Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/xmlcopyeditor-1.2.1.3/src/xsllocator.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/xmlrulereader.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/styledialog.h
Examining data/xmlcopyeditor-1.2.1.3/src/findreplacepanel.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/xmlassociatedtd.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/globalreplacedialog.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/mp3album.h
Examining data/xmlcopyeditor-1.2.1.3/src/wraplibxml.h
Examining data/xmlcopyeditor-1.2.1.3/src/wrapxerces.h
Examining data/xmlcopyeditor-1.2.1.3/src/getword.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/housestylewriter.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/xmltextinfo.h
Examining data/xmlcopyeditor-1.2.1.3/src/mynotebook.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/xmlparseschemans.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/wrapdaisy.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/exportdialog.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/locationpanel.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/xmlctrl.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/mp3album.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/xmlencodingspy.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/dtd2schema.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/myipc.h
Examining data/xmlcopyeditor-1.2.1.3/src/xmlschemaparser.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/threadreaper.h
Examining data/xmlcopyeditor-1.2.1.3/src/xmlfilterreader.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/getword.h
Examining data/xmlcopyeditor-1.2.1.3/src/myprintout.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/xmlassociatexsl.h
Examining data/xmlcopyeditor-1.2.1.3/src/housestylewriter.h
Examining data/xmlcopyeditor-1.2.1.3/src/wrapxerces.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/myhtmlpane.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/xmlschemagenerator.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/commandpanel.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/associatedialog.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/casehandler.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/xmlencodinghandler.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/xmlcopyimg.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/associatedialog.h
Examining data/xmlcopyeditor-1.2.1.3/src/contexthandler.h
Examining data/xmlcopyeditor-1.2.1.3/src/contexthandler.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/aboutdialog.h
Examining data/xmlcopyeditor-1.2.1.3/src/nocasecompare.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/xmlshallowvalidator.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/xmlctrl.h
Examining data/xmlcopyeditor-1.2.1.3/src/parserdata.h
Examining data/xmlcopyeditor-1.2.1.3/src/xmlcopyimg.h
Examining data/xmlcopyeditor-1.2.1.3/src/xmlutf8reader.h
Examining data/xmlcopyeditor-1.2.1.3/src/threadreaper.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/xmlpromptgenerator.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/xmlassociatexsd.h
Examining data/xmlcopyeditor-1.2.1.3/src/globalreplacedialog.h
Examining data/xmlcopyeditor-1.2.1.3/src/xmlshallowvalidator.h
Examining data/xmlcopyeditor-1.2.1.3/src/commandpanel.h
Examining data/xmlcopyeditor-1.2.1.3/src/locationpanel.h
Examining data/xmlcopyeditor-1.2.1.3/src/xmltextinfo.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/xmlsuppressprodnote.h
Examining data/xmlcopyeditor-1.2.1.3/src/pathresolver.h
Examining data/xmlcopyeditor-1.2.1.3/src/xercescatalogresolver.h
Examining data/xmlcopyeditor-1.2.1.3/src/xmldoc.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/styledialog.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/binaryfile.h
Examining data/xmlcopyeditor-1.2.1.3/src/xmlschemagenerator.h
Examining data/xmlcopyeditor-1.2.1.3/src/wrapdaisy.h
Examining data/xmlcopyeditor-1.2.1.3/src/catalogresolver.h
Examining data/xmlcopyeditor-1.2.1.3/src/xmlprodnote.h
Examining data/xmlcopyeditor-1.2.1.3/src/casehandler.h
Examining data/xmlcopyeditor-1.2.1.3/src/xmlfilterreader.h
Examining data/xmlcopyeditor-1.2.1.3/src/xercescatalogresolver.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/nocasecompare.h
Examining data/xmlcopyeditor-1.2.1.3/src/stringset.h
Examining data/xmlcopyeditor-1.2.1.3/src/xmlutf8reader.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/wrapexpat.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/wraplibxml.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/housestyle.h
Examining data/xmlcopyeditor-1.2.1.3/src/exportdialog.h
Examining data/xmlcopyeditor-1.2.1.3/src/housestylereader.h
Examining data/xmlcopyeditor-1.2.1.3/src/xmlparseschemans.h
Examining data/xmlcopyeditor-1.2.1.3/src/xmlschemalocator.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/rule.h
