Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/zip-3.0/acorn/acornzip.c
Examining data/zip-3.0/acorn/osdep.h
Examining data/zip-3.0/acorn/riscos.c
Examining data/zip-3.0/acorn/riscos.h
Examining data/zip-3.0/acorn/swiven.h
Examining data/zip-3.0/acorn/zipup.h
Examining data/zip-3.0/amiga/amiga.c
Examining data/zip-3.0/amiga/amiga.h
Examining data/zip-3.0/amiga/amigazip.c
Examining data/zip-3.0/amiga/filedate.c
Examining data/zip-3.0/amiga/osdep.h
Examining data/zip-3.0/amiga/stat.c
Examining data/zip-3.0/amiga/z-stat.h
Examining data/zip-3.0/amiga/zipup.h
Examining data/zip-3.0/aosvs/aosvs.c
Examining data/zip-3.0/api.c
Examining data/zip-3.0/api.h
Examining data/zip-3.0/atari/atari.c
Examining data/zip-3.0/atari/osdep.h
Examining data/zip-3.0/atari/zipup.h
Examining data/zip-3.0/atheos/atheos.c
Examining data/zip-3.0/atheos/osdep.h
Examining data/zip-3.0/atheos/zipup.h
Examining data/zip-3.0/beos/beos.c
Examining data/zip-3.0/beos/osdep.h
Examining data/zip-3.0/beos/zipup.h
Examining data/zip-3.0/cmsmvs/cms.c
Examining data/zip-3.0/cmsmvs/cmsmvs.c
Examining data/zip-3.0/cmsmvs/cmsmvs.h
Examining data/zip-3.0/cmsmvs/cstat.h
Examining data/zip-3.0/cmsmvs/mvs.c
Examining data/zip-3.0/cmsmvs/mvs.h
Examining data/zip-3.0/cmsmvs/zipup.h
Examining data/zip-3.0/crc32.c
Examining data/zip-3.0/crc32.h
Examining data/zip-3.0/crypt.c
Examining data/zip-3.0/crypt.h
Examining data/zip-3.0/deflate.c
Examining data/zip-3.0/ebcdic.h
Examining data/zip-3.0/fileio.c
Examining data/zip-3.0/globals.c
Examining data/zip-3.0/human68k/human68k.c
Examining data/zip-3.0/human68k/osdep.h
Examining data/zip-3.0/human68k/zipup.h
Examining data/zip-3.0/macos/osdep.h
Examining data/zip-3.0/macos/source/charmap.h
Examining data/zip-3.0/macos/source/extrafld.c
Examining data/zip-3.0/macos/source/getenv.c
Examining data/zip-3.0/macos/source/helpers.c
Examining data/zip-3.0/macos/source/helpers.h
Examining data/zip-3.0/macos/source/macglob.h
Examining data/zip-3.0/macos/source/macopen.c
Examining data/zip-3.0/macos/source/macopen.h
Examining data/zip-3.0/macos/source/macos.c
Examining data/zip-3.0/macos/source/macstuff.c
Examining data/zip-3.0/macos/source/macstuff.h
Examining data/zip-3.0/macos/source/mactime.c
Examining data/zip-3.0/macos/source/mactime.h
Examining data/zip-3.0/macos/source/pathname.c
Examining data/zip-3.0/macos/source/pathname.h
Examining data/zip-3.0/macos/source/recurse.c
Examining data/zip-3.0/macos/source/recurse.h
Examining data/zip-3.0/macos/source/unixlike.c
Examining data/zip-3.0/macos/source/unixlike.h
Examining data/zip-3.0/macos/source/VolWarn.h
Examining data/zip-3.0/macos/ZipLib.h
Examining data/zip-3.0/macos/ZipSx.h
Examining data/zip-3.0/macos/zipup.h
Examining data/zip-3.0/msdos/msdos.c
Examining data/zip-3.0/msdos/osdep.h
Examining data/zip-3.0/msdos/zipup.h
Examining data/zip-3.0/novell/Netware.c
Examining data/zip-3.0/novell/osdep.h
Examining data/zip-3.0/novell/signal.c
Examining data/zip-3.0/novell/zipup.h
Examining data/zip-3.0/os2/os2.c
Examining data/zip-3.0/os2/os2acl.c
Examining data/zip-3.0/os2/os2acl.h
Examining data/zip-3.0/os2/os2zip.c
Examining data/zip-3.0/os2/os2zip.h
Examining data/zip-3.0/os2/osdep.h
Examining data/zip-3.0/os2/zipup.h
Examining data/zip-3.0/qdos/osdep.h
Examining data/zip-3.0/qdos/qdos.c
Examining data/zip-3.0/qdos/qfileio.c
Examining data/zip-3.0/qdos/zipup.h
Examining data/zip-3.0/revision.h
Examining data/zip-3.0/tailor.h
Examining data/zip-3.0/tandem/tandem.c
Examining data/zip-3.0/tandem/tandem.h
Examining data/zip-3.0/tandem/tannsk.h
Examining data/zip-3.0/tandem/tanzip.c
Examining data/zip-3.0/tandem/tanzip.h
Examining data/zip-3.0/tandem/zipup.h
Examining data/zip-3.0/theos/charconv.h
Examining data/zip-3.0/theos/osdep.h
Examining data/zip-3.0/theos/stat.h
Examining data/zip-3.0/theos/theos.c
Examining data/zip-3.0/theos/zipup.h
Examining data/zip-3.0/theos/_chmod.c
Examining data/zip-3.0/theos/_fprintf.c
Examining data/zip-3.0/theos/_isatty.c
Examining data/zip-3.0/theos/_rename.c
Examining data/zip-3.0/theos/_setargv.c
Examining data/zip-3.0/theos/_stat.c
Examining data/zip-3.0/timezone.c
Examining data/zip-3.0/timezone.h
Examining data/zip-3.0/tops20/osdep.h
Examining data/zip-3.0/tops20/tops20.c
Examining data/zip-3.0/tops20/zipup.h
Examining data/zip-3.0/trees.c
Examining data/zip-3.0/ttyio.c
Examining data/zip-3.0/ttyio.h
Examining data/zip-3.0/unix/osdep.h
Examining data/zip-3.0/unix/zipup.h
Examining data/zip-3.0/unix/unix.c
Examining data/zip-3.0/util.c
Examining data/zip-3.0/vms/bzlib.h
Examining data/zip-3.0/vms/cmdline.c
Examining data/zip-3.0/vms/osdep.h
Examining data/zip-3.0/vms/unixio_gcc.h
Examining data/zip-3.0/vms/unixlib_gcc.h
Examining data/zip-3.0/vms/vms.c
Examining data/zip-3.0/vms/vms.h
Examining data/zip-3.0/vms/vmsdefs.h
Examining data/zip-3.0/vms/vmsmunch.c
Examining data/zip-3.0/vms/vmsmunch.h
Examining data/zip-3.0/vms/vmszip.c
Examining data/zip-3.0/vms/vms_im.c
Examining data/zip-3.0/vms/vms_msg_gen.c
Examining data/zip-3.0/vms/vms_pk.c
Examining data/zip-3.0/vms/zipup.h
Examining data/zip-3.0/win32/crc_i386.c
Examining data/zip-3.0/win32/nt.c
Examining data/zip-3.0/win32/nt.h
Examining data/zip-3.0/win32/osdep.h
Examining data/zip-3.0/win32/rsxntwin.h
Examining data/zip-3.0/win32/win32.c
Examining data/zip-3.0/win32/win32i64.c
Examining data/zip-3.0/win32/win32zip.c
Examining data/zip-3.0/win32/win32zip.h
Examining data/zip-3.0/win32/zipup.h
Examining data/zip-3.0/windll/example.c
Examining data/zip-3.0/windll/example.h
Examining data/zip-3.0/windll/structs.h
Examining data/zip-3.0/windll/windll.c
Examining data/zip-3.0/windll/windll.h
Examining data/zip-3.0/zbz2err.c
Examining data/zip-3.0/zip.h
Examining data/zip-3.0/zipcloak.c
Examining data/zip-3.0/ziperr.h
Examining data/zip-3.0/zipfile.c
Examining data/zip-3.0/zipsplit.c
Examining data/zip-3.0/zipup.c
Examining data/zip-3.0/zipnote.c
Examining data/zip-3.0/zip.c
FINAL RESULTS:
data/zip-3.0/acorn/riscos.c:238:5: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
int chmod(char *file, int mode)
data/zip-3.0/acorn/riscos.h:106:5: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
int chmod(char *file, int mode);
data/zip-3.0/amiga/stat.c:199:5: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
int chmod(const char *filename, int bits) /* bits are as for st_mode */
data/zip-3.0/amiga/z-stat.h:92:5: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
int chmod(const char *filename, int bits);
data/zip-3.0/atari/atari.c:255:19: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
(k = readlink(path, fn, FILENAME_MAX)) > 0) {
data/zip-3.0/fileio.c:1317:10: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
return chmod(f, a);
data/zip-3.0/fileio.c:2164:7: [5] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is high; the length parameter
appears to be a constant, instead of computing the number of characters
left.
