savepath[300];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5480:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((out = fopen(newpath, TQSL_OPEN_WRITE)) == NULL) {
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5579:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[256];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5624:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fixcall[256];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5625:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5644:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((out = fopen(path, TQSL_OPEN_WRITE)) == NULL) {
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5688:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fixcall[256];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5689:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5716:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((in = fopen(path, TQSL_OPEN_READ)) == NULL) {
data/trustedqsl-2.5.7/src/station_loc.cpp:56:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/trustedqsl-2.5.7/src/station_loc.cpp:73:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/trustedqsl-2.5.7/src/station_loc.cpp:90:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/trustedqsl-2.5.7/src/tqslconvert.cpp:101:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serial[512];
data/trustedqsl-2.5.7/src/tqslconvert.cpp:102:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char callsign[64];
data/trustedqsl-2.5.7/src/tqslconvert.cpp:232:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char out[128];
data/trustedqsl-2.5.7/src/tqslconvert.cpp:440:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char call[256];
data/trustedqsl-2.5.7/src/tqslconvert.cpp:563:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dname[TQSL_MAX_PATH_LEN];
data/trustedqsl-2.5.7/src/tqslconvert.cpp:657:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
conv->errfile = fopen(logpath.c_str(), "wb");
data/trustedqsl-2.5.7/src/tqslconvert.cpp:830:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
conv->errfile = fopen(logpath.c_str(), "wb");
data/trustedqsl-2.5.7/src/tqslconvert.cpp:867:29: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((dbret = conv->dbenv->open(conv->dbenv, conv->dbpath, envflags, 0600))) {
data/trustedqsl-2.5.7/src/tqslconvert.cpp:948:29: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((dbret = conv->seendb->open(conv->seendb, conv->txn, "duplicates.db", NULL, DB_UNKNOWN, 0, 0600))) {
data/trustedqsl-2.5.7/src/tqslconvert.cpp:951:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
dbret = conv->seendb->open(conv->seendb, conv->txn, "duplicates.db", NULL, DB_HASH, DB_CREATE, 0600);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:973:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *dmp = fopen(dumpfile.c_str(), "wb+");
data/trustedqsl-2.5.7/src/tqslconvert.cpp:996:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char duprec[512];
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1012:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(duprec, dbkey.data, dbkey.size);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1045:29: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((dbret = conv->dbenv->open(conv->dbenv, conv->dbpath, envflags, 0600))) {
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1061:30: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((dbret = conv->seendb->open(conv->seendb, NULL, "duplicates.db", NULL, DB_HASH, DB_CREATE, 0600))) {
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1069:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d[1]= {'D'};
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1129:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[512];
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1130:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ident[512];
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1306:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char val[256];
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1307:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[256];
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1370:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char signdata[1024];
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1574:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char val[256];
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1579:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modeSub[256];
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1873:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char locstate[5];
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1900:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stnloc[128];
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1901:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char qso[128];
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1920:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dupekey[128];
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1995:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(olddup, dbdata.mv_data, dbdata.mv_size);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1999:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(olddup, dbdata.data, dbdata.size);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:2206:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(key, dbkey.mv_data, dbkey.mv_size);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:2210:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, dbdata.mv_data, dbdata.mv_size);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:2213:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(key, dbkey.data, dbkey.size);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:2217:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, dbdata.data, dbdata.size);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:2269:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(key, dbkey.mv_data, dbkey.mv_size);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:2272:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, dbdata.mv_data, dbdata.mv_size);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:2275:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(key, dbkey.data, dbkey.size);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:2278:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, dbdata.data, dbdata.size);
data/trustedqsl-2.5.7/src/tqsllib.cpp:52:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
DLLEXPORTDATA char tQSL_ErrorFile[256];
data/trustedqsl-2.5.7/src/tqsllib.cpp:53:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
DLLEXPORTDATA char tQSL_CustomError[256];
data/trustedqsl-2.5.7/src/tqsllib.cpp:54:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
DLLEXPORTDATA char tQSL_ImportCall[256];
data/trustedqsl-2.5.7/src/tqsllib.cpp:137:2: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t dpath[TQSL_MAX_PATH_LEN];
data/trustedqsl-2.5.7/src/tqsllib.cpp:138:2: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t npath[TQSL_MAX_PATH_LEN];
data/trustedqsl-2.5.7/src/tqsllib.cpp:168:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dpath[TQSL_MAX_PATH_LEN];
data/trustedqsl-2.5.7/src/tqsllib.cpp:169:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char npath[TQSL_MAX_PATH_LEN];
data/trustedqsl-2.5.7/src/tqsllib.cpp:203:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wpath[TQSL_MAX_PATH_LEN];
data/trustedqsl-2.5.7/src/tqsllib.cpp:254:9: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t path[TQSL_MAX_PATH_LEN * 2];
data/trustedqsl-2.5.7/src/tqsllib.cpp:263:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char path[TQSL_MAX_PATH_LEN];
data/trustedqsl-2.5.7/src/tqsllib.cpp:371:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((test = fopen(path, "wb")) == NULL) {
data/trustedqsl-2.5.7/src/tqsllib.cpp:387:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char path[TQSL_MAX_PATH_LEN];
data/trustedqsl-2.5.7/src/tqsllib.cpp:399:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[512];
data/trustedqsl-2.5.7/src/tqsllib.cpp:579:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(output, memp, n);
data/trustedqsl-2.5.7/src/tqsllib.cpp:641:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lbuf[10];
data/trustedqsl-2.5.7/src/tqsllib.cpp:710:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lbuf[10];
data/trustedqsl-2.5.7/src/tqsllib.cpp:875:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char frag[10];
data/trustedqsl-2.5.7/src/tqsllib.cpp:962:15: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
int needed = MultiByteToWideChar(CP_UTF8, 0, str, -1, 0, 0);
data/trustedqsl-2.5.7/src/tqsllib.cpp:966:2: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
MultiByteToWideChar(CP_UTF8, 0, str, -1, &buffer[0], needed);
data/trustedqsl-2.5.7/src/tqsllib.cpp:993:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timebuf[50];
data/trustedqsl-2.5.7/src/tqsllib.cpp:1031:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tQSL_DiagFile = fopen(fname, "wb");
data/trustedqsl-2.5.7/src/tqsllib.cpp:1038:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[256];
data/trustedqsl-2.5.7/src/tqsllib.h:96:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char organizationName[TQSL_NAME_ELEMENT_MAX+1]; ///< Provider name
data/trustedqsl-2.5.7/src/tqsllib.h:97:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char organizationalUnitName[TQSL_NAME_ELEMENT_MAX+1]; ///< Provider unit
data/trustedqsl-2.5.7/src/tqsllib.h:98:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char emailAddress[TQSL_NAME_ELEMENT_MAX+1]; ///< Provider e-mail
data/trustedqsl-2.5.7/src/tqsllib.h:99:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char url[TQSL_NAME_ELEMENT_MAX+1]; ///< Provider URL
data/trustedqsl-2.5.7/src/tqsllib.h:104:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char providerName[TQSL_NAME_ELEMENT_MAX+1]; ///< Provider name
data/trustedqsl-2.5.7/src/tqsllib.h:105:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char providerUnit[TQSL_NAME_ELEMENT_MAX+1]; ///< Provider unit
data/trustedqsl-2.5.7/src/tqsllib.h:106:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char callSign[TQSL_CALLSIGN_MAX+1]; ///< Callsign
data/trustedqsl-2.5.7/src/tqsllib.h:107:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[TQSL_CRQ_NAME_MAX+1]; ///< Name