Examining data/xmlcopyeditor-1.2.1.3/src/rule.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/xmlprodnote.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/xmlencodinghandler.h
Examining data/xmlcopyeditor-1.2.1.3/src/dtd2schema.h
Examining data/xmlcopyeditor-1.2.1.3/src/xsllocator.h
Examining data/xmlcopyeditor-1.2.1.3/src/xmlpromptgenerator.h
Examining data/xmlcopyeditor-1.2.1.3/src/xmlcopyeditor.h
Examining data/xmlcopyeditor-1.2.1.3/src/findreplacepanel.h
Examining data/xmlcopyeditor-1.2.1.3/src/wrapaspell.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/xmlassociatexsd.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/catalogresolver.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/xmlassociatedtd.h
Examining data/xmlcopyeditor-1.2.1.3/src/replace.h
Examining data/xmlcopyeditor-1.2.1.3/src/wrapregex.h
Examining data/xmlcopyeditor-1.2.1.3/src/xmlwordcount.h
Examining data/xmlcopyeditor-1.2.1.3/src/xmlsuppressprodnote.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/mynotebook.h
Examining data/xmlcopyeditor-1.2.1.3/src/myhtmlpane.h
Examining data/xmlcopyeditor-1.2.1.3/src/wrapexpat.h
Examining data/xmlcopyeditor-1.2.1.3/src/housestyle.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/aboutdialog.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/wrapregex.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/xmlcopyeditor_private.h
Examining data/xmlcopyeditor-1.2.1.3/src/readfile.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/myipc.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/validationthread.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/housestylereader.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/xmlrulereader.h
Examining data/xmlcopyeditor-1.2.1.3/src/binaryfile.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/xmldoc.h
Examining data/xmlcopyeditor-1.2.1.3/src/xmlschemalocator.h
Examining data/xmlcopyeditor-1.2.1.3/src/wraptempfilename.h
Examining data/xmlcopyeditor-1.2.1.3/src/xmlencodingspy.h
Examining data/xmlcopyeditor-1.2.1.3/src/xmlassociatexsl.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/xmlwordcount.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/readfile.h
Examining data/xmlcopyeditor-1.2.1.3/src/pathresolver.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/mypropertysheet.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/xmlschemaparser.h
Examining data/xmlcopyeditor-1.2.1.3/src/validationthread.h
Examining data/xmlcopyeditor-1.2.1.3/src/mypropertysheet.h
Examining data/xmlcopyeditor-1.2.1.3/src/wrapaspell.h
Examining data/xmlcopyeditor-1.2.1.3/src/insertpanel.h
Examining data/xmlcopyeditor-1.2.1.3/src/insertpanel.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/replace.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/myprintout.h
Examining data/xmlcopyeditor-1.2.1.3/src/wraptempfilename.cpp
Examining data/xmlcopyeditor-1.2.1.3/src/xmlcopyeditorcopy.h
Examining data/xmlcopyeditor-1.2.1.3/src/xmlcopyeditor.cpp
FINAL RESULTS:
data/xmlcopyeditor-1.2.1.3/src/validationthread.cpp:37:18: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const wxString &system )
data/xmlcopyeditor-1.2.1.3/src/validationthread.cpp:48:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
mySystem = system;
data/xmlcopyeditor-1.2.1.3/src/validationthread.h:37:35: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const wxString &system );
data/xmlcopyeditor-1.2.1.3/src/validationthread.h:39:51: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void setBuffer ( const char *buffer, const char *system );
data/xmlcopyeditor-1.2.1.3/src/wrapdaisy.cpp:64:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system ( systemCmd.c_str() );
data/xmlcopyeditor-1.2.1.3/src/wraplibxml.cpp:84:12: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
chars = vsnprintf( (char *) buffer.c_str(), size, msg, args);
data/xmlcopyeditor-1.2.1.3/src/xmlctrl.cpp:2062:21: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const wxString &system,
data/xmlcopyeditor-1.2.1.3/src/xmlctrl.cpp:2080:3: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system
data/xmlcopyeditor-1.2.1.3/src/xmlctrl.h:157:20: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const wxString &system,
data/xmlcopyeditor-1.2.1.3/src/mp3album.cpp:51:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char noArray[5];
data/xmlcopyeditor-1.2.1.3/src/mp3album.cpp:61:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ( noArray, ( * ( attr + 1 ) ) + 9, 4 );
data/xmlcopyeditor-1.2.1.3/src/mp3album.cpp:63:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
currentNo = atoi ( noArray );
data/xmlcopyeditor-1.2.1.3/src/stringset.h:45:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ( key, keyParameter, len * sizeof ( T ) );
data/xmlcopyeditor-1.2.1.3/src/wraplibxml.cpp:493:14: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
FILE *fp = tmpfile();