strncat(buf, split_path, SPLIT_MAXPATH);
data/zip-3.0/macos/osdep.h:105:5: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
int readlink(char *path, char *buf, int size);
data/zip-3.0/macos/source/unixlike.c:292:5: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
int chmod(char *path, int mode)
data/zip-3.0/macos/source/unixlike.h:81:5: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
int chmod(char *path, int mode);
data/zip-3.0/tandem/tandem.c:306:5: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
int chmod(file, unix_sec)
data/zip-3.0/tandem/tandem.c:371:5: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
int chown(file, uid, gid)
data/zip-3.0/theos/stat.h:97:9: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
#define chmod(a,b) _chmod(a,b)
data/zip-3.0/tops20/tops20.c:44:20: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
extern int stat(), chmod(), toupper(), tolower();
data/zip-3.0/zip.h:698:29: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
# define rdsymlnk(p,b,n) readlink(p,b,n)
data/zip-3.0/acorn/acornzip.c:93:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newwhole, whole);
data/zip-3.0/acorn/acornzip.c:104:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newwhole + newlen, name);
data/zip-3.0/acorn/acornzip.c:108:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, subwild);
data/zip-3.0/acorn/acornzip.c:145:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(path,p);
data/zip-3.0/acorn/acornzip.c:204:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, n);
data/zip-3.0/acorn/acornzip.c:225:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcpy(a, p), e);
data/zip-3.0/acorn/acornzip.c:225:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcat(strcpy(a, p), e);
data/zip-3.0/acorn/acornzip.c:260:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmp, x);
data/zip-3.0/acorn/acornzip.c:319:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(n, t);
data/zip-3.0/acorn/acornzip.c:344:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(x, n);
data/zip-3.0/acorn/acornzip.c:444:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, f);
data/zip-3.0/acorn/acornzip.c:508:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name,z->name);
data/zip-3.0/acorn/acornzip.c:570:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(CompiledWith,
data/zip-3.0/acorn/riscos.c:109:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(thisdir->dirname,dirname);
data/zip-3.0/acorn/riscos.c:160:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dent.d_name,d->act);
data/zip-3.0/acorn/riscos.c:204:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s,d);
data/zip-3.0/acorn/riscos.c:250:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str,"SetType %s &%3.3X",fname,ftype);
data/zip-3.0/acorn/riscos.c:265:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(exts2swap, envptr);
data/zip-3.0/acorn/riscos.c:311:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name,ext);
data/zip-3.0/amiga/amigazip.c:100:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newwhole, whole);
data/zip-3.0/amiga/amigazip.c:111:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newwhole + newlen, name);
data/zip-3.0/amiga/amigazip.c:115:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, subwild);
data/zip-3.0/amiga/amigazip.c:200:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, n);
data/zip-3.0/amiga/amigazip.c:218:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcpy(a, p), e);
data/zip-3.0/amiga/amigazip.c:218:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcat(strcpy(a, p), e);
data/zip-3.0/amiga/amigazip.c:268:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(n, t);
data/zip-3.0/amiga/amigazip.c:287:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(x, n);
data/zip-3.0/amiga/amigazip.c:339:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, f);
data/zip-3.0/amiga/amigazip.c:482:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf4," on %s",__DATE__);
data/zip-3.0/amiga/amigazip.c:499:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(CompiledWith,
data/zip-3.0/amiga/filedate.c:300:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((ptr+1),fib->fib_FileName);
data/zip-3.0/aosvs/aosvs.c:122:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, n);
data/zip-3.0/aosvs/aosvs.c:143:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcpy(a, p), e);
data/zip-3.0/aosvs/aosvs.c:143:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcat(strcpy(a, p), e);
data/zip-3.0/aosvs/aosvs.c:215:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(n + 3, t + 1);
data/zip-3.0/aosvs/aosvs.c:222:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(n + 5, t + 1);
data/zip-3.0/aosvs/aosvs.c:228:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(n, t);
data/zip-3.0/aosvs/aosvs.c:262:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(x, n);
data/zip-3.0/aosvs/aosvs.c:313:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, f);
data/zip-3.0/api.c:89:1: [4] (buffer) lstrcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
lstrcpy(str1, s);
data/zip-3.0/api.c:150:5: [4] (buffer) lstrcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
lstrcat(str1, str3);
data/zip-3.0/api.c:165:9: [4] (buffer) lstrcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
lstrcat(str1, str3);
data/zip-3.0/api.c:174:5: [4] (buffer) lstrcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
lstrcpy(str1, str3); /* Dump the leading space */
data/zip-3.0/api.c:228:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( argVee[i], cmd );
data/zip-3.0/api.c:283:24: [4] (buffer) lstrcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
if (Options.szRootDir) lstrcpy(szRootDir, Options.szRootDir);
data/zip-3.0/api.c:284:28: [4] (buffer) lstrcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
if (Options.szExcludeList) lstrcpy(szExcludeList, Options.szExcludeList);
data/zip-3.0/api.c:285:28: [4] (buffer) lstrcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
if (Options.szIncludeList) lstrcpy(szIncludeList, Options.szIncludeList);
data/zip-3.0/api.c:286:24: [4] (buffer) lstrcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
if (Options.szTempDir) lstrcpy(szTempDir, Options.szTempDir);
data/zip-3.0/api.c:690:5: [4] (buffer) lstrcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
lstrcpy(p->betalevel, Z_BETALEVEL);
data/zip-3.0/api.c:691:5: [4] (buffer) lstrcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
lstrcpy(p->date, REVDATE);
data/zip-3.0/api.c:694:5: [4] (buffer) lstrcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
lstrcpy(p->zlib_version, ZLIB_VERSION);
data/zip-3.0/atari/atari.c:123:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, w);
data/zip-3.0/atari/atari.c:148:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
p = strcat(strcpy(v, p), ":"); /* copy device as path */
data/zip-3.0/atari/atari.c:202:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
n = strcpy(n, p);
data/zip-3.0/atari/atari.c:205:22: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
r = procname(strcat(n, e), 0); /* name is path/name */
data/zip-3.0/atari/atari.c:258:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcat(path, " -> "), fn);
data/zip-3.0/atari/atari.c:309:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, entp->d_name);
data/zip-3.0/atari/atari.c:327:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fullpath, p);
data/zip-3.0/atari/atari.c:407:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, n);
data/zip-3.0/atari/atari.c:428:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcpy(a, p), e);
data/zip-3.0/atari/atari.c:428:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcat(strcpy(a, p), e);
data/zip-3.0/atari/atari.c:475:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(n, t);
data/zip-3.0/atari/atari.c:499:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(x, n);
data/zip-3.0/atari/atari.c:551:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, f);
data/zip-3.0/atari/atari.c:650:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(CompiledWith,
data/zip-3.0/atheos/atheos.c:115:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, n);
data/zip-3.0/atheos/atheos.c:136:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcpy(a, p), e);
data/zip-3.0/atheos/atheos.c:136:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcat(strcpy(a, p), e);
data/zip-3.0/atheos/atheos.c:196:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(n, t);
data/zip-3.0/atheos/atheos.c:218:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(x, n);
data/zip-3.0/atheos/atheos.c:280:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, f);
data/zip-3.0/atheos/atheos.c:458:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( ptr, fa_ent->d_name );
data/zip-3.0/atheos/atheos.c:862:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(CompiledWith,
data/zip-3.0/beos/beos.c:151:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, n);
data/zip-3.0/beos/beos.c:172:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcpy(a, p), e);
data/zip-3.0/beos/beos.c:172:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcat(strcpy(a, p), e);
data/zip-3.0/beos/beos.c:216:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(n, t);
data/zip-3.0/beos/beos.c:239:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(x, n);
data/zip-3.0/beos/beos.c:302:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, f);
data/zip-3.0/beos/beos.c:452:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( ptr, fa_ent->d_name );
data/zip-3.0/beos/beos.c:896:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "IFS=\" \t\n\" /bin/rmdir %s 2>/dev/null", d);
data/zip-3.0/beos/beos.c:897:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
r = system(s);
data/zip-3.0/beos/beos.c:916:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(CompiledWith,
data/zip-3.0/cmsmvs/cmsmvs.c:28:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( buf->fname, path );
data/zip-3.0/cmsmvs/cmsmvs.c:96:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(n, t);
data/zip-3.0/cmsmvs/cmsmvs.c:111:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mem,t+1); /* Save member name */
data/zip-3.0/cmsmvs/cmsmvs.c:116:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ext,t);
data/zip-3.0/cmsmvs/cmsmvs.c:118:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(t,mem);
data/zip-3.0/cmsmvs/cmsmvs.c:120:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(t,ext);
data/zip-3.0/cmsmvs/cmsmvs.c:137:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(n, t);
data/zip-3.0/cmsmvs/cmsmvs.c:386:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(liblvlmsg, "Using runtime library level %s V%dR%dM%d",
data/zip-3.0/cmsmvs/mvs.c:63:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( dirp->D_path, dirname );
data/zip-3.0/cmsmvs/mvs.c:184:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, n);
data/zip-3.0/cmsmvs/mvs.c:205:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcpy(a, p), e);
data/zip-3.0/cmsmvs/mvs.c:205:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcat(strcpy(a, p), e);
data/zip-3.0/crypt.c:103:22: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define Trace(x) fprintf x
data/zip-3.0/crypt.c:517:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(GLOBAL(key), passwrd);
data/zip-3.0/fileio.c:143:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, name);
data/zip-3.0/fileio.c:471:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, " first full name: %s\n", nodup[j - 1]->name);
data/zip-3.0/fileio.c:472:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tempbuf, " second full name: %s\n", nodup[j]->name);
data/zip-3.0/fileio.c:474:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(errbuf, tempbuf);
data/zip-3.0/fileio.c:478:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tempbuf, "name in zip file repeated: %s", nodup[j]->iname);
data/zip-3.0/fileio.c:480:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(errbuf, tempbuf);
data/zip-3.0/fileio.c:698:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(z->name, name);
data/zip-3.0/fileio.c:727:5: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(z->namew, namew);
data/zip-3.0/fileio.c:798:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(f->name, name);
data/zip-3.0/fileio.c:819:5: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(f->namew, namew);
data/zip-3.0/fileio.c:938:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(oname, zname);
data/zip-3.0/fileio.c:961:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(z->name, name);
data/zip-3.0/fileio.c:1041:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(f->name, name);
data/zip-3.0/fileio.c:1344:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(t, tempath);
data/zip-3.0/fileio.c:1400:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(cptr, getenv("DEFAULTS"));
data/zip-3.0/fileio.c:1442:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(t, tempath);
data/zip-3.0/fileio.c:1495:10: [4] (tmpfile) mktemp:
Temporary file race condition (CWE-377).