data/trustedqsl-2.5.7/src/tqsllib.h:108:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char address1[TQSL_CRQ_ADDR_MAX+1]; ///< Address 1
data/trustedqsl-2.5.7/src/tqsllib.h:109:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char address2[TQSL_CRQ_ADDR_MAX+1]; ///< Address 2
data/trustedqsl-2.5.7/src/tqsllib.h:110:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char city[TQSL_CRQ_CITY_MAX+1]; ///< City
data/trustedqsl-2.5.7/src/tqsllib.h:111:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char state[TQSL_CRQ_STATE_MAX+1]; ///< State
data/trustedqsl-2.5.7/src/tqsllib.h:112:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char postalCode[TQSL_CRQ_POSTAL_MAX+1]; ///< Postal Code
data/trustedqsl-2.5.7/src/tqsllib.h:113:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char country[TQSL_CRQ_COUNTRY_MAX+1]; ///< Country
data/trustedqsl-2.5.7/src/tqsllib.h:114:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char emailAddress[TQSL_CRQ_EMAIL_MAX+1]; ///< e-mail
data/trustedqsl-2.5.7/src/tqsllib.h:118:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char password[TQSL_PASSWORD_MAX+1]; ///< Password
data/trustedqsl-2.5.7/src/tqsllib.h:125:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char callsign[TQSL_CALLSIGN_MAX+1]; ///< QSO callsign
data/trustedqsl-2.5.7/src/tqsllib.h:126:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char band[TQSL_BAND_MAX+1]; ///< QSO band
data/trustedqsl-2.5.7/src/tqsllib.h:127:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mode[TQSL_MODE_MAX+1]; ///< QSO mode
data/trustedqsl-2.5.7/src/tqsllib.h:128:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char submode[TQSL_MODE_MAX+1]; ///< QSO submode
data/trustedqsl-2.5.7/src/tqsllib.h:131:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char freq[TQSL_FREQ_MAX+1]; ///< QSO frequency
data/trustedqsl-2.5.7/src/tqsllib.h:132:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rxfreq[TQSL_FREQ_MAX+1]; ///< QSO receive frequency
data/trustedqsl-2.5.7/src/tqsllib.h:133:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rxband[TQSL_BAND_MAX+1]; ///< QSO RX band
data/trustedqsl-2.5.7/src/tqsllib.h:134:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char propmode[TQSL_PROPMODE_MAX+1]; ///< QSO prop mode
data/trustedqsl-2.5.7/src/tqsllib.h:135:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char satname[TQSL_SATNAME_MAX+1]; ///< QSO satellite name
data/trustedqsl-2.5.7/src/tqsllib.h:141:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char my_state[TQSL_STATE_MAX+1]; ///< QSO specifies MY_STATE
data/trustedqsl-2.5.7/src/tqsllib.h:142:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char my_gridsquare[TQSL_GRID_MAX+1]; ///< QSO specifies MY_GRIDSQUARE
data/trustedqsl-2.5.7/src/tqsllib.h:143:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char my_vucc_grids[TQSL_GRID_MAX+1]; ///< QSO specifies MY_VUCC_GRIDS
data/trustedqsl-2.5.7/src/tqsllib.h:144:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char my_county[TQSL_CNTY_MAX+1]; ///< QSO specifies MY_CNTY
data/trustedqsl-2.5.7/src/tqsllib.h:145:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char my_cnty_state[TQSL_STATE_MAX+1]; ///< QSO specifies a state with MY_CNTY
data/trustedqsl-2.5.7/src/tqsllib.h:146:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char my_country[TQSL_COUNTRY_MAX+1]; ///< QSO specifies MY_COUNTRY
data/trustedqsl-2.5.7/src/tqsllib.h:147:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char my_cq_zone[TQSL_ZONE_MAX+1]; ///< QSO specifies MY_CQ_ZONE
data/trustedqsl-2.5.7/src/tqsllib.h:148:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char my_itu_zone[TQSL_ZONE_MAX+1]; ///< QSO specifies MY_ITU_ZONE
data/trustedqsl-2.5.7/src/tqsllib.h:150:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char my_call[TQSL_CALLSIGN_MAX+1]; ///< Station Callsign
data/trustedqsl-2.5.7/src/tqsllib.h:152:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char my_owner[TQSL_CALLSIGN_MAX+1]; ///< Station Owner Callsign
data/trustedqsl-2.5.7/src/tqsllib.h:154:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char my_operator[TQSL_CALLSIGN_MAX+1]; ///< Operator's callsign
data/trustedqsl-2.5.7/src/tqsllib.h:155:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char my_iota[TQSL_IOTA_MAX+1]; ///< QSO specifies MY_IOTA_
data/trustedqsl-2.5.7/src/tqsllib.h:180:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
DLLEXPORTDATA extern char tQSL_ErrorFile[256];
data/trustedqsl-2.5.7/src/tqsllib.h:182:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
DLLEXPORTDATA extern char tQSL_CustomError[256];
data/trustedqsl-2.5.7/src/tqsllib.h:186:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
DLLEXPORTDATA extern char tQSL_ImportCall[256];
data/trustedqsl-2.5.7/src/windirent.h:227:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t d_name[PATH_MAX + 1]; /* File name */
data/trustedqsl-2.5.7/src/windirent.h:261:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d_name[PATH_MAX + 1]; /* File name */
data/trustedqsl-2.5.7/src/windirent.h:554:9: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t wname[PATH_MAX + 1];
data/trustedqsl-2.5.7/src/xml.cpp:112:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/trustedqsl-2.5.7/apps/certtree.cpp:121:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant string.
strncat(callsign, " - ", sizeof callsign - strlen(callsign)-1);
data/trustedqsl-2.5.7/apps/certtree.cpp:121:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(callsign, " - ", sizeof callsign - strlen(callsign)-1);
data/trustedqsl-2.5.7/apps/certtree.cpp:133:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(callsign, entityName, sizeof callsign - strlen(callsign)-1);
data/trustedqsl-2.5.7/apps/certtree.cpp:133:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(callsign, entityName, sizeof callsign - strlen(callsign)-1);
data/trustedqsl-2.5.7/apps/crqwiz.cpp:1092:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(csign, rec.ToUTF8(), sizeof csign);
data/trustedqsl-2.5.7/apps/dxcc.cpp:51:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cdel, del.ToUTF8(), sizeof cdel);
data/trustedqsl-2.5.7/apps/dxcc.cpp:71:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(testName, entityName, sizeof testName);
data/trustedqsl-2.5.7/apps/dxcc.cpp:77:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(fixedName, testName, sizeof fixedName);
data/trustedqsl-2.5.7/apps/dxcc.cpp:78:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(fixedName, cdel, sizeof fixedName - strlen(fixedName) - 1);
data/trustedqsl-2.5.7/apps/dxcc.cpp:78:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(fixedName, cdel, sizeof fixedName - strlen(fixedName) - 1);
data/trustedqsl-2.5.7/apps/dxcc.cpp:79:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen("DELETED"); // Go past the DELETED string
data/trustedqsl-2.5.7/apps/dxcc.cpp:80:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(fixedName, p, sizeof fixedName - strlen(fixedName) - 1);
data/trustedqsl-2.5.7/apps/dxcc.cpp:80:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(fixedName, p, sizeof fixedName - strlen(fixedName) - 1);
data/trustedqsl-2.5.7/apps/jsonreader.cpp:327:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(readBuff);
data/trustedqsl-2.5.7/apps/jsonwriter.cpp:675:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
os.Write(err, strlen(err));
data/trustedqsl-2.5.7/apps/jsonwriter.cpp:678:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(writeBuff);
data/trustedqsl-2.5.7/apps/jsonwriter.cpp:853:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
os.Write(err, strlen(err));
data/trustedqsl-2.5.7/apps/jsonwriter.cpp:856:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(writeBuff);
data/trustedqsl-2.5.7/apps/jsonwriter.cpp:914:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(cbData);
data/trustedqsl-2.5.7/apps/jsonwriter.cpp:922:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buffer);
data/trustedqsl-2.5.7/apps/jsonwriter.cpp:967:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(cbData);
data/trustedqsl-2.5.7/apps/jsonwriter.cpp:975:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buffer);
data/trustedqsl-2.5.7/apps/jsonwriter.cpp:1003:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(buffer);
data/trustedqsl-2.5.7/apps/jsonwriter.cpp:1031:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(c);
data/trustedqsl-2.5.7/apps/jsonwriter.cpp:1131:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(str);
data/trustedqsl-2.5.7/apps/loadcertwiz.cpp:170:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, dial.Password().ToUTF8(), bufsiz);
data/trustedqsl-2.5.7/apps/qsodatadialog.cpp:249:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(err, getLocalizedErrorString().ToUTF8(), sizeof err);
data/trustedqsl-2.5.7/apps/tqsl.cpp:261:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, pwd.ToUTF8(), bufsiz);
data/trustedqsl-2.5.7/apps/tqsl.cpp:1725:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(errbuf) > 0) {
data/trustedqsl-2.5.7/apps/tqsl.cpp:1841:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(cp) == 8) {
data/trustedqsl-2.5.7/apps/tqsl.cpp:1850:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(cp) >= 4) {
data/trustedqsl-2.5.7/apps/tqsl.cpp:1851:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rec._time.second = (strlen(cp) > 4) ? strtol(cp+4, NULL, 10) : 0;
data/trustedqsl-2.5.7/apps/tqsl.cpp:1940:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(callsign, defcall, sizeof callsign);
data/trustedqsl-2.5.7/apps/tqsl.cpp:2013:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(loc_name, "Unknown", sizeof loc_name);
data/trustedqsl-2.5.7/apps/tqsl.cpp:2200:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dupeErrString, tQSL_CustomError, sizeof dupeErrString);
data/trustedqsl-2.5.7/apps/tqsl.cpp:2518:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
stream.avail_in = strlen(input);
data/trustedqsl-2.5.7/apps/tqsl.cpp:2610:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(filename, wxString::Format(wxT("<TQSLUpl %s-%s> %s"),
data/trustedqsl-2.5.7/apps/tqsl.cpp:2694:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(caBundle, caBundlePath.ToUTF8(), sizeof caBundle);
data/trustedqsl-2.5.7/apps/tqsl.cpp:3008:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(errbuf) > 0) {
data/trustedqsl-2.5.7/apps/tqsl.cpp:3028:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(errbuf) > 0) {
data/trustedqsl-2.5.7/apps/tqsl.cpp:4019:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(url, (wxString::Format(wxT("https://lotw.arrl.org/tqsl-setup.php?callsign=%hs&dxcc=%d"), callsign, dxcc)).ToUTF8(), sizeof url);