data/xmlcopyeditor-1.2.1.3/src/wrapregex.cpp:219:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ( tmp, number, sizeof ( char ) * len );
data/xmlcopyeditor-1.2.1.3/src/wrapregex.cpp:221:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int i = atoi ( tmp );
data/xmlcopyeditor-1.2.1.3/src/xmlcopyeditor.cpp:229:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fdnull = open ( "/dev/null", O_WRONLY, 0 );
data/xmlcopyeditor-1.2.1.3/src/xmlcopyeditor.cpp:3072:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
( unsigned char ) docBuffer[0] == 0x00 &&
data/xmlcopyeditor-1.2.1.3/src/xmlcopyeditor.cpp:3073:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
( unsigned char ) docBuffer[1] == 0x00 &&
data/xmlcopyeditor-1.2.1.3/src/xmlcopyeditor.cpp:3074:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
( unsigned char ) docBuffer[2] == 0xFE &&
data/xmlcopyeditor-1.2.1.3/src/xmlcopyeditor.cpp:3075:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
( unsigned char ) docBuffer[3] == 0xFF )
data/xmlcopyeditor-1.2.1.3/src/xmlcopyeditor.cpp:3082:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
( unsigned char ) docBuffer[0] == 0xFF &&
data/xmlcopyeditor-1.2.1.3/src/xmlcopyeditor.cpp:3083:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
( unsigned char ) docBuffer[1] == 0xFE &&
data/xmlcopyeditor-1.2.1.3/src/xmlcopyeditor.cpp:3084:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
( unsigned char ) docBuffer[2] == 0x00 &&
data/xmlcopyeditor-1.2.1.3/src/xmlcopyeditor.cpp:3085:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
( unsigned char ) docBuffer[3] == 0x00 )
data/xmlcopyeditor-1.2.1.3/src/xmlcopyeditor.cpp:3092:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
( unsigned char ) docBuffer[0] == 0xFE &&
data/xmlcopyeditor-1.2.1.3/src/xmlcopyeditor.cpp:3093:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
( unsigned char ) docBuffer[1] == 0xFF )
data/xmlcopyeditor-1.2.1.3/src/xmlcopyeditor.cpp:3100:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
( unsigned char ) docBuffer[0] == 0xFF &&
data/xmlcopyeditor-1.2.1.3/src/xmlcopyeditor.cpp:3101:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
( unsigned char ) docBuffer[1] == 0xFE )
data/xmlcopyeditor-1.2.1.3/src/xmlcopyeditor.cpp:3108:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
( unsigned char ) docBuffer[0] == 0xEF &&
data/xmlcopyeditor-1.2.1.3/src/xmlcopyeditor.cpp:3109:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
( unsigned char ) docBuffer[1] == 0xBB &&
data/xmlcopyeditor-1.2.1.3/src/xmlcopyeditor.cpp:3110:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
( unsigned char ) docBuffer[2] == 0xBF )
data/xmlcopyeditor-1.2.1.3/src/xmlcopyeditor.cpp:4838:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char bom[4] = "\xEF\xBB\xBF";
data/xmlcopyeditor-1.2.1.3/src/xmlcopyeditor.cpp:5938:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
( unsigned char ) buffer[0] == 0xEF &&
data/xmlcopyeditor-1.2.1.3/src/xmlcopyeditor.cpp:5939:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
( unsigned char ) buffer[1] == 0xBB &&
data/xmlcopyeditor-1.2.1.3/src/xmlcopyeditor.cpp:5940:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
( unsigned char ) buffer[2] == 0xBF )
data/xmlcopyeditor-1.2.1.3/src/wrapregex.cpp:115:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen ( s ),
data/xmlcopyeditor-1.2.1.3/src/xmlcopyeditor.cpp:418:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wideWhat = wxString ( what, wxConvLocal, strlen ( what ) );
data/xmlcopyeditor-1.2.1.3/src/xmlcopyeditor.cpp:483:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wideWhat = wxString ( what, wxConvLocal, strlen ( what ) );
data/xmlcopyeditor-1.2.1.3/src/xmlcopyeditor.cpp:2788:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wxString wideError = wxString ( e.what(), wxConvUTF8, strlen ( e.what() ) );
data/xmlcopyeditor-1.2.1.3/src/xmlctrl.cpp:96:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bufferLen = strlen ( DEFAULT_XML_DECLARATION_UTF8 );
data/xmlcopyeditor-1.2.1.3/src/xmlencodinghandler.cpp:112:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
start = start + strlen ( anchor );
data/xmlcopyeditor-1.2.1.3/src/xmlencodinghandler.cpp:116:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen ( start ) < 2 )
data/xmlcopyeditor-1.2.1.3/src/xmltextinfo.cpp:68:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
href += strlen ( "href" );
data/xmlcopyeditor-1.2.1.3/src/xsllocator.cpp:53:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !value || strlen ( value ) < 7 )
ANALYSIS SUMMARY:
Hits = 45
Lines analyzed = 26271 in approximately 0.62 seconds (42502 lines/second)
Physical Source Lines of Code (SLOC) = 20116
Hits@level = [0] 1 [1] 9 [2] 27 [3] 0 [4] 9 [5] 0
Hits@level+ = [0+] 46 [1+] 45 [2+] 36 [3+] 9 [4+] 9 [5+] 0
Hits/KSLOC@level+ = [0+] 2.28674 [1+] 2.23703 [2+] 1.78962 [3+] 0.447405 [4+] 0.447405 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.