return mktemp(t);
data/zip-3.0/fileio.c:1863:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(split_path, in_path);
data/zip-3.0/fileio.c:1910:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(split_path, in_path);
data/zip-3.0/fileio.c:2052:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(split_dir, in_path);
data/zip-3.0/fileio.c:2072:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(archive_name, in_path + strlen(split_dir));
data/zip-3.0/fileio.c:2082:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(split_name, split_path + strlen(split_dir));
data/zip-3.0/fileio.c:2154:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, split_path);
data/zip-3.0/fileio.c:2194:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(in_path, archive_name);
data/zip-3.0/fileio.c:2210:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(in_path, buf);
data/zip-3.0/fileio.c:2211:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(in_path, archive_name);
data/zip-3.0/fileio.c:2223:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(split_dir, in_path);
data/zip-3.0/fileio.c:2292:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(split_dir, out_path);
data/zip-3.0/fileio.c:2310:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(split_name, out_path + strlen(split_dir));
data/zip-3.0/fileio.c:2360:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(out_path, split_name);
data/zip-3.0/fileio.c:2376:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(out_path, buf);
data/zip-3.0/fileio.c:2377:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(out_path, split_name);
data/zip-3.0/fileio.c:2385:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(split_dir, out_path);
data/zip-3.0/fileio.c:2396:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(split_name, out_path + strlen(split_dir));
data/zip-3.0/fileio.c:2439:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(split_path, base_path);
data/zip-3.0/fileio.c:2466:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(split_path, base_path);
data/zip-3.0/fileio.c:2469:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(split_path, ext);
data/zip-3.0/fileio.c:2473:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(split_path, vers_ptr);
data/zip-3.0/fileio.c:2527:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(split_path, base_path);
data/zip-3.0/fileio.c:2530:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(split_path, ext);
data/zip-3.0/fileio.c:2534:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(split_path, vers_ptr);
data/zip-3.0/fileio.c:2698:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tempzip, tempath);
data/zip-3.0/fileio.c:2708:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tempzip, zipfile);
data/zip-3.0/fileio.c:3184:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(r, e);
data/zip-3.0/fileio.c:3322:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, e);
data/zip-3.0/fileio.c:3332:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, wide_to_mb_default_string);
data/zip-3.0/fileio.c:3336:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, e);
data/zip-3.0/fileio.c:3345:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(local_string, buffer);
data/zip-3.0/fileio.c:3376:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, buf);
data/zip-3.0/fileio.c:3380:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, e);
data/zip-3.0/fileio.c:3387:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(escape_string, buffer);
data/zip-3.0/fileio.c:3438:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp_string, local_string);
data/zip-3.0/fileio.c:3458:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(display_string, temp_string);
data/zip-3.0/fileio.c:3749:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(optname, "'%s' (%s)", options[optind].longopt, options[optind].name);
data/zip-3.0/fileio.c:3751:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(optname, "'%s' (%s)", options[optind].shortopt, options[optind].name);
data/zip-3.0/fileio.c:3754:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(optname, "'%s'", options[optind].longopt);
data/zip-3.0/fileio.c:3756:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(optname, "'%s'", options[optind].shortopt);
data/zip-3.0/fileio.c:3758:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, err, optname);
data/zip-3.0/fileio.c:3803:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(new_args[j], args[j]);
data/zip-3.0/fileio.c:3887:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newarg, arg);
data/zip-3.0/fileio.c:4096:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*value, arg + (*optchar) + clen);
data/zip-3.0/fileio.c:4105:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*value, args[argnum + 1]);
data/zip-3.0/fileio.c:4122:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*value, arg + (*optchar) + clen);
data/zip-3.0/fileio.c:4130:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*value, args[argnum + 1]);
data/zip-3.0/fileio.c:4152:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(optionerrbuf, sh_op_not_sup_err, *shortopt);
data/zip-3.0/fileio.c:4200:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(arg, args[argnum]);
data/zip-3.0/fileio.c:4236:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(optionerrbuf, long_op_ambig_err, longopt);
data/zip-3.0/fileio.c:4251:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(optionerrbuf, long_op_not_sup_err, longopt);
data/zip-3.0/fileio.c:4285:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*value, valuestart);
data/zip-3.0/fileio.c:4298:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*value, valuestart);
data/zip-3.0/fileio.c:4307:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*value, args[argnum + 1]);
data/zip-3.0/fileio.c:4635:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*value, arg);
data/zip-3.0/fileio.c:4708:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*value, args[argn]);
data/zip-3.0/fileio.c:4762:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*value, args[argn]);
data/zip-3.0/fileio.c:4788:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*value, arg);
data/zip-3.0/fileio.c:4830:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*value, arg);
data/zip-3.0/fileio.c:4886:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*value, arg);
data/zip-3.0/human68k/human68k.c:51:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, w);
data/zip-3.0/human68k/human68k.c:65:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, inf.name);
data/zip-3.0/human68k/human68k.c:126:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, n);
data/zip-3.0/human68k/human68k.c:147:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcpy(a, p), e);
data/zip-3.0/human68k/human68k.c:147:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcat(strcpy(a, p), e);
data/zip-3.0/human68k/human68k.c:189:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(n, t);
data/zip-3.0/human68k/human68k.c:208:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
return strcpy(x, n);
data/zip-3.0/human68k/human68k.c:251:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, f);
data/zip-3.0/human68k/human68k.c:345:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(CompiledWith,
data/zip-3.0/macos/ZipLib.h:65:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
int fprintf(FILE *file, const char *format, ...);
data/zip-3.0/macos/ZipLib.h:66:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
int printf(const char *format, ...);
data/zip-3.0/macos/ZipSx.h:64:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
int fprintf(FILE *file, const char *format, ...);
data/zip-3.0/macos/ZipSx.h:65:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
int printf(const char *format, ...);
data/zip-3.0/macos/osdep.h:92:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
int fprintf(FILE *file, const char *format, ...);
data/zip-3.0/macos/osdep.h:93:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
int printf(const char *format, ...);
data/zip-3.0/macos/source/macopen.c:130:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lastpath,currpath);
data/zip-3.0/macos/source/macopen.c:253:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(currpath,"%s~%d",(char *)fileToDelete.name,Num);
data/zip-3.0/macos/source/macos.c:227:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(CompiledWith,
data/zip-3.0/macos/source/macos.c:329:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(currpath,"%s~%d",(char *)dirToDelete.name,Num);
data/zip-3.0/macos/source/macos.c:1013:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(estStr,Time_Est_strings[idx],P2CStr(xx),P2CStr(yy));
data/zip-3.0/macos/source/macos.c:1030:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ZipVersion, "Zip Module\n%d.%d%d%s of %s", Z_MAJORVER, Z_MINORVER,
data/zip-3.0/macos/source/macos.c:1070:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ZipVersionLocal, "[%s %s]", __DATE__, __TIME__);
data/zip-3.0/macos/source/pathname.c:158:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"%s%d",ExtractPath,count);
data/zip-3.0/macos/source/pathname.c:365:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
return strcpy(FileName, FilePath); /* FilePath has no Folders */
data/zip-3.0/macos/source/pathname.c:368:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
return strcpy(FileName, dirPtr);
data/zip-3.0/macos/source/pathname.c:689:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
return strcpy(filename,LongFilename);
data/zip-3.0/macos/source/pathname.c:693:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tempLongFilename,LongFilename);
data/zip-3.0/macos/source/pathname.c:717:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(filename,"%s%s", tempLongFilename, charnum);
data/zip-3.0/macos/source/pathname.c:722:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(filename,"%s%s%s", tempLongFilename, charnum, last_dotpos);
data/zip-3.0/msdos/msdos.c:127:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, name);
data/zip-3.0/msdos/msdos.c:133:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(q, wild_match_all);
data/zip-3.0/msdos/msdos.c:159:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(vol, wild_match_all);
data/zip-3.0/msdos/msdos.c:164:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, p + 1);
data/zip-3.0/msdos/msdos.c:236:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newwhole, whole);
data/zip-3.0/msdos/msdos.c:248:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newwhole + newlen, dir.ff_name);
data/zip-3.0/msdos/msdos.c:252:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, subwild);
data/zip-3.0/msdos/msdos.c:299:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, w);
data/zip-3.0/msdos/msdos.c:369:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, n);
data/zip-3.0/msdos/msdos.c:404:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, n);
data/zip-3.0/msdos/msdos.c:436:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcpy(a, p), e);
data/zip-3.0/msdos/msdos.c:436:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcat(strcpy(a, p), e);
data/zip-3.0/msdos/msdos.c:510:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(n, t);
data/zip-3.0/msdos/msdos.c:535:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(x, n);