data/trustedqsl-2.5.7/apps/tqsl.cpp:4192:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(url, (wxString::Format(wxT("https://lotw.arrl.org/uls.php?callsign=%hs"), callsign)).ToUTF8(), sizeof url);
data/trustedqsl-2.5.7/apps/tqsl.cpp:4616:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (gzwrite(out, buf, strlen(buf)) < 0)
data/trustedqsl-2.5.7/apps/tqsl.cpp:4628:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (gzwrite(out, buf, strlen(buf)) < 0)
data/trustedqsl-2.5.7/apps/tqsl.cpp:4655:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (gzwrite(out, buf, strlen(buf)) < 0)
data/trustedqsl-2.5.7/apps/tqsl.cpp:4664:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (gzwrite(out, buf, strlen(buf)) < 0)
data/trustedqsl-2.5.7/apps/tqsl.cpp:4734:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dupekey, dk.ToUTF8(), sizeof dupekey);
data/trustedqsl-2.5.7/apps/tqsl.cpp:4735:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dupedata, dd.ToUTF8(), sizeof dupedata);
data/trustedqsl-2.5.7/apps/tqsl.cpp:4851:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(atts[i+1]) == 0) {
data/trustedqsl-2.5.7/apps/tqsl.cpp:4857:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(atts[i+1]) == 0) {
data/trustedqsl-2.5.7/apps/tqsl.cpp:4964:84: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int status = tqsl_putDuplicateRecord(loader->conv, dupekey, dupedata, dupekey ? strlen(dupekey) : 0);
data/trustedqsl-2.5.7/apps/tqsl.cpp:4996:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, getLocalizedErrorString().ToUTF8(), sizeof buf);
data/trustedqsl-2.5.7/apps/tqsl.cpp:5100:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (XML_Parse(xp, loc, strlen(loc), 1) == 0) {
data/trustedqsl-2.5.7/apps/tqsl.cpp:5671:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tmp, (const char *)act.ToUTF8(), sizeof tmp);
data/trustedqsl-2.5.7/apps/tqsl.cpp:5691:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tmp, (const char *)verify.ToUTF8(), sizeof tmp);
data/trustedqsl-2.5.7/apps/tqsl.cpp:6134:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(req->providerName, buf, sizeof req->providerName);
data/trustedqsl-2.5.7/apps/tqsl.cpp:6136:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(req->providerUnit, buf, sizeof req->providerUnit);
data/trustedqsl-2.5.7/apps/tqsl.cpp:6139:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(req->callSign, callSign.ToUTF8(), sizeof req->callSign);
data/trustedqsl-2.5.7/apps/tqsl.cpp:6143:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(req->name, name.ToUTF8(), sizeof req->name);
data/trustedqsl-2.5.7/apps/tqsl.cpp:6150:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(req->emailAddress, emailAddress.ToUTF8(), sizeof req->emailAddress);
data/trustedqsl-2.5.7/apps/tqsl.cpp:6154:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(req->address1, address1.ToUTF8(), sizeof req->address1);
data/trustedqsl-2.5.7/apps/tqsl.cpp:6158:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(req->address2, address2.ToUTF8(), sizeof req->address2);
data/trustedqsl-2.5.7/apps/tqsl.cpp:6162:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(req->city, city.ToUTF8(), sizeof req->city);
data/trustedqsl-2.5.7/apps/tqsl.cpp:6166:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(req->state, state.ToUTF8(), sizeof req->state);
data/trustedqsl-2.5.7/apps/tqsl.cpp:6170:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(req->postalCode, postalCode.ToUTF8(), sizeof req->postalCode);
data/trustedqsl-2.5.7/apps/tqsl.cpp:6174:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(req->country, country.ToUTF8(), sizeof req->country);
data/trustedqsl-2.5.7/apps/tqsl.cpp:6268:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(req.providerName, wiz.provider.organizationName, sizeof req.providerName);
data/trustedqsl-2.5.7/apps/tqsl.cpp:6269:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(req.providerUnit, wiz.provider.organizationalUnitName, sizeof req.providerUnit);
data/trustedqsl-2.5.7/apps/tqsl.cpp:6270:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(req.callSign, wiz.callsign.ToUTF8(), sizeof req.callSign);
data/trustedqsl-2.5.7/apps/tqsl.cpp:6271:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(req.name, wiz.name.ToUTF8(), sizeof req.name);
data/trustedqsl-2.5.7/apps/tqsl.cpp:6272:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(req.address1, wiz.addr1.ToUTF8(), sizeof req.address1);
data/trustedqsl-2.5.7/apps/tqsl.cpp:6273:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(req.address2, wiz.addr2.ToUTF8(), sizeof req.address2);
data/trustedqsl-2.5.7/apps/tqsl.cpp:6274:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(req.city, wiz.city.ToUTF8(), sizeof req.city);
data/trustedqsl-2.5.7/apps/tqsl.cpp:6275:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(req.state, wiz.state.ToUTF8(), sizeof req.state);
data/trustedqsl-2.5.7/apps/tqsl.cpp:6276:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(req.postalCode, wiz.zip.ToUTF8(), sizeof req.postalCode);
data/trustedqsl-2.5.7/apps/tqsl.cpp:6278:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(req.country, "USA", sizeof req.country);
data/trustedqsl-2.5.7/apps/tqsl.cpp:6280:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(req.country, wiz.country.ToUTF8(), sizeof req.country);
data/trustedqsl-2.5.7/apps/tqsl.cpp:6281:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(req.emailAddress, wiz.email.ToUTF8(), sizeof req.emailAddress);
data/trustedqsl-2.5.7/apps/tqsl.cpp:6282:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(req.password, wiz.password.ToUTF8(), sizeof req.password);
data/trustedqsl-2.5.7/apps/tqsl.cpp:6322:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(m, msg.ToUTF8(), sizeof m);
data/trustedqsl-2.5.7/apps/tqsl.cpp:6343:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
in.read(&contents[0], contents.size());
data/trustedqsl-2.5.7/apps/tqsl.cpp:6542:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, getLocalizedErrorString().ToUTF8(), sizeof buf);
data/trustedqsl-2.5.7/apps/tqsl.cpp:6755:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(errbuf) > 0) {
data/trustedqsl-2.5.7/apps/tqsl.cpp:6915:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(buf, "N/A", sizeof buf);
data/trustedqsl-2.5.7/apps/tqsl.cpp:6921:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(buf, "N/A", sizeof buf);
data/trustedqsl-2.5.7/apps/tqsl.cpp:6933:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(buf, "N/A", sizeof buf);
data/trustedqsl-2.5.7/apps/tqsl.cpp:6941:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(buf, "N/A", sizeof buf);
data/trustedqsl-2.5.7/apps/tqsl.cpp:6947:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(callsign, buf, sizeof callsign);
data/trustedqsl-2.5.7/apps/tqsl.cpp:6952:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, DXCC.name(), sizeof buf);
data/trustedqsl-2.5.7/apps/tqsl.cpp:6966:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, __("Missing from this computer"), sizeof buf);
data/trustedqsl-2.5.7/apps/tqsl.cpp:6970:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, __("Private Key not found"), sizeof buf);
data/trustedqsl-2.5.7/apps/tqsl.cpp:6974:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, __("Unable to read - no permission"), sizeof buf);
data/trustedqsl-2.5.7/apps/tqsl.cpp:6982:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, __("<ERROR>"), sizeof buf);
data/trustedqsl-2.5.7/apps/tqsl.cpp:6985:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, __("No Private Key"), sizeof buf);
data/trustedqsl-2.5.7/apps/tqsl.cpp:6988:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, __("None"), sizeof buf);
data/trustedqsl-2.5.7/apps/tqsl.cpp:6991:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, __("Passphrase protected"), sizeof buf);
data/trustedqsl-2.5.7/apps/tqsl.cpp:7103:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(fieldbuf) > 0 && strcmp(fieldbuf, "[None]") != 0) {
data/trustedqsl-2.5.7/apps/tqsl.cpp:7118:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(fieldbuf, "Unknown", sizeof fieldbuf);
data/trustedqsl-2.5.7/apps/tqsl.cpp:7120:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(fieldbuf, dxccname, sizeof fieldbuf);
data/trustedqsl-2.5.7/apps/tqsl.cpp:7169:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, dial.Password().ToUTF8(), bufsiz);
data/trustedqsl-2.5.7/apps/tqsl_prefs.cpp:403:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(str, oldexts.ToUTF8(), oldexts.Length() + 1);
data/trustedqsl-2.5.7/apps/tqslpaths.h:68:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(npath) > 0) && (npath[strlen(npath)-1] != '/')) {
data/trustedqsl-2.5.7/apps/tqslpaths.h:68:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(npath) > 0) && (npath[strlen(npath)-1] != '/')) {
data/trustedqsl-2.5.7/apps/tqslpaths.h:69:27: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(npath, "/", 2);
data/trustedqsl-2.5.7/apps/tqslpaths.h:72:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CFStringGetCString(resString, npath + strlen(npath), lenR + 1, kCFStringEncodingUTF8);
data/trustedqsl-2.5.7/apps/tqslpaths.h:74:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(npath) > 0) && (npath[strlen(npath)-1] != '/')) {
data/trustedqsl-2.5.7/apps/tqslpaths.h:74:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(npath) > 0) && (npath[strlen(npath)-1] != '/')) {
data/trustedqsl-2.5.7/apps/tqslpaths.h:75:27: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(npath, "/", 2);
data/trustedqsl-2.5.7/apps/tqslsign.cpp:261:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gzwrite(gout, const_cast<char *>(cp), strlen(cp));
data/trustedqsl-2.5.7/apps/tqslsign.cpp:464:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tmp, (const char *)act.ToUTF8(), sizeof tmp);
data/trustedqsl-2.5.7/apps/tqslupdater.cpp:140:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(caBundle, caBundlePath.ToUTF8(), sizeof caBundle);
data/trustedqsl-2.5.7/apps/tqslwiz.cpp:176:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!parent->editing && strlen(buf) == 0) { // Empty, so set to default
data/trustedqsl-2.5.7/apps/tqslwiz.cpp:201:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(callsign) != 0) {
data/trustedqsl-2.5.7/apps/tqslwiz.cpp:221:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(callsign) != 0) {