data/zip-3.0/msdos/msdos.c:599:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, f);
data/zip-3.0/msdos/msdos.c:961:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(CompiledWith, COMPILER_NAME1, COMPILER_NAME2,
data/zip-3.0/msdos/msdos.c:980:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(i_name, name);
data/zip-3.0/msdos/msdos.c:1119:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newname, path);
data/zip-3.0/novell/Netware.c:80:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dir,GetWorkArea());
data/zip-3.0/novell/Netware.c:88:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(both,"%s%s",strupr(fname),strupr(fext));
data/zip-3.0/novell/Netware.c:144:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (zipdir, psz + 1);
data/zip-3.0/novell/Netware.c:180:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (szzipfile, zipdir);
data/zip-3.0/novell/Netware.c:182:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (szzipfile, dirStructPtr->d_name);
data/zip-3.0/novell/Netware.c:220:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (szzipfile, zipdir);
data/zip-3.0/novell/Netware.c:222:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (szzipfile, dirStructPtr->d_name);
data/zip-3.0/novell/Netware.c:270:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dir,GetWorkArea());
data/zip-3.0/novell/Netware.c:275:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(both,"%s%s",strupr(fname),strupr(fext));
data/zip-3.0/novell/Netware.c:307:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
n = strcpy(n, p);
data/zip-3.0/novell/Netware.c:310:22: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
r = procname(strcat(n, e)); /* name is path/name */
data/zip-3.0/novell/Netware.c:385:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, n);
data/zip-3.0/novell/Netware.c:460:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, n);
data/zip-3.0/novell/Netware.c:481:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcpy(a, p), e);
data/zip-3.0/novell/Netware.c:481:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcat(strcpy(a, p), e);
data/zip-3.0/novell/Netware.c:523:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (szRelativ, szp);
data/zip-3.0/novell/Netware.c:565:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (sztUpper, t);
data/zip-3.0/novell/Netware.c:592:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(n, t);
data/zip-3.0/novell/Netware.c:614:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(x, n);
data/zip-3.0/novell/Netware.c:667:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, f);
data/zip-3.0/novell/Netware.c:736:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, f);
data/zip-3.0/novell/Netware.c:839:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(CompiledWith,
data/zip-3.0/novell/Netware.c:961:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newname, path);
data/zip-3.0/os2/os2.c:83:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, w);
data/zip-3.0/os2/os2.c:113:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
p = strcat(strcpy(v, p), ":"); /* copy device as path */
data/zip-3.0/os2/os2.c:167:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
n = strcpy(n, p);
data/zip-3.0/os2/os2.c:170:22: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
r = procname(strcat(n, e), 0); /* name is path/name */
data/zip-3.0/os2/os2.c:245:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, n);
data/zip-3.0/os2/os2.c:266:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcpy(a, p), e);
data/zip-3.0/os2/os2.c:266:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcat(strcpy(a, p), e);
data/zip-3.0/os2/os2.c:337:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(n, t);
data/zip-3.0/os2/os2.c:358:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(x, n);
data/zip-3.0/os2/os2.c:408:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, f);
data/zip-3.0/os2/os2acl.c:270:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer, cwd);
data/zip-3.0/os2/os2acl.c:276:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, source);
data/zip-3.0/os2/os2acl.c:301:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
offs += sprintf(text + offs, "%s,%X\n",
data/zip-3.0/os2/os2zip.c:102:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(nbuf, name);
data/zip-3.0/os2/os2zip.c:169:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dp -> _d_entry, s);
data/zip-3.0/os2/os2zip.c:198:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strlen(strcpy(dp.d_name, dirp -> dd_cp -> _d_entry));
data/zip-3.0/os2/os2zip.c:579:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(nbuf, ea ? ea : comp);
data/zip-3.0/os2/os2zip.c:641:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(szName, path);
data/zip-3.0/os2/os2zip.c:672:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pGEA -> szName, pFound -> szName);
data/zip-3.0/os2/os2zip.c:797:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(szName, path);
data/zip-3.0/os2/os2zip.c:831:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pGEA -> szName, pFound -> szName);
data/zip-3.0/os2/os2zip.c:1109:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(CompiledWith,
data/zip-3.0/qdos/qdos.c:196:5: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
int access (char *f, int mode)
data/zip-3.0/qdos/qdos.c:232:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, qlname);
data/zip-3.0/qdos/qdos.c:254:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(q, r);
data/zip-3.0/qdos/qdos.c:330:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, qlname);
data/zip-3.0/qdos/qdos.c:331:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, name);
data/zip-3.0/qdos/qdos.c:475:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p, dnam);
data/zip-3.0/qdos/qdos.c:482:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (match, dp + 5);
data/zip-3.0/qdos/qdos.c:543:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(nam, ddev);
data/zip-3.0/qdos/qdos.c:838:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lq->longid, LONGID);
data/zip-3.0/qdos/qfileio.c:110:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(n, t);
data/zip-3.0/qdos/qfileio.c:130:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(x, Unix2ql(n, NULL));
data/zip-3.0/qdos/qfileio.c:181:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, f);
data/zip-3.0/tailor.h:267:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
IZ_IMP char *strcpy();
data/zip-3.0/tailor.h:268:14: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
IZ_IMP char *strcat();
data/zip-3.0/tailor.h:285:14: [4] (tmpfile) mktemp:
Temporary file race condition (CWE-377).
IZ_IMP char *mktemp();
data/zip-3.0/tandem/tandem.c:77:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(x, TANDEM_NODE_STR);
data/zip-3.0/tandem/tandem.c:81:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(x, TANDEM_DELIMITER_STR);
data/zip-3.0/tandem/tandem.c:136:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(x, TANDEM_EXTENSION_STR);
data/zip-3.0/tandem/tandem.c:251:20: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
short len, fnum, access, exclus, options;
data/zip-3.0/tandem/tandem.c:293:49: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
err = FILE_OPEN_((char *)fname, len, &fnum, access, exclus,,,options,,,);
data/zip-3.0/tandem/tandem.c:326:14: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
short len, access, exclus, extension, options;
data/zip-3.0/tandem/tandem.c:362:47: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
err = FILE_OPEN_((char *)fname, len, &fnum, access, exclus,,,options,,,);
data/zip-3.0/tandem/tandem.c:387:14: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
short len, access, exclus, extension, options;
data/zip-3.0/tandem/tandem.c:403:47: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
err = FILE_OPEN_((char *)fname, len, &fnum, access, exclus,,,options,,,);
data/zip-3.0/tandem/tandem.c:821:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dirp->D_path, dirname);
data/zip-3.0/tandem/tandem.c:846:8: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(dirp->D_curpos->d_name,TANDEM_EXTENSION_STR);
data/zip-3.0/tandem/tandem.c:847:8: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(dirp->D_curpos->d_name,ext);
data/zip-3.0/tandem/tanzip.c:31:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(CompiledWith,
data/zip-3.0/tandem/tanzip.c:149:27: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
short err, len, fnum, access, exclus, bufferlen, options;
data/zip-3.0/tandem/tanzip.c:169:53: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
err = OPENEDIT_ ((char *)fname, len, &fnum, access, exclus);
data/zip-3.0/tandem/tanzip.c:178:53: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
err = FILE_OPEN_((char *)fname, len, &fnum, access, exclus,
data/zip-3.0/tandem/tanzip.c:187:51: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
err = FILE_OPEN_((char *)fname, len, &fnum, access, exclus,
data/zip-3.0/tandem/tanzip.c:438:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, n);
data/zip-3.0/tandem/tanzip.c:502:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(n, INTERNAL_NODE_STR);
data/zip-3.0/tandem/tanzip.c:506:14: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(n, INTERNAL_DELIMITER_STR);
data/zip-3.0/tandem/tanzip.c:515:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(n,t); /* mop up any left over characters */
data/zip-3.0/tandem/tanzip.c:518:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(n,DOS_EXTENSION_STR);
data/zip-3.0/tandem/tanzip.c:519:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(n,ext);
data/zip-3.0/theos/_fprintf.c:22:9: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
n = vfprintf(fp, fmt, (long*) ap);
data/zip-3.0/theos/_rename.c:27:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(bfn, fn);
data/zip-3.0/theos/_setargv.c:104:25: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(path, p+1);
data/zip-3.0/theos/_setargv.c:106:25: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(path, r);
data/zip-3.0/theos/_stat.c:157:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf2, fn);
data/zip-3.0/theos/_stat.c:169:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, q);
data/zip-3.0/theos/_stat.c:199:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, fn);
data/zip-3.0/theos/_stat.c:226:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, fn);
data/zip-3.0/theos/_stat.c:252:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
fn = strcpy(buf3, _fn);
data/zip-3.0/theos/_stat.c:281:18: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
fn = strcat(buf2, fn);
data/zip-3.0/theos/_stat.c:286:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf2, fn);
data/zip-3.0/theos/_stat.c:455:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dirp, dirpath);
data/zip-3.0/theos/theos.c:115:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lib, path);
data/zip-3.0/theos/theos.c:129:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(lib, drive);
data/zip-3.0/theos/theos.c:176:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, n);
data/zip-3.0/theos/theos.c:180:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, libname(path));
data/zip-3.0/theos/theos.c:197:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, n);
data/zip-3.0/theos/theos.c:201:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(drive, p);