data/trustedqsl-2.5.7/apps/tqslwiz.cpp:236:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(callsign) != 0) {
data/trustedqsl-2.5.7/apps/tqslwiz.cpp:261:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(callsign) >0 && forced[gabbi_name] == callsign) {
data/trustedqsl-2.5.7/apps/tqslwiz.cpp:312:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf) > 0)
data/trustedqsl-2.5.7/apps/tqslwiz.cpp:579:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf) > 0)
data/trustedqsl-2.5.7/apps/wxutil.cpp:187:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(tQSL_ErrorFile) > 0) {
data/trustedqsl-2.5.7/apps/wxutil.cpp:199:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(tQSL_ErrorFile) > 0) {
data/trustedqsl-2.5.7/apps/wxutil.cpp:215:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(tQSL_ErrorFile) > 0) {
data/trustedqsl-2.5.7/apps/wxutil.cpp:224:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(tQSL_ErrorFile) > 0) {
data/trustedqsl-2.5.7/src/adif.cpp:95:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_ErrorFile, filename, sizeof tQSL_ErrorFile);
data/trustedqsl-2.5.7/src/adif.cpp:241:34: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (EOF != (currentCharacter = fgetc(filehandle))) {
data/trustedqsl-2.5.7/src/adif.cpp:285:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strlen(field->name) < TQSL_ADIF_FIELD_NAME_LENGTH_MAX) {
data/trustedqsl-2.5.7/src/adif.cpp:314:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(field->type, adifFields[(field->adifNameIndex)].type, sizeof field->type);
data/trustedqsl-2.5.7/src/adif.cpp:331:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ADIF_ErrorField, field->name, sizeof(ADIF_ErrorField));
data/trustedqsl-2.5.7/src/adif.cpp:336:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strlen(field->size) < TQSL_ADIF_FIELD_SIZE_LENGTH_MAX) {
data/trustedqsl-2.5.7/src/adif.cpp:340:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ADIF_ErrorField, field->name, sizeof(ADIF_ErrorField));
data/trustedqsl-2.5.7/src/adif.cpp:353:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(field->type, adifFields[(field->adifNameIndex)].type, sizeof field->type);
data/trustedqsl-2.5.7/src/adif.cpp:357:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ADIF_ErrorField, field->name, sizeof(ADIF_ErrorField));
data/trustedqsl-2.5.7/src/adif.cpp:371:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strlen(field->type) < TQSL_ADIF_FIELD_TYPE_LENGTH_MAX) {
data/trustedqsl-2.5.7/src/adif.cpp:375:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ADIF_ErrorField, field->name, sizeof(ADIF_ErrorField));
data/trustedqsl-2.5.7/src/adif.cpp:401:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ADIF_ErrorField, field->name, sizeof(ADIF_ErrorField));
data/trustedqsl-2.5.7/src/adif.cpp:424:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ADIF_ErrorField, field->name, sizeof(ADIF_ErrorField));
data/trustedqsl-2.5.7/src/adif.cpp:430:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ADIF_ErrorField, field->name, sizeof(ADIF_ErrorField));
data/trustedqsl-2.5.7/src/adif.cpp:469:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen((const char *)src);
data/trustedqsl-2.5.7/src/adif.cpp:494:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen((const char *)value);
data/trustedqsl-2.5.7/src/cabrillo.cpp:149:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(rec) > TQSL_CABRILLO_FIELD_NAME_LENGTH_MAX)
data/trustedqsl-2.5.7/src/cabrillo.cpp:158:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (sp = cp + strlen(cp); sp != cp; ) {
data/trustedqsl-2.5.7/src/cabrillo.cpp:173:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(fp->value, "SUBMM", sizeof fp->value);
data/trustedqsl-2.5.7/src/cabrillo.cpp:254:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(fp->value, band, sizeof fp->value);
data/trustedqsl-2.5.7/src/cabrillo.cpp:373:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (char *p = modebuf + (strlen(modebuf) - 1); p >= modebuf; p--) {
data/trustedqsl-2.5.7/src/cabrillo.cpp:398:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (char *p = modebuf + (strlen(modebuf) - 1); p >= modebuf; p--) {
data/trustedqsl-2.5.7/src/cabrillo.cpp:416:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(fp->value, it->second.c_str(), sizeof fp->value);
data/trustedqsl-2.5.7/src/cabrillo.cpp:424:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(fp->value) == 0)
data/trustedqsl-2.5.7/src/cabrillo.cpp:535:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(errmsgdata, vp, sizeof errmsgdata);
data/trustedqsl-2.5.7/src/cabrillo.cpp:560:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_ErrorFile, filename, sizeof tQSL_ErrorFile);
data/trustedqsl-2.5.7/src/cabrillo.cpp:611:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(errmsgbuf + strlen(errmsgbuf), sizeof errmsgbuf - strlen(errmsgbuf),
data/trustedqsl-2.5.7/src/cabrillo.cpp:611:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(errmsgbuf + strlen(errmsgbuf), sizeof errmsgbuf - strlen(errmsgbuf),
data/trustedqsl-2.5.7/src/cabrillo.cpp:667:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(field->name, fp->name, sizeof field->name);
data/trustedqsl-2.5.7/src/cabrillo.cpp:678:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(p) == 4) {
data/trustedqsl-2.5.7/src/cabrillo.cpp:697:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(p) == 6) {
data/trustedqsl-2.5.7/src/cabrillo.cpp:728:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(errmsgdata, field->name, sizeof errmsgdata);
data/trustedqsl-2.5.7/src/cabrillo.cpp:731:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(field->value, fielddat, sizeof field->value);
data/trustedqsl-2.5.7/src/cabrillo.cpp:736:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(errmsgdata, field->name, sizeof errmsgdata);
data/trustedqsl-2.5.7/src/cabrillo.cpp:747:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_ErrorFile, cab->filename, sizeof tQSL_ErrorFile);
data/trustedqsl-2.5.7/src/cabrillo.cpp:761:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (bufsiz < static_cast<int>(strlen(cab->contest->contest_name))+1) {
data/trustedqsl-2.5.7/src/cabrillo.cpp:765:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, cab->contest->contest_name, bufsiz);
data/trustedqsl-2.5.7/src/converter.c:107:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(out, gabbi, strlen(gabbi));
data/trustedqsl-2.5.7/src/gen_crq.cpp:110:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(crq.name, "Ish Kabibble", sizeof crq.name);
data/trustedqsl-2.5.7/src/gen_crq.cpp:111:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(crq.address1, "1 No Place", sizeof crq.address1);
data/trustedqsl-2.5.7/src/gen_crq.cpp:112:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(crq.city, "City", sizeof crq.city);
data/trustedqsl-2.5.7/src/gen_crq.cpp:113:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(crq.state, "ST", sizeof crq.state);
data/trustedqsl-2.5.7/src/gen_crq.cpp:114:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(crq.country, "USA", sizeof crq.country);
data/trustedqsl-2.5.7/src/gen_crq.cpp:115:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(crq.emailAddress, email_addr.c_str(), sizeof crq.emailAddress);
data/trustedqsl-2.5.7/src/gen_crq.cpp:121:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(crq.callSign, call.c_str(), sizeof crq.callSign);
data/trustedqsl-2.5.7/src/location.cpp:453:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(pdata.organizationName, rval.first.c_str(), sizeof pdata.organizationName);
data/trustedqsl-2.5.7/src/location.cpp:456:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(pdata.organizationalUnitName, item.getText().c_str(),
data/trustedqsl-2.5.7/src/location.cpp:459:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(pdata.emailAddress, item.getText().c_str(),
data/trustedqsl-2.5.7/src/location.cpp:462:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(pdata.url, item.getText().c_str(),
data/trustedqsl-2.5.7/src/location.cpp:514:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(tQSL_CustomError, "TQSL Configuration file invalid - it does not have a sigspecs section",
data/trustedqsl-2.5.7/src/location.cpp:523:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(tQSL_CustomError, "TQSL Configuration file invalid - it does not have a sigspec section",
data/trustedqsl-2.5.7/src/location.cpp:551:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(tQSL_CustomError, "TQSL Configuration file invalid - missing sigspec.tCONTACT",
data/trustedqsl-2.5.7/src/location.cpp:558:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(tQSL_CustomError, "TQSL Configuration file invalid - empty sigspec.tCONTACT",
data/trustedqsl-2.5.7/src/location.cpp:566:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(tQSL_CustomError, "TQSL Configuration file invalid - missing sigspec.tSTATION",
data/trustedqsl-2.5.7/src/location.cpp:575:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(tQSL_CustomError, "TQSL Configuration file invalid - missing tSTATION.specfield",
data/trustedqsl-2.5.7/src/location.cpp:595:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_CustomError, err.c_str(), sizeof tQSL_CustomError);
data/trustedqsl-2.5.7/src/location.cpp:1275:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(tQSL_CustomError, "TQSL Configuration file invalid - ADIF map invalid",
data/trustedqsl-2.5.7/src/location.cpp:1294:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(tQSL_CustomError, "TQSL Configuration file invalid - ADIF map invalid",
data/trustedqsl-2.5.7/src/location.cpp:1314:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(mode, amode.c_str(), nmode);
data/trustedqsl-2.5.7/src/location.cpp:1327:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(tQSL_CustomError, "TQSL Configuration file invalid - ADIF map invalid",
data/trustedqsl-2.5.7/src/location.cpp:1349:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(mode, adifmode.c_str(), nmode);
data/trustedqsl-2.5.7/src/location.cpp:1350:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(submode, adifsubmode.c_str(), nmode);
data/trustedqsl-2.5.7/src/location.cpp:1371:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(tQSL_CustomError, "TQSL Configuration file invalid - page missing ID",
data/trustedqsl-2.5.7/src/location.cpp:1389:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(tQSL_CustomError, "TQSL Configuration file invalid - field missing ID",
data/trustedqsl-2.5.7/src/location.cpp:1597:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(tQSL_CustomError, "TQSL Configuration file invalid - field map mismatch.",
data/trustedqsl-2.5.7/src/location.cpp:1647:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(tQSL_CustomError, "TQSL Configuration file invalid - dependent field not found.",
data/trustedqsl-2.5.7/src/location.cpp:1697:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(tQSL_CustomError, "TQSL Configuration file invalid - field range order incorrect.",
data/trustedqsl-2.5.7/src/location.cpp:1790:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(tQSL_CustomError, "TQSL Configuration file invalid - page reference could not be found.",
data/trustedqsl-2.5.7/src/location.cpp:1808:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(tQSL_CustomError, "TQSL Configuration file invalid - page references undefined field.",
data/trustedqsl-2.5.7/src/location.cpp:2094:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, fl[field_num].label.c_str(), bufsiz);
data/trustedqsl-2.5.7/src/location.cpp:2129:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, fl[field_num].gabbi_name.c_str(), bufsiz);
data/trustedqsl-2.5.7/src/location.cpp:2233:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, string_toupper(fl[field_num].cdata).c_str(), bufsiz);
data/trustedqsl-2.5.7/src/location.cpp:2235:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, fl[field_num].cdata.c_str(), bufsiz);
data/trustedqsl-2.5.7/src/location.cpp:2417:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, str.c_str(), bufsiz);
data/trustedqsl-2.5.7/src/location.cpp:2449:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_ErrorFile, tqsl_station_data_filename(deleted).c_str(), sizeof tQSL_ErrorFile);
data/trustedqsl-2.5.7/src/location.cpp:2585:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_ErrorFile, tqsl_station_data_filename().c_str(), sizeof tQSL_ErrorFile);
data/trustedqsl-2.5.7/src/location.cpp:2834:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, loc->data_errors, bufsiz);
data/trustedqsl-2.5.7/src/location.cpp:2889:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, loc->names[idx].name.c_str(), bufsiz);
data/trustedqsl-2.5.7/src/location.cpp:2906:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, loc->names[idx].call.c_str(), bufsiz);
data/trustedqsl-2.5.7/src/location.cpp:2946:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(namebuf, field.cdata.c_str(), bufsize);
data/trustedqsl-2.5.7/src/location.cpp:2948:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy(namebuf, "", bufsize);
data/trustedqsl-2.5.7/src/location.cpp:2951:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(namebuf, numbuf, bufsize);
data/trustedqsl-2.5.7/src/location.cpp:2956:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(namebuf, field.cdata.c_str(), bufsize);
data/trustedqsl-2.5.7/src/location.cpp:2958:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy(namebuf, "", bufsize);
data/trustedqsl-2.5.7/src/location.cpp:2961:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(namebuf, field.items[field.idx].text.c_str(), bufsize);
data/trustedqsl-2.5.7/src/location.cpp:2963:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(namebuf, field.items[field.idx].label.c_str(), bufsize);
data/trustedqsl-2.5.7/src/location.cpp:2971:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(namebuf, field.cdata.c_str(), bufsize);
data/trustedqsl-2.5.7/src/location.cpp:2985:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy(namebuf, "", bufsize); // Did not find it
data/trustedqsl-2.5.7/src/location.cpp:3074:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(namebuf, loc->name.c_str(), bufsize);
data/trustedqsl-2.5.7/src/location.cpp:3190:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_CustomError, err.c_str(), sizeof tQSL_CustomError);
data/trustedqsl-2.5.7/src/location.cpp:3221:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(lbuf, sizeof lbuf, "<CERT_UID:%d>%s\n", static_cast<int>(strlen(sbuf)), sbuf);
data/trustedqsl-2.5.7/src/location.cpp:3223:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(lbuf, sizeof lbuf, "<CERTIFICATE:%d>", static_cast<int>(strlen(cp)));
data/trustedqsl-2.5.7/src/location.cpp:3242:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(lbuf, sizeof lbuf, "<STATION_UID:%d>%s\n", static_cast<int>(strlen(sbuf)), sbuf);
data/trustedqsl-2.5.7/src/location.cpp:3245:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(lbuf, sizeof lbuf, "<CERT_UID:%d>%s\n", static_cast<int>(strlen(sbuf)), sbuf);
data/trustedqsl-2.5.7/src/location.cpp:3352:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_CustomError, err.c_str(), sizeof tQSL_CustomError);
data/trustedqsl-2.5.7/src/location.cpp:3374:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(lbuf, sizeof lbuf, "<STATION_UID:%d>%s\n", static_cast<int>(strlen(sbuf)), sbuf);
data/trustedqsl-2.5.7/src/location.cpp:3431:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(signdata, rec_sign_data.c_str(), sdlen);
data/trustedqsl-2.5.7/src/location.cpp:3457:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, f.cdata.c_str(), bufsiz);
data/trustedqsl-2.5.7/src/location.cpp:3525:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, f.cdata.c_str(), bufsiz);
data/trustedqsl-2.5.7/src/location.cpp:3572:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, f.items[f.idx].label.c_str(), bufsiz);
data/trustedqsl-2.5.7/src/location.cpp:3685:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_CustomError, pf->items[i].text.c_str(), sizeof tQSL_CustomError);
data/trustedqsl-2.5.7/src/location.cpp:3811:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_ErrorFile, file, sizeof tQSL_ErrorFile);
data/trustedqsl-2.5.7/src/location.cpp:3824:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_ErrorFile, file, sizeof tQSL_ErrorFile);
data/trustedqsl-2.5.7/src/location.cpp:3979:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_ErrorFile, file, sizeof tQSL_ErrorFile);
data/trustedqsl-2.5.7/src/location.cpp:3992:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_ErrorFile, file, sizeof tQSL_ErrorFile);
data/trustedqsl-2.5.7/src/location.cpp:4004:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_ErrorFile, file, sizeof tQSL_ErrorFile);
data/trustedqsl-2.5.7/src/location.cpp:4084:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, loc->qso_details.c_str(), buflen);
data/trustedqsl-2.5.7/src/location.cpp:4100:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, loc->loc_details.c_str(), buflen);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:362:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(reinterpret_cast<char *>(tqsl_static_buf), "<EMPTY>", sizeof tqsl_static_buf);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:378:76: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bio = BIO_new_mem_buf(reinterpret_cast<void *>(const_cast<char *>(data)), strlen(data));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:418:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_ImportCall, ImportCall, sizeof tQSL_ImportCall);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:435:75: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bio = BIO_new_mem_buf(reinterpret_cast<void *>(const_cast<char *>(pem)), strlen(pem));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:532:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(tQSL_CustomError, "Invalid email address", sizeof tQSL_CustomError);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:538:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(tQSL_CustomError, "Invalid date (qsoNotBefore)", sizeof tQSL_CustomError);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:545:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(tQSL_CustomError, "Invalid date (qsoNotAfter)", sizeof tQSL_CustomError);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:551:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(tQSL_CustomError, "qsoNotAfter date is earlier than qsoNotBefore", sizeof tQSL_CustomError);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:567:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_ErrorFile, filename, sizeof tQSL_ErrorFile);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:577:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_ErrorFile, filename, sizeof tQSL_ErrorFile);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:678:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_ErrorFile, filename, sizeof tQSL_ErrorFile);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:699:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_ErrorFile, path, sizeof tQSL_ErrorFile);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:744:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(password);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1115:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen((*it)["PUBLIC_KEY"].c_str());
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1118:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cp->pubkey, (*it)["PUBLIC_KEY"].c_str(), len+1);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1120:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen((*it)["PRIVATE_KEY"].c_str());
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1123:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cp->privkey, (*it)["PRIVATE_KEY"].c_str(), len+1);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1285:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(callsign, TQSL_API_TO_CERT(cert)->crq->callSign, sizeof callsign);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1360:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(tQSL_CustomError, "Error encoding certificate", sizeof tQSL_CustomError);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1433:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(tQSL_CustomError, "Error encoding certificate", sizeof tQSL_CustomError);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1506:73: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
in = BIO_new_mem_buf(static_cast<void *>(const_cast<char *>(keybuf)), strlen(keybuf));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1515:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bloblen = BIO_read(in, biobuf, strlen(keybuf));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1518:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(temppath, tQSL_BaseDir, sizeof temppath);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1521:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant string.