data/zip-3.0/theos/theos.c:210:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(path, drive);
data/zip-3.0/theos/theos.c:221:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, n);
data/zip-3.0/theos/theos.c:225:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(drive, p);
data/zip-3.0/theos/theos.c:235:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, drive);
data/zip-3.0/theos/theos.c:251:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, drive);
data/zip-3.0/theos/theos.c:265:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(a, e);
data/zip-3.0/theos/theos.c:286:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, n);
data/zip-3.0/theos/theos.c:307:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcpy(a, p), e);
data/zip-3.0/theos/theos.c:307:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcat(strcpy(a, p), e);
data/zip-3.0/theos/theos.c:351:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(n, t);
data/zip-3.0/theos/theos.c:375:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(x, n);
data/zip-3.0/theos/theos.c:428:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, f);
data/zip-3.0/timezone.c:503:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(old_TZstring, TZstring);
data/zip-3.0/tops20/tops20.c:75:29: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if ((m > 0) && (*(c = strcpy(p,n) + m-1) != '>')) {
data/zip-3.0/tops20/tops20.c:146:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fp, fname); /* copy the file name here */
data/zip-3.0/tops20/tops20.c:207:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, n);
data/zip-3.0/tops20/tops20.c:278:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fp, fname); /* copy the file name here */
data/zip-3.0/tops20/tops20.c:299:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(n, t);
data/zip-3.0/tops20/tops20.c:374:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(x, n);
data/zip-3.0/tops20/tops20.c:382:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(x + 2, n);
data/zip-3.0/tops20/tops20.c:441:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, f);
data/zip-3.0/tops20/tops20.c:543:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(CompiledWith,
data/zip-3.0/unix/unix.c:169:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, n);
data/zip-3.0/unix/unix.c:190:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcpy(a, p), e);
data/zip-3.0/unix/unix.c:190:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcat(strcpy(a, p), e);
data/zip-3.0/unix/unix.c:268:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(n, t);
data/zip-3.0/unix/unix.c:297:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(x, n);
data/zip-3.0/unix/unix.c:361:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, f);
data/zip-3.0/unix/unix.c:581:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, z->name);
data/zip-3.0/unix/unix.c:705:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "IFS=\" \t\n\" /bin/rmdir %s 2>/dev/null", d);
data/zip-3.0/unix/unix.c:706:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
r = system(s);
data/zip-3.0/unix/unix.c:901:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(os_name, "%s %s", u.sysname, u.release);
data/zip-3.0/unix/unix.c:906:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(os_name, "NetBSD 0.8%s", netbsd[NetBSD0_8]);
data/zip-3.0/unix/unix.c:909:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(os_name, "NetBSD 0.9%s", netbsd[NetBSD0_9]);
data/zip-3.0/unix/unix.c:912:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(os_name, "NetBSD 1.0%s", netbsd[NetBSD1_0]);
data/zip-3.0/util.c:516:5: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(sw1, sw);
data/zip-3.0/util.c:547:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s1, s);
data/zip-3.0/util.c:835:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bufptr, envptr);
data/zip-3.0/util.c:863:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(argstart, argstart + 1);
data/zip-3.0/util.c:1119:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( fmt, FZOFFT_HEX_WID_VALUE);
data/zip-3.0/util.c:1124:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( fmt, FZOFFT_HEX_WID_VALUE);
data/zip-3.0/util.c:1128:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( fmt, pre);
data/zip-3.0/util.c:1131:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( fmt, FZOFFT_FMT); /* Long or long-long or whatever. */
data/zip-3.0/util.c:1136:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( fmt, post); /* Caller's radix. */
data/zip-3.0/util.c:1142:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf( fzofft_buf[ fzofft_index], fmt, val);
data/zip-3.0/util.c:1168:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( fmt, FZOFFT_HEX_WID_VALUE);
data/zip-3.0/util.c:1173:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( fmt, FZOFFT_HEX_WID_VALUE);
data/zip-3.0/util.c:1177:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( fmt, pre);
data/zip-3.0/util.c:1180:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( fmt, FZOFFT_FMT); /* Long or long-long or whatever. */
data/zip-3.0/util.c:1185:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( fmt, post); /* Caller's radix. */
data/zip-3.0/util.c:1191:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf( fuzofft_buf[ fuzofft_index], fmt, val);
data/zip-3.0/vms/cmdline.c:532:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &the_cmd_line[ x], OPT_CN);
data/zip-3.0/vms/cmdline.c:568:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &the_cmd_line[ x], opt);
data/zip-3.0/vms/cmdline.c:583:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &the_cmd_line[ x], opt);
data/zip-3.0/vms/cmdline.c:597:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &the_cmd_line[ x], opt);
data/zip-3.0/vms/cmdline.c:618:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &the_cmd_line[ x], OPT_IC);
data/zip-3.0/vms/cmdline.c:626:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &the_cmd_line[ x], OPT_ICN);
data/zip-3.0/vms/cmdline.c:642:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &the_cmd_line[ x], OPT_FD);
data/zip-3.0/vms/cmdline.c:656:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &the_cmd_line[ x], OPT_DF);
data/zip-3.0/vms/cmdline.c:710:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &the_cmd_line[ x], OPT_FS);
data/zip-3.0/vms/cmdline.c:747:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &the_cmd_line[ x], OPT_H2);
data/zip-3.0/vms/cmdline.c:921:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "could not open list file: %s",
data/zip-3.0/vms/cmdline.c:938:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&the_cmd_line[x], options);
data/zip-3.0/vms/cmdline.c:995:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &the_cmd_line[ x], OPT_DB);
data/zip-3.0/vms/cmdline.c:1004:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &the_cmd_line[ x], OPT_DC);
data/zip-3.0/vms/cmdline.c:1015:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &the_cmd_line[ x], OPT_DD);
data/zip-3.0/vms/cmdline.c:1022:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &the_cmd_line[ x], OPT_DS);
data/zip-3.0/vms/cmdline.c:1038:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &the_cmd_line[ x], OPT_DG);
data/zip-3.0/vms/cmdline.c:1047:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &the_cmd_line[ x], OPT_DU);
data/zip-3.0/vms/cmdline.c:1056:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &the_cmd_line[ x], OPT_DV);
data/zip-3.0/vms/cmdline.c:1077:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &the_cmd_line[ x], OPT_LA);
data/zip-3.0/vms/cmdline.c:1087:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&the_cmd_line[x], OPT_LF);
data/zip-3.0/vms/cmdline.c:1099:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &the_cmd_line[ x], OPT_LI);
data/zip-3.0/vms/cmdline.c:1121:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &the_cmd_line[ x], OPT_SB);
data/zip-3.0/vms/cmdline.c:1131:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &the_cmd_line[ x], OPT_SP);
data/zip-3.0/vms/cmdline.c:1143:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &the_cmd_line[ x], OPT_S);
data/zip-3.0/vms/cmdline.c:1158:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &the_cmd_line[ x], OPT_SV);
data/zip-3.0/vms/cmdline.c:1180:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &the_cmd_line[ x], OPT_SC);
data/zip-3.0/vms/cmdline.c:1189:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &the_cmd_line[ x], OPT_SD);
data/zip-3.0/vms/cmdline.c:1198:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &the_cmd_line[ x], OPT_SF);
data/zip-3.0/vms/cmdline.c:1207:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &the_cmd_line[ x], OPT_SO);
data/zip-3.0/vms/cmdline.c:1223:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &the_cmd_line[ x], OPT_FZ);
data/zip-3.0/vms/cmdline.c:1241:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &the_cmd_line[ x], OPT_W);
data/zip-3.0/vms/cmdline.c:1250:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &the_cmd_line[ x], OPT_NW);
data/zip-3.0/vms/cmdline.c:1265:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &the_cmd_line[ x], OPT_MM);
data/zip-3.0/vms/cmdline.c:1283:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&the_cmd_line[x], OPT_TT);
data/zip-3.0/vms/cmdline.c:1306:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &the_cmd_line[ x], OPT_ZB);
data/zip-3.0/vms/cmdline.c:1315:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &the_cmd_line[ x], OPT_ZD);
data/zip-3.0/vms/cmdline.c:1324:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &the_cmd_line[ x], OPT_ZS);
data/zip-3.0/vms/cmdline.c:1346:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&the_cmd_line[x+3], since_time);
data/zip-3.0/vms/cmdline.c:1367:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&the_cmd_line[x+4], before_time);
data/zip-3.0/vms/cmdline.c:1400:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &the_cmd_line[ x], OPT_XN);
data/zip-3.0/vms/cmdline.c:1408:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &the_cmd_line[ x], OPT_X);
data/zip-3.0/vms/cmdline.c:1792:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(copyright[i], "zip");
data/zip-3.0/vms/cmdline.c:1797:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(text[i], VERSION, REVDATE);
data/zip-3.0/vms/vms.c:306:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(CompiledWith,
data/zip-3.0/vms/vms.c:334:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(sprintf( buf, " (%s Alpha)", vms_vers), buf),
data/zip-3.0/vms/vms.c:337:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(sprintf( buf, " (%s IA64)", vms_vers), buf),
data/zip-3.0/vms/vms.c:340:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(sprintf( buf, " (%s VAX)", vms_vers), buf),
data/zip-3.0/vms/vms.c:463:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( temp_name, nam.NAM_ESA);
data/zip-3.0/vms/vms.c:547:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( p, s);
data/zip-3.0/vms/vms.c:565:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( p, result);
data/zip-3.0/vms/vms.c:573:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( p, exp);
data/zip-3.0/vms/vmsmunch.c:228:18: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
unsigned system : 4;
data/zip-3.0/vms/vmszip.c:618:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if ((m > 0) && (*(c = strcpy(p,n)+m-1) != ']'))