strncat(temppath, "\\pk.tmp", sizeof temppath - strlen(temppath) -1);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1521:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(temppath, "\\pk.tmp", sizeof temppath - strlen(temppath) -1);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1526:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant string.
strncat(temppath, "/pk.tmp", sizeof temppath - strlen(temppath) -1);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1526:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(temppath, "/pk.tmp", sizeof temppath - strlen(temppath) -1);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1529:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_ErrorFile, temppath, sizeof tQSL_ErrorFile);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1539:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_ErrorFile, temppath, sizeof tQSL_ErrorFile);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1546:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_ErrorFile, temppath, sizeof tQSL_ErrorFile);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1556:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int publen = endpub - pubkey + strlen("-----END PUBLIC KEY-----");
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1581:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(certbuf) == 0) // Keyonly 'certificates'
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1585:73: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
in = BIO_new_mem_buf(static_cast<void *>(const_cast<char *>(certbuf)), strlen(certbuf));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1621:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (bufsiz <= static_cast<int>(strlen(TQSL_API_TO_CERT(cert)->crq->callSign))) {
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1622:94: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tqslTrace("tqsl_getCertificateCallSign", "bufsiz=%d, needed=%d", bufsiz, static_cast<int>(strlen(TQSL_API_TO_CERT(cert)->crq->callSign)));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1626:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, TQSL_API_TO_CERT(cert)->crq->callSign, bufsiz);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1708:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(serial, s, serialsiz);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1729:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rval = strlen(s);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1771:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (bufsiz <= static_cast<int>(strlen(TQSL_API_TO_CERT(cert)->crq->providerName))) {
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1774:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
static_cast<int>(strlen(TQSL_API_TO_CERT(cert)->crq->providerName)));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1778:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, TQSL_API_TO_CERT(cert)->crq->providerName, bufsiz);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1809:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (bufsiz <= static_cast<int>(strlen(TQSL_API_TO_CERT(cert)->crq->providerUnit))) {
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1812:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
static_cast<int>(strlen(TQSL_API_TO_CERT(cert)->crq->providerUnit)));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:1816:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, TQSL_API_TO_CERT(cert)->crq->providerUnit, bufsiz);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:2160:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf,
data/trustedqsl-2.5.7/src/openssl_cert.cpp:2174:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf,
data/trustedqsl-2.5.7/src/openssl_cert.cpp:2188:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf,
data/trustedqsl-2.5.7/src/openssl_cert.cpp:2201:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf,
data/trustedqsl-2.5.7/src/openssl_cert.cpp:2214:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf,
data/trustedqsl-2.5.7/src/openssl_cert.cpp:2227:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf,
data/trustedqsl-2.5.7/src/openssl_cert.cpp:2450:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_CustomError, cp, sizeof tQSL_CustomError);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:2575:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(base64, encoded, b64len);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:2709:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
in = BIO_new_mem_buf(const_cast<char *>(base64), strlen(base64));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:2744:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bags = PKCS12_unpack_p7encdata(p7, p12password, strlen(p12password));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:2901:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p8 = M_PKCS12_decrypt_skey(bag, p12password, strlen(p12password))) == 0) {
data/trustedqsl-2.5.7/src/openssl_cert.cpp:2927:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(password);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:3030:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(badpath, path, sizeof(badpath));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:3031:4: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant string.
strncat(badpath, ".bad", sizeof(badpath)-strlen(badpath)-1);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:3031:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(badpath, ".bad", sizeof(badpath)-strlen(badpath)-1);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:3041:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(savepath, path, sizeof(savepath));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:3042:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant string.
strncat(savepath, ".save", sizeof(savepath)-strlen(savepath)-1);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:3042:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(savepath, ".save", sizeof(savepath)-strlen(savepath)-1);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:3070:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_ImportCall, ImportCall, sizeof tQSL_ImportCall);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:3143:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_ErrorFile, backupPath, sizeof tQSL_ErrorFile);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:3250:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_ErrorFile, savedFile, sizeof tQSL_ErrorFile);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:3444:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_ErrorFile, backupPath, sizeof tQSL_ErrorFile);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:3501:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(tQSL_CustomError, "This callsign certificate is already active and cannot be restored.",
data/trustedqsl-2.5.7/src/openssl_cert.cpp:3606:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(p) == 0) {
data/trustedqsl-2.5.7/src/openssl_cert.cpp:3622:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cp = buf + strlen(buf);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:3786:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_ErrorFile, filename, sizeof tQSL_ErrorFile);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:3939:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (len <= 0 || len > strlen(name_item->name_buf)) {
data/trustedqsl-2.5.7/src/openssl_cert.cpp:3940:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tqslTrace("tqsl_get_name_stuff", "len error len= %d need=%d", len, strlen(name_item->name_buf));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:3948:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name_item->value_buf, val, name_item->value_buf_size);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:3950:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(val) > strlen(name_item->value_buf)) {
data/trustedqsl-2.5.7/src/openssl_cert.cpp:3950:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(val) > strlen(name_item->value_buf)) {
data/trustedqsl-2.5.7/src/openssl_cert.cpp:3951:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tqslTrace("tqsl_get_name_stuff", "len error len= %d need=%d", strlen(val), strlen(name_item->value_buf));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:3951:79: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tqslTrace("tqsl_get_name_stuff", "len error len= %d need=%d", strlen(val), strlen(name_item->value_buf));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4099:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen((const char *)value);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4122:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((bret = BIO_write(bio, fieldname, strlen(fieldname))) <= 0)
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4132:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen((const char *)value);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4137:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((bret = BIO_write(bio, numbuf, strlen(numbuf))) <= 0)
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4168:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path, tQSL_BaseDir, size);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4170:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant string.
strncat(path, "\\certs", size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4170:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(path, "\\certs", size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4175:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant string.
strncat(path, "/certs", size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4175:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(path, "/certs", size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4185:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(path, "\\", size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4185:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(path, "\\", size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4187:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(path, "/", size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4187:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(path, "/", size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4189:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(path, filename, size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4189:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(path, filename, size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4195:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((static_cast<int>(strlen(callsign))) > size-1) {
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4216:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path, tQSL_BaseDir, size);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4218:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant string.
strncat(path, "\\keys", size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4218:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(path, "\\keys", size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4223:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant string.
strncat(path, "/keys", size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4223:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(path, "/keys", size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4226:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_ErrorFile, path, sizeof tQSL_ErrorFile);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4234:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(path, "\\", size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4234:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(path, "\\", size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4236:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(path, "/", size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4236:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(path, "/", size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4238:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(path, fixcall, size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4238:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(path, fixcall, size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4247:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path, tQSL_BaseDir, size);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4249:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant string.
strncat(path, "\\certtrash", size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4249:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(path, "\\certtrash", size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4254:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant string.
strncat(path, "/certtrash", size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4254:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(path, "/certtrash", size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4257:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_ErrorFile, path, sizeof tQSL_ErrorFile);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4265:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(path, "\\", size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4265:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(path, "\\", size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4267:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(path, "/", size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4267:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(path, "/", size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4269:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(path, fixcall, size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4269:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(path, fixcall, size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4279:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_CustomError, cp, sizeof tQSL_CustomError);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4314:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_CustomError, cp, sizeof tQSL_CustomError);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4329:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(pem, cpem, sizeof pem);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4361:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_CustomError, cp, sizeof tQSL_CustomError);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4407:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ImportCall, callsign.c_str(), sizeof(tQSL_ImportCall));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4491:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(tQSL_CustomError, "A newer certificate for this callsign is already installed",
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4512:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(tQSL_CustomError, "Duplicate Callsign certificate",
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4543:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_ErrorFile, path, sizeof tQSL_ErrorFile);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4553:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t pemlen = strlen(pem);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4555:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_ErrorFile, certfile, sizeof tQSL_ErrorFile);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4562:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_ErrorFile, certfile, sizeof tQSL_ErrorFile);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4577:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_ImportCall, ImportCall, sizeof tQSL_ImportCall);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4587:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, reinterpret_cast<char *>(userdata), bufsiz);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4590:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(buf);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4607:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(buf);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4730:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(newpath, path, sizeof newpath);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4731:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant string.
strncat(newpath, ".new", sizeof newpath - strlen(newpath)-1);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4731:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(newpath, ".new", sizeof newpath - strlen(newpath)-1);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4732:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(savepath, path, sizeof savepath);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4733:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant string.
strncat(savepath, ".save", sizeof savepath - strlen(savepath)-1);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4733:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(savepath, ".save", sizeof savepath - strlen(savepath)-1);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4845:80: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((bio = BIO_new_mem_buf(reinterpret_cast<void *>(const_cast<char *>(pem)), strlen(pem))) == NULL) {
data/trustedqsl-2.5.7/src/openssl_cert.cpp:4916:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ImportCall, aro, sizeof ImportCall);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5007:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_ImportCall, ImportCall, sizeof tQSL_ImportCall);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5029:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_ImportCall, ImportCall, sizeof tQSL_ImportCall);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5158:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_ErrorFile, savedFile, sizeof tQSL_ErrorFile);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5280:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dest, src, size);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5282:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return ((static_cast<int>((strlen(src))) < size));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5305:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_ErrorFile, tqsl_cert_status_filename().c_str(), sizeof tQSL_ErrorFile);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5471:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(newpath, path, sizeof newpath);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5472:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant string.
strncat(newpath, ".new", sizeof newpath - strlen(newpath)-1);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5472:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(newpath, ".new", sizeof newpath - strlen(newpath)-1);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5473:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(savepath, path, sizeof savepath);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5474:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant string.
strncat(savepath, ".save", sizeof savepath - strlen(savepath)-1);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5474:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(savepath, ".save", sizeof savepath - strlen(savepath)-1);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5629:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path, tQSL_BaseDir, size);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5631:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(path, "\\", size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5631:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(path, "\\", size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5633:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(path, "/", size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5633:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(path, "/", size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5635:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(path, fixcall, size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5635:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(path, fixcall, size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5636:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant string.
strncat(path, ".json", size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5636:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(path, ".json", size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5646:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_ErrorFile, path, sizeof tQSL_ErrorFile);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5656:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_ErrorFile, path, sizeof tQSL_ErrorFile);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5663:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_ErrorFile, path, sizeof tQSL_ErrorFile);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5693:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path, tQSL_BaseDir, size);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5695:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(path, "\\", size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5695:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(path, "\\", size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5697:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(path, "/", size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5697:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(path, "/", size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5699:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(path, fixcall, size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5699:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(path, fixcall, size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5700:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant string.
strncat(path, ".json", size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5700:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(path, ".json", size - strlen(path));
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5718:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_ErrorFile, path, sizeof tQSL_ErrorFile);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5734:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_ErrorFile, path, sizeof tQSL_ErrorFile);
data/trustedqsl-2.5.7/src/openssl_cert.cpp:5741:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_ErrorFile, path, sizeof tQSL_ErrorFile);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:743:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_CustomError, mdb_strerror(dbret), sizeof tQSL_CustomError);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:986:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_CustomError, db_strerror(err), sizeof tQSL_CustomError);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1005:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_CustomError, db_strerror(status), sizeof tQSL_CustomError);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1077:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dbkey.size = strlen(duprec) - 1;
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1090:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_CustomError, db_strerror(dbret), sizeof tQSL_CustomError);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1136:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(temp);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1182:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *end = resdata + strlen(resdata) - 1;
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1190:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(conv->rec.callsign, resdata, sizeof conv->rec.callsign);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1193:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(conv->rec.band, resdata, sizeof conv->rec.band);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1196:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(conv->rec.mode, resdata, sizeof conv->rec.mode);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1198:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(conv->rec.submode, resdata, sizeof conv->rec.submode);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1201:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(conv->rec.freq, fix_freq(resdata), sizeof conv->rec.freq);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1205:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(conv->rec.rxfreq, fix_freq(resdata), sizeof conv->rec.rxfreq);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1209:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(conv->rec.rxband, resdata, sizeof conv->rec.rxband);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1211:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(conv->rec.satname, resdata, sizeof conv->rec.satname);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1213:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(conv->rec.propmode, resdata, sizeof conv->rec.propmode);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1228:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(conv->rec.my_cnty_state, resdata, sizeof conv->rec.my_cnty_state);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1230:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(conv->rec.my_county, p, sizeof conv->rec.my_county);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1232:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(conv->rec.my_county, resdata, sizeof conv->rec.my_county);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1235:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(conv->rec.my_country, resdata, sizeof conv->rec.my_country);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1242:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(conv->rec.my_cq_zone, resdata, sizeof conv->rec.my_cq_zone);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1247:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(conv->rec.my_gridsquare, resdata, sizeof conv->rec.my_gridsquare);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1249:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(conv->rec.my_iota, resdata, sizeof conv->rec.my_iota);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1256:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(conv->rec.my_itu_zone, resdata, sizeof conv->rec.my_itu_zone);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1259:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(conv->rec.my_state, resdata, sizeof conv->rec.my_state);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1261:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(conv->rec.my_vucc_grids, resdata, sizeof conv->rec.my_vucc_grids);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1267:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(conv->rec.my_operator, resdata, sizeof conv->rec.my_operator);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1275:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(conv->rec.my_owner, resdata, sizeof conv->rec.my_owner);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1283:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(conv->rec.my_call, resdata, sizeof conv->rec.my_call);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1313:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(my, "PQ", len);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1319:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(my, "JA", len);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1326:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(my, val, len); // So use the value
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1341:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(my, tQSL_CustomError, len);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1345:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strlen(val) > 0) {
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1348:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(my, "QC", len);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1351:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(my, "YR", len);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1410:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(conv->rec.band, tqsl_infer_band(conv->rec.freq), sizeof conv->rec.band);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1412:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(conv->rec.rxband, tqsl_infer_band(conv->rec.rxfreq), sizeof conv->rec.rxband);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1443:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(conv->rec.my_gridsquare, conv->rec.my_vucc_grids, TQSL_GRID_MAX);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1449:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(conv->rec.my_call, conv->rec.my_operator, TQSL_CALLSIGN_MAX);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1453:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(conv->rec.my_call, conv->rec.my_owner, TQSL_CALLSIGN_MAX);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1457:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(conv->callsign, conv->rec.my_call, sizeof conv->callsign); // got a callsign
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1469:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(conv->rec.callsign, field.value, sizeof conv->rec.callsign);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1472:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(conv->rec.band, field.value, sizeof conv->rec.band);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1475:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(conv->rec.mode, field.value, sizeof conv->rec.mode);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1478:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(conv->rec.freq, field.value, sizeof conv->rec.freq);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1490:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(conv->rec.my_call, field.value, sizeof conv->rec.my_call);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1506:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(tQSL_CustomError, "Converter not initialized", sizeof tQSL_CustomError);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1580:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(modeSub, conv->rec.mode, sizeof modeSub);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1581:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t left = sizeof modeSub - strlen(modeSub);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1582:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(modeSub, "%", left);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1583:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
left = sizeof modeSub - strlen(modeSub);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1584:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(modeSub, conv->rec.submode, left);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1598:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(conv->rec.mode, val, sizeof conv->rec.mode);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1671:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(conv->callsign, conv->rec.my_call, sizeof conv->callsign);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1704:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_CustomError, conv->callsign, sizeof tQSL_CustomError);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1712:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_CustomError, conv->rec.my_call, sizeof tQSL_CustomError);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1788:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int stnLen = strlen(val);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1789:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int logLen = strlen(conv->rec.my_gridsquare);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1917:4: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(signdata, conv->serial, sizeof(signdata) - strlen(signdata)-1);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1917:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(signdata, conv->serial, sizeof(signdata) - strlen(signdata)-1);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1923:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dbkey.mv_size = strlen(signdata);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1927:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dbkey.size = strlen(signdata);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1942:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dbkey.mv_size = strlen(dupekey);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1945:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dbdata.mv_size = strlen(stnloc);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1951:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dbkey.size = strlen(dupekey);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1955:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dbdata.size = strlen(stnloc);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1959:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_CustomError, db_strerror(dbput_err), sizeof tQSL_CustomError);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1970:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_CustomError, db_strerror(dbget_err), sizeof tQSL_CustomError);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1976:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dbkey.mv_size = strlen(dupekey);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:1983:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dbkey.size = strlen(dupekey);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:2013:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_CustomError, db_strerror(dbget_err), sizeof tQSL_CustomError);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:2022:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dbdata.mv_size = strlen(stnloc);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:2027:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dbdata.size = strlen(stnloc);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:2031:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_CustomError, db_strerror(dbput_err), sizeof tQSL_CustomError);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:2179:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_CustomError, db_strerror(err), sizeof tQSL_CustomError);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:2200:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_CustomError, db_strerror(status), sizeof tQSL_CustomError);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:2242:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_CustomError, db_strerror(err), sizeof tQSL_CustomError);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:2263:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_CustomError, db_strerror(status), sizeof tQSL_CustomError);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:2301:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dbdata.mv_size = strlen(data);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:2317:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dbdata.size = strlen(data);
data/trustedqsl-2.5.7/src/tqslconvert.cpp:2328:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_CustomError, db_strerror(status), sizeof tQSL_CustomError);
data/trustedqsl-2.5.7/src/tqsllib.cpp:144:2: [1] (buffer) wcsncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
wcsncpy(dpath, path, (sizeof dpath / 2));
data/trustedqsl-2.5.7/src/tqsllib.cpp:148:7: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (wcslen(cp) > 0 && cp[wcslen(cp)-1] != ':') {
data/trustedqsl-2.5.7/src/tqsllib.cpp:148:28: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (wcslen(cp) > 0 && cp[wcslen(cp)-1] != ':') {
data/trustedqsl-2.5.7/src/tqsllib.cpp:149:4: [1] (buffer) wcsncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, or
automatically resizing strings. Risk is low because the source is a
constant character.