data/zip-3.0/vms/vmszip.c:638:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, wild_version_part);
data/zip-3.0/vms/vmszip.c:751:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, n);
data/zip-3.0/vms/vmszip.c:908:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( n, ext_dir_and_name);
data/zip-3.0/vms/vmszip.c:1244:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(x, n);
data/zip-3.0/vms/vmszip.c:1264:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( (x+ i), n);
data/zip-3.0/vms/vmszip.c:1338:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(timbuf, "%02d-%3s-%04d %02d:%02d:%02d.00", tm_mday, month[tm_mon],
data/zip-3.0/vms/vmszip.c:1380:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, f);
data/zip-3.0/vms/vmszip.c:1440:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(strcat(strcpy(s, "set prot=(o:rwed) "), d));
data/zip-3.0/vms/vmszip.c:1440:12: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
system(strcat(strcpy(s, "set prot=(o:rwed) "), d));
data/zip-3.0/win32/nt.c:336:13: [4] (buffer) lstrcpynA:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
lstrcpynA(g_VolumeCaps.RootPath, TempRootPath, cchTempRootPath+1);
data/zip-3.0/win32/osdep.h:79:9: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
#define popen _popen
data/zip-3.0/win32/osdep.h:376:57: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
# define ISO_TO_INTERN(src, dst) {if ((src) != (dst)) strcpy((dst), (src));}
data/zip-3.0/win32/osdep.h:378:57: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
# define INTERN_TO_ISO(src, dst) {if ((src) != (dst)) strcpy((dst), (src));}
data/zip-3.0/win32/osdep.h:388:57: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
# define OEM_TO_INTERN(src, dst) {if ((src) != (dst)) strcpy((dst), (src));}
data/zip-3.0/win32/osdep.h:390:57: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
# define INTERN_TO_OEM(src, dst) {if ((src) != (dst)) strcpy((dst), (src));}
data/zip-3.0/win32/win32.c:1257:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(CompiledWith, COMPILER_NAME1, COMPILER_NAME2,
data/zip-3.0/win32/win32.c:1388:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, e);
data/zip-3.0/win32/win32.c:1398:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, wide_to_mb_default_string);
data/zip-3.0/win32/win32.c:1402:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, e);
data/zip-3.0/win32/win32zip.c:125:3: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(pw, nw);
data/zip-3.0/win32/win32zip.c:166:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, n);
data/zip-3.0/win32/win32zip.c:172:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(q, wild_match_all);
data/zip-3.0/win32/win32zip.c:412:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(q, f);
data/zip-3.0/win32/win32zip.c:486:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fcp, fp);
data/zip-3.0/win32/win32zip.c:599:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(r, q);
data/zip-3.0/win32/win32zip.c:816:5: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(newwhole, whole);
data/zip-3.0/win32/win32zip.c:828:13: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(newwhole + newlen, name);
data/zip-3.0/win32/win32zip.c:832:17: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(name, subwild);
data/zip-3.0/win32/win32zip.c:906:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newwhole, whole);
data/zip-3.0/win32/win32zip.c:918:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newwhole + newlen, name);
data/zip-3.0/win32/win32zip.c:922:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, subwild);
data/zip-3.0/win32/win32zip.c:1009:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, w);
data/zip-3.0/win32/win32zip.c:1191:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, n);
data/zip-3.0/win32/win32zip.c:1212:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcpy(a, p), e);
data/zip-3.0/win32/win32zip.c:1212:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcat(strcpy(a, p), e);
data/zip-3.0/win32/win32zip.c:1333:7: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(pw, nw);
data/zip-3.0/win32/win32zip.c:1354:11: [4] (buffer) wcscat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
wcscat(wcscpy(aw, pw), ew);
data/zip-3.0/win32/win32zip.c:1354:18: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscat(wcscpy(aw, pw), ew);
data/zip-3.0/win32/win32zip.c:1453:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(n, t);
data/zip-3.0/win32/win32zip.c:1522:3: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(nw, tw);
data/zip-3.0/win32/win32zip.c:1547:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(x, n);
data/zip-3.0/win32/win32zip.c:1564:3: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(xw, nw);
data/zip-3.0/win32/win32zip.c:1634:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, f);
data/zip-3.0/win32/win32zip.c:1717:3: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(namew, fw);
data/zip-3.0/windll/example.c:149:4: [4] (buffer) lstrcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
lstrcpy(szFullPath, ofs.szPathName);
data/zip-3.0/windll/example.c:297:5: [4] (buffer) lstrcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
lstrcpy(sz, argv[i+2]);
data/zip-3.0/windll/windll.c:115:19: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
int __far __cdecl printf(const char *format, ...)
data/zip-3.0/windll/windll.c:141:19: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
int __far __cdecl fprintf(FILE *file, const char *format, ...)
data/zip-3.0/windll/windll.h:33:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(szBuffer, "File %s, Line %d",\
data/zip-3.0/zip.c:681:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(copyright[i], "zip");
data/zip-3.0/zip.c:686:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(text[i], VERSION, REVDATE);
data/zip-3.0/zip.c:1184:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(copyright[i], "zip");
data/zip-3.0/zip.c:1190:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(versinfolines[i], "Zip", VERSION, REVDATE);
data/zip-3.0/zip.c:1298:22: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((unzip_out = popen(cmd, "r")) == NULL) {
data/zip-3.0/zip.c:1342:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(zipnam, zipname);
data/zip-3.0/zip.c:1345:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(zipnam, zipname);
data/zip-3.0/zip.c:1363:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cmd, unzip_path);
data/zip-3.0/zip.c:1366:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(cmd, zipnam);
data/zip-3.0/zip.c:1368:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(cmd, here + 2);
data/zip-3.0/zip.c:1371:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cmd, unzip_path);
data/zip-3.0/zip.c:1373:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(cmd, zipnam);
data/zip-3.0/zip.c:1376:14: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
status = system(cmd);
data/zip-3.0/zip.c:1447:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cmd, unzip_path);
data/zip-3.0/zip.c:1452:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(cmd, zipname);
data/zip-3.0/zip.c:1455:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(cmd, zipname);
data/zip-3.0/zip.c:1458:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(cmd, here + 2);
data/zip-3.0/zip.c:1461:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cmd, unzip_path);
data/zip-3.0/zip.c:1465:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(cmd, zipname);
data/zip-3.0/zip.c:1468:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(cmd, zipname);
data/zip-3.0/zip.c:1489:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(cmd, zipname);
data/zip-3.0/zip.c:1492:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(cmd, zipname);
data/zip-3.0/zip.c:1496:12: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
result = system(cmd);
data/zip-3.0/zip.c:1554:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "%c pattern file '%s'", flag, pattern);
data/zip-3.0/zip.c:1658:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, filearg);
data/zip-3.0/zip.c:2751:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "option -ds (--dot-size) has bad size: '%s'",
data/zip-3.0/zip.c:2762:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "dot size must be at least 32 KB: '%s'", value);
data/zip-3.0/zip.c:3001:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "bad split size: '%s'", value);
data/zip-3.0/zip.c:3020:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "minimum split size is 64 KB: '%s'", value);
data/zip-3.0/zip.c:3364:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(in_path, zipfile);
data/zip-3.0/zip.c:3372:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(out_path, zipfile);
data/zip-3.0/zip.c:3572:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, logfile_path);
data/zip-3.0/zip.c:3584:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "could not open logfile '%s'", logfile_path);
data/zip-3.0/zip.c:3672:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "--out path must be different than in path: %s", out_path);
data/zip-3.0/zip.c:3876:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tempzip, tempath);
data/zip-3.0/zip.c:3886:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tempzip, zipfile);
data/zip-3.0/zip.c:4215:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tempath, zipfile);
data/zip-3.0/zip.c:4563:13: [4] (buffer) wcscat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
wcscat(fnw, z->znamew);
data/zip-3.0/zip.c:4574:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fn, z->zname);
data/zip-3.0/zip.c:4588:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fn, z->uname);
data/zip-3.0/zip.c:4590:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fn, z->zname);
data/zip-3.0/zip.c:4714:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcat(errbuf, args[i]), "\" ");
data/zip-3.0/zip.c:4715:14: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcat(errbuf, args[i]), " *.* -i");
data/zip-3.0/zip.c:4719:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcat(errbuf, " "), args[i]);
data/zip-3.0/zip.c:4727:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcat(errbuf, " "), args[i]);
data/zip-3.0/zip.c:4877:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tempzip, tempath);
data/zip-3.0/zip.c:4887:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tempzip, zipfile);
data/zip-3.0/zip.c:5089:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "was zipping %s", z->name);
data/zip-3.0/zip.c:5097:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "was copying %s", z->oname);
data/zip-3.0/zip.c:5149:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "was zipping %s", z->name);
data/zip-3.0/zip.c:5158:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "was copying %s", z->oname);
data/zip-3.0/zip.c:5224:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "was copying %s", z->oname);
data/zip-3.0/zip.c:5448:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "was copying %s", z->oname);
data/zip-3.0/zip.c:5486:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(f->iname, f->uname);
data/zip-3.0/zip.c:5578:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "was zipping %s", z->oname);