wcsncat(npath, L"\\", nleft);
data/trustedqsl-2.5.7/src/tqsllib.cpp:151:4: [1] (buffer) wcsncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, or
automatically resizing strings.
wcsncat(npath, cp, nleft);
data/trustedqsl-2.5.7/src/tqsllib.cpp:152:13: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nleft -= wcslen(cp);
data/trustedqsl-2.5.7/src/tqsllib.cpp:158:4: [1] (buffer) wcsncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, or
automatically resizing strings.
wcsncat(npath, cp, nleft);
data/trustedqsl-2.5.7/src/tqsllib.cpp:159:13: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nleft -= wcslen(cp);
data/trustedqsl-2.5.7/src/tqsllib.cpp:173:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dpath, path, sizeof dpath);
data/trustedqsl-2.5.7/src/tqsllib.cpp:177:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(cp) > 0 && cp[strlen(cp)-1] != ':') {
data/trustedqsl-2.5.7/src/tqsllib.cpp:177:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(cp) > 0 && cp[strlen(cp)-1] != ':') {
data/trustedqsl-2.5.7/src/tqsllib.cpp:178:4: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(npath, "/", nleft);
data/trustedqsl-2.5.7/src/tqsllib.cpp:180:4: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(npath, cp, nleft);
data/trustedqsl-2.5.7/src/tqsllib.cpp:181:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nleft -= strlen(cp);
data/trustedqsl-2.5.7/src/tqsllib.cpp:187:4: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(npath, cp, nleft);
data/trustedqsl-2.5.7/src/tqsllib.cpp:188:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nleft -= strlen(cp);
data/trustedqsl-2.5.7/src/tqsllib.cpp:313:4: [1] (buffer) wcsncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
wcsncpy(path, wcp, sizeof path);
data/trustedqsl-2.5.7/src/tqsllib.cpp:317:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path, cp, sizeof path);
data/trustedqsl-2.5.7/src/tqsllib.cpp:323:5: [1] (buffer) wcsncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
wcsncpy(path, L"C:", sizeof path);
data/trustedqsl-2.5.7/src/tqsllib.cpp:324:4: [1] (buffer) wcsncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, or
automatically resizing strings. Risk is low because the source is a
constant string.
wcsncat(path, L"\\TrustedQSL", sizeof path - wcslen(path) - 1);
data/trustedqsl-2.5.7/src/tqsllib.cpp:324:49: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wcsncat(path, L"\\TrustedQSL", sizeof path - wcslen(path) - 1);
data/trustedqsl-2.5.7/src/tqsllib.cpp:326:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(path, "/var/lotw/tqsl", sizeof path);
data/trustedqsl-2.5.7/src/tqsllib.cpp:329:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path, getenv("HOME"), sizeof path);
data/trustedqsl-2.5.7/src/tqsllib.cpp:330:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(path, "/", sizeof path - strlen(path)-1);
data/trustedqsl-2.5.7/src/tqsllib.cpp:330:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(path, "/", sizeof path - strlen(path)-1);
data/trustedqsl-2.5.7/src/tqsllib.cpp:331:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant string.
strncat(path, ".tqsl", sizeof path - strlen(path)-1);
data/trustedqsl-2.5.7/src/tqsllib.cpp:331:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(path, ".tqsl", sizeof path - strlen(path)-1);
data/trustedqsl-2.5.7/src/tqsllib.cpp:333:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(path, ".tqsl", sizeof path);
data/trustedqsl-2.5.7/src/tqsllib.cpp:340:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_ErrorFile, p, sizeof tQSL_ErrorFile);
data/trustedqsl-2.5.7/src/tqsllib.cpp:342:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_ErrorFile, path, sizeof tQSL_ErrorFile);
data/trustedqsl-2.5.7/src/tqsllib.cpp:357:3: [1] (buffer) wcsncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, or
automatically resizing strings. Risk is low because the source is a
constant string.
wcsncat(path, L"\\tmp.tmp", sizeof path - wcslen(path) - 1);
data/trustedqsl-2.5.7/src/tqsllib.cpp:357:45: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wcsncat(path, L"\\tmp.tmp", sizeof path - wcslen(path) - 1);
data/trustedqsl-2.5.7/src/tqsllib.cpp:370:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant string.
strncat(path, "/tmp.tmp", sizeof path -strlen(path) - 1);
data/trustedqsl-2.5.7/src/tqsllib.cpp:370:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(path, "/tmp.tmp", sizeof path -strlen(path) - 1);
data/trustedqsl-2.5.7/src/tqsllib.cpp:388:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(dir) >= TQSL_MAX_PATH_LEN) {
data/trustedqsl-2.5.7/src/tqsllib.cpp:392:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path, dir, sizeof path);
data/trustedqsl-2.5.7/src/tqsllib.cpp:409:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, tQSL_CustomError, sizeof buf);
data/trustedqsl-2.5.7/src/tqsllib.cpp:419:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(tQSL_ErrorFile) > 0) {
data/trustedqsl-2.5.7/src/tqsllib.cpp:431:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(tQSL_ErrorFile) > 0) {
data/trustedqsl-2.5.7/src/tqsllib.cpp:436:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(buf, "File syntax error", sizeof buf);
data/trustedqsl-2.5.7/src/tqsllib.cpp:442:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(buf, "OpenSSL error: ", sizeof buf);
data/trustedqsl-2.5.7/src/tqsllib.cpp:444:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ERR_error_string_n(openssl_err, buf + strlen(buf), sizeof buf - strlen(buf)-1);
data/trustedqsl-2.5.7/src/tqsllib.cpp:444:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ERR_error_string_n(openssl_err, buf + strlen(buf), sizeof buf - strlen(buf)-1);
data/trustedqsl-2.5.7/src/tqsllib.cpp:446:4: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant string.
strncat(buf, "[error code not available]", sizeof buf - strlen(buf)-1);
data/trustedqsl-2.5.7/src/tqsllib.cpp:446:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(buf, "[error code not available]", sizeof buf - strlen(buf)-1);
data/trustedqsl-2.5.7/src/tqsllib.cpp:451:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(tQSL_ErrorFile) > 0) {
data/trustedqsl-2.5.7/src/tqsllib.cpp:463:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(tQSL_ErrorFile) > 0) {
data/trustedqsl-2.5.7/src/tqsllib.cpp:605:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((bio = BIO_new_mem_buf(const_cast<char *>(input), strlen(input))) == NULL) {
data/trustedqsl-2.5.7/src/tqsllib.cpp:657:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cp, lbuf, bufleft);
data/trustedqsl-2.5.7/src/tqsllib.cpp:662:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cp, lbuf, bufleft);
data/trustedqsl-2.5.7/src/tqsllib.cpp:667:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cp, lbuf, bufleft);
data/trustedqsl-2.5.7/src/tqsllib.cpp:722:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cp, lbuf, bufleft);
data/trustedqsl-2.5.7/src/tqsllib.cpp:727:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cp, lbuf, bufleft);
data/trustedqsl-2.5.7/src/tqsllib.cpp:732:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cp, lbuf, bufleft);
data/trustedqsl-2.5.7/src/tqsllib.cpp:736:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy(cp, "Z", bufleft);
data/trustedqsl-2.5.7/src/tqsllib.cpp:873:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strlen(str) == 8) {
data/trustedqsl-2.5.7/src/tqsllib.cpp:876:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(frag, str, 4);
data/trustedqsl-2.5.7/src/tqsllib.cpp:879:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(frag, str+4, 2);
data/trustedqsl-2.5.7/src/tqsllib.cpp:913:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str) < 3) {
data/trustedqsl-2.5.7/src/tqsllib.cpp:919:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(cp) < 2)
data/trustedqsl-2.5.7/src/tqsllib.cpp:923:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (i == 0 && strlen(str) == 3) {
data/trustedqsl-2.5.7/src/tqsllib.cpp:994:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(timebuf, ctime(&t), sizeof timebuf);
data/trustedqsl-2.5.7/src/tqsllib.cpp:995:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
timebuf[strlen(timebuf) - 1] = '\0'; // Strip the newline
data/trustedqsl-2.5.7/src/tqsllib.cpp:1045:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(buf, "[error code not available]", sizeof buf);
data/trustedqsl-2.5.7/src/xml.cpp:87:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (XML_Parse(xp, xmlstring, strlen(xmlstring), 1) == 0) {
data/trustedqsl-2.5.7/src/xml.cpp:89:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_CustomError, xmlstring, 80);
data/trustedqsl-2.5.7/src/xml.cpp:125:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tQSL_CustomError, buf, 80);
ANALYSIS SUMMARY:
Hits = 938
Lines analyzed = 43175 in approximately 1.22 seconds (35305 lines/second)
Physical Source Lines of Code (SLOC) = 33336
Hits@level = [0] 169 [1] 555 [2] 365 [3] 7 [4] 11 [5] 0
Hits@level+ = [0+] 1107 [1+] 938 [2+] 383 [3+] 18 [4+] 11 [5+] 0
Hits/KSLOC@level+ = [0+] 33.2073 [1+] 28.1377 [2+] 11.4891 [3+] 0.539957 [4+] 0.329974 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.