data/zip-3.0/zip.c:5609:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "was zipping %s", z->name);
data/zip-3.0/zip.c:5721:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(z->comment, p);
data/zip-3.0/zip.c:5741:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, e);
data/zip-3.0/zip.c:5801:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, e);
data/zip-3.0/zip.c:5816:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcat(strcpy(p, zcomment), "\r\n"), e);
data/zip-3.0/zip.c:5816:23: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcat(strcat(strcpy(p, zcomment), "\r\n"), e);
data/zip-3.0/zip.c:5818:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, *e ? e : "\r\n");
data/zip-3.0/zip.c:5830:8: [4] (buffer) lstrcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
lstrcpy(p, szCommentBuf);
data/zip-3.0/zip.h:573:20: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define Trace(x) fprintf x
data/zip-3.0/zip.h:574:35: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define Tracev(x) {if (verbose) fprintf x ;}
data/zip-3.0/zip.h:575:38: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define Tracevv(x) {if (verbose>1) fprintf x ;}
data/zip-3.0/zip.h:576:44: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define Tracec(c,x) {if (verbose && (c)) fprintf x ;}
data/zip-3.0/zip.h:577:47: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define Tracecv(c,x) {if (verbose>1 && (c)) fprintf x ;}
data/zip-3.0/zipcloak.c:237:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(help_info[i], VERSION, REVDATE);
data/zip-3.0/zipcloak.c:262:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(copyright[i], "zipcloak");
data/zip-3.0/zipcloak.c:269:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(versinfolines[i], "ZipCloak", VERSION, REVDATE);
data/zip-3.0/zipcloak.c:556:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(in_path, zipfile);
data/zip-3.0/zipcloak.c:563:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(out_path, zipfile);
data/zip-3.0/zipcloak.c:598:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tempzip, tempath);
data/zip-3.0/zipcloak.c:608:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tempzip, zipfile);
data/zip-3.0/zipfile.c:378:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(t, s);
data/zip-3.0/zipfile.c:424:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(t, disk);
data/zip-3.0/zipfile.c:832:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(iname, pZipListEntry->iname);
data/zip-3.0/zipfile.c:854:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Unicode does not match path: %s\n", pZipListEntry->oname);
data/zip-3.0/zipfile.c:874:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(UPath, pZipListEntry->name);
data/zip-3.0/zipfile.c:937:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(iname, pZipListEntry->iname);
data/zip-3.0/zipfile.c:954:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Unicode does not match path: %s\n", pZipListEntry->oname);
data/zip-3.0/zipfile.c:974:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(UPath, pZipListEntry->name);
data/zip-3.0/zipfile.c:1519:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inameLocal, pZEntry->iname);
data/zip-3.0/zipfile.c:1646:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inameLocal, pZEntry->iname);
data/zip-3.0/zipfile.c:2287:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(locz->name, locz->iname);
data/zip-3.0/zipfile.c:2847:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(z->zname, z->name);
data/zip-3.0/zipfile.c:2855:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(z->name, z->iname);
data/zip-3.0/zipfile.c:2859:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(z->zname, z->iname);
data/zip-3.0/zipfile.c:2884:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(z->oname, z->zname);
data/zip-3.0/zipfile.c:3343:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "End record (EOCDR) only %s bytes - assume truncated",
data/zip-3.0/zipfile.c:3549:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "EOCDR found (%2lu %6s)...",
data/zip-3.0/zipfile.c:3558:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Zip64 EOCDR found (%2lu %6s)...",
data/zip-3.0/zipfile.c:3567:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Zip64 EOCDL found (%2lu %6s)...",
data/zip-3.0/zipfile.c:3578:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, " Local (%2lu %6s):",
data/zip-3.0/zipfile.c:3619:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Entry after central directory found (%2lu %6s)...",
data/zip-3.0/zipfile.c:3671:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, " Cen (%2lu %6s): ",
data/zip-3.0/zipfile.c:3774:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "updating: %s", cz->iname);
data/zip-3.0/zipfile.c:3809:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(z->uname, z->iname);
data/zip-3.0/zipfile.c:3901:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "no local entry: %s", cz->iname);
data/zip-3.0/zipfile.c:3928:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(errbuf, errbuftemp);
data/zip-3.0/zipfile.c:3930:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuftemp, "on disk %lu at %s\n", current_in_disk,
data/zip-3.0/zipfile.c:3932:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(errbuf, errbuftemp);
data/zip-3.0/zipfile.c:4391:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Zip entry offsets appear off by %s bytes - correcting...",
data/zip-3.0/zipfile.c:4632:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(split_path, in_path);
data/zip-3.0/zipfile.c:4664:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(split_path, in_path);
data/zip-3.0/zipfile.c:4728:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(errbuf, errbuftemp);
data/zip-3.0/zipfile.c:4730:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuftemp, "on disk %lu at %s\n", current_in_disk,
data/zip-3.0/zipfile.c:4732:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(errbuf, errbuftemp);
data/zip-3.0/zipfile.c:4737:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "unexpected signature on disk %lu at %s\n",
data/zip-3.0/zipfile.c:4855:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(z->uname, z->iname);
data/zip-3.0/zipfile.c:4928:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(z->name, z->zname);
data/zip-3.0/zipfile.c:4955:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, z->iname);
data/zip-3.0/zipfile.c:4966:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(z->zuname, name);
data/zip-3.0/zipfile.c:4979:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(z->ouname, name);
data/zip-3.0/zipfile.c:4986:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(z->ouname, name);
data/zip-3.0/zipfile.c:5008:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(z->wuname, z->ouname);
data/zip-3.0/zipfile.c:5048:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(z->oname, z->zname);
data/zip-3.0/zipfile.c:5077:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "expected %s entries but found %s",
data/zip-3.0/zipfile.c:6182:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(localz->name, localz->iname);
data/zip-3.0/zipfile.c:6205:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(localz->iname, localz->uname);
data/zip-3.0/zipfile.c:6306:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(localz->iname, z->iname);
data/zip-3.0/zipfile.c:6351:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(z->oname, localz->iname);
data/zip-3.0/zipfile.c:6359:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, " copying: %s ", z->oname);
data/zip-3.0/zipfile.c:6499:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(z->cextra, localz->extra);
data/zip-3.0/zipfile.c:6512:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(z->zname, z->iname);
data/zip-3.0/zipfile.c:6524:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, " (%s bytes)", zip_fzofft(z->siz, NULL, "u"));
data/zip-3.0/zipfile.c:6529:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "expected compressed/stored size %s, actual %s",
data/zip-3.0/zipnote.c:261:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(copyright[i], "zipnote");
data/zip-3.0/zipnote.c:266:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(text[i], VERSION, REVDATE);
data/zip-3.0/zipnote.c:291:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(copyright[i], "zipnote");
data/zip-3.0/zipnote.c:297:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(versinfolines[i], "ZipNote", VERSION, REVDATE);
data/zip-3.0/zipnote.c:376:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcat(strcpy(p, *a), **a ? "\r\n" : ""), s);
data/zip-3.0/zipnote.c:376:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcat(strcpy(p, *a), **a ? "\r\n" : ""), s);
data/zip-3.0/zipnote.c:376:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcat(strcat(strcpy(p, *a), **a ? "\r\n" : ""), s);
data/zip-3.0/zipnote.c:527:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(in_path, zipfile);
data/zip-3.0/zipnote.c:575:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(z->iname, a+2);
data/zip-3.0/zipnote.c:619:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tempzip, tempath);
data/zip-3.0/zipnote.c:629:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tempzip, zipfile);
data/zip-3.0/zipsplit.c:234:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, INDEX);
data/zip-3.0/zipsplit.c:239:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(name, template, zipsmade);
data/zip-3.0/zipsplit.c:313:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(copyright[i], "zipsplit");
data/zip-3.0/zipsplit.c:318:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(text[i], VERSION, REVDATE);
data/zip-3.0/zipsplit.c:340:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(versinfolines[i], "ZipSplit", VERSION, REVDATE);
data/zip-3.0/zipsplit.c:695:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(in_path, zipfile);
data/zip-3.0/zipsplit.c:723:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Entry is larger than max split size of: %s",
data/zip-3.0/zipsplit.c:772:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, tempath);
data/zip-3.0/zipsplit.c:854:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(template + r, TEMPL_FMT, k);
data/zip-3.0/zipsplit.c:860:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(template,tempath);
data/zip-3.0/zipsplit.c:890:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, INDEX);
data/zip-3.0/zipsplit.c:912:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(name, template, j + 1L);
data/zip-3.0/zipup.c:1302:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "incompatible zlib version (expected %s, found %s)",
data/zip-3.0/acorn/riscos.c:258:11: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
envptr = getenv(envstr);
data/zip-3.0/amiga/filedate.c:192:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *getenv(const char *var);
data/zip-3.0/amiga/filedate.c:322:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *getenv(const char *var) /* not reentrant! */
data/zip-3.0/amiga/filedate.c:390:22: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
exists = (void *)getenv(TZ_ENVVAR);
data/zip-3.0/crypt.c:222:9: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand((unsigned)time(NULL) ^ ZCR_SEED2);
data/zip-3.0/fileio.c:1339:3: [3] (tmpfile) tmpnam:
Temporary file race condition (CWE-377).
tmpnam(t);
data/zip-3.0/fileio.c:1348:3: [3] (tmpfile) tmpnam:
Temporary file race condition (CWE-377).
tmpnam(t);
data/zip-3.0/fileio.c:1400:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
strcat(cptr, getenv("DEFAULTS"));
data/zip-3.0/fileio.c:1418:5: [3] (tmpfile) tmpnam:
Temporary file race condition (CWE-377).
tmpnam(ptr); /* Add filename */
data/zip-3.0/macos/source/getenv.c:86:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *getenv(const char *name);
data/zip-3.0/macos/source/getenv.c:271:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *getenv(const char *name)
data/zip-3.0/macos/source/getenv.c:381:1: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
getenv(" ");
data/zip-3.0/macos/source/macopen.c:208:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
envptr = getenv("Immediate_File_Deletion");
data/zip-3.0/macos/source/macos.c:285:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
envptr = getenv("Immediate_File_Deletion");
data/zip-3.0/msdos/msdos.c:783:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char * var = getenv("OS");
data/zip-3.0/msdos/msdos.c:798:11: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
var = getenv("windir");
data/zip-3.0/tailor.h:280:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
IZ_IMP char *getenv();
data/zip-3.0/timezone.c:484:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
TZstring = getenv("TZ"); /* read TZ envvar */
data/zip-3.0/ttyio.c:400:20: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *envptr, *getenv();
data/zip-3.0/ttyio.c:408:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
envptr = getenv("LINES");
data/zip-3.0/ttyio.c:418:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
envptr = getenv("COLUMNS");
data/zip-3.0/util.c:819:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
envptr = getenv(envstr);
data/zip-3.0/util.c:824:23: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((envptr = getenv(envstr2)) != NULL) /* alternate */
data/zip-3.0/win32/nt.c:126:5: [3] (misc) InitializeCriticalSection:
Exceptions can be thrown in low-memory situations. Use
InitializeCriticalSectionAndSpinCount instead.
InitializeCriticalSection( &VolumeCapsLock );
data/zip-3.0/win32/nt.c:297:5: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
EnterCriticalSection( &VolumeCapsLock );
data/zip-3.0/win32/nt.c:331:9: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
EnterCriticalSection( &VolumeCapsLock );
data/zip-3.0/win32/rsxntwin.h:160:13: [3] (misc) InitializeCriticalSection:
Exceptions can be thrown in low-memory situations. Use
InitializeCriticalSectionAndSpinCount instead.
VOID WINAPI InitializeCriticalSection();
data/zip-3.0/windll/example.c:204:11: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
hZipDll = LoadLibrary(ZIP_DLL_NAME);
data/zip-3.0/zip.c:1239:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
envptr = getenv(zipenv_names[i]);
data/zip-3.0/zip.c:2506:23: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
(((tmp = getenv("TZ")) != NULL) && (*tmp != '\0'))
data/zip-3.0/acorn/acornzip.c:144:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(path,"@.");
data/zip-3.0/acorn/riscos.c:180:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char canon[256];
data/zip-3.0/acorn/riscos.c:220:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char canon[256];
data/zip-3.0/acorn/riscos.c:249:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/zip-3.0/acorn/riscos.c:306:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ext, exptr+1, i);
data/zip-3.0/acorn/riscos.h:19:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errmess[252];
data/zip-3.0/acorn/riscos.h:61:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d_name[MAXFILENAMELEN]; /* name */
data/zip-3.0/acorn/riscos.h:70:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[13];
data/zip-3.0/acorn/zipup.h:12:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define zopen(n,p) fopen(n,p)
data/zip-3.0/amiga/amigazip.c:437:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[16]; /* compiler name */
data/zip-3.0/amiga/amigazip.c:438:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[16]; /* revstamp */
data/zip-3.0/amiga/amigazip.c:439:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[16]; /* OS */
data/zip-3.0/amiga/amigazip.c:440:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf4[16]; /* Date */
data/zip-3.0/amiga/amigazip.c:447:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf1,"SAS/C ");
data/zip-3.0/amiga/amigazip.c:450:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf1,"Lattice C ");
data/zip-3.0/amiga/amigazip.c:453:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf1,"Manx Aztec C ");
data/zip-3.0/amiga/amigazip.c:455:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf1,"UNKNOWN ");
data/zip-3.0/amiga/amigazip.c:460:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf3,"AmigaDOS v%d",WBversion);
data/zip-3.0/amiga/amigazip.c:462:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf1,"Unknown compiler ");
data/zip-3.0/amiga/amigazip.c:463:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf3,"Unknown OS");
data/zip-3.0/amiga/amigazip.c:472:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf2,"version %d.%d",__VERSION__,__REVISION__);
data/zip-3.0/amiga/amigazip.c:475:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf2,"version %d",__VERSION__);
data/zip-3.0/amiga/amigazip.c:477:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf2,"unknown version");
data/zip-3.0/amiga/amigazip.c:484:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf4," unknown date");
data/zip-3.0/amiga/filedate.c:324:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char space[ENVSIZE];
data/zip-3.0/amiga/filedate.c:387:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char put_tz[MAXTIMEZONELEN]; /* string for putenv: "TZ=aaabbb:bb:bbccc" */
data/zip-3.0/amiga/filedate.c:394:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(put_tz, "GMT%+ld", time_zone / 3600L);
data/zip-3.0/amiga/filedate.c:397:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(put_tz + strlen(put_tz), ":%02d", offset / 60);
data/zip-3.0/amiga/filedate.c:399:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(put_tz + strlen(put_tz), ":%02d", offset % 60);
data/zip-3.0/amiga/filedate.c:402:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(put_tz,"DST");
data/zip-3.0/amiga/filedate.c:583:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char longspace[8];
data/zip-3.0/amiga/zipup.h:18:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define zopen(n,p) open(n,p)
data/zip-3.0/aosvs/aosvs.c:36:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extra_header_id[2]; /* set to VS - in theory, an int */
data/zip-3.0/aosvs/aosvs.c:37:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extra_data_size[2]; /* size of rest, in Intel little-endian order */
data/zip-3.0/aosvs/aosvs.c:38:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extra_sentinel[4]; /* set to FCI w/ trailing null */
data/zip-3.0/aosvs/aosvs.c:41:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aclbuf[$MXACL]; /* raw ACL, or link-resolution name */
data/zip-3.0/aosvs/aosvs.c:50:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
local char zlinkres[$MXPL]; /* buf for link resolution contents */
data/zip-3.0/aosvs/aosvs.c:51:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
local char znamebuf[$MXPL]; /* buf for AOS/VS filename */
data/zip-3.0/aosvs/aosvs.c:52:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char vsnamebuf[$MXPL];
data/zip-3.0/aosvs/aosvs.c:53:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char uxnamebuf[FNMAX];
data/zip-3.0/aosvs/aosvs.c:214:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(n, "../");
data/zip-3.0/aosvs/aosvs.c:221:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(n, "/PER/");
data/zip-3.0/aosvs/aosvs.c:427:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *) z->extra, (char *) &zzextrafld,
data/zip-3.0/aosvs/aosvs.c:461:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *) z->extra, (char *) &zzextrafld,
data/zip-3.0/api.c:61:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szOrigDir[PATH_MAX];
data/zip-3.0/api.c:78:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szRootDir[PATH_MAX], szExcludeList[PATH_MAX], szIncludeList[PATH_MAX], szTempDir[PATH_MAX];
data/zip-3.0/api.c:90:1: [2] (buffer) lstrcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Risk is low because the source is a constant string.
lstrcat(str1, " @");
data/zip-3.0/api.c:318:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( argVee[argCee], "wiz.exe" );
data/zip-3.0/api.h:62:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char betalevel[10]; /* e.g., "g BETA" or "" */
data/zip-3.0/api.h:63:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date[20]; /* e.g., "4 Sep 95" (beta) or "4 September 1995" */
data/zip-3.0/api.h:64:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zlib_version[10]; /* e.g., "0.95" or NULL */
data/zip-3.0/atari/atari.c:51:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char vol[14];
data/zip-3.0/atari/atari.c:56:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(vol+1, ":/");
data/zip-3.0/atari/atari.c:60:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(vol, "*.*");
data/zip-3.0/atari/atari.c:103:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char v[5]; /* space for device current directory */
data/zip-3.0/atari/atari.c:143:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
p = strcpy(v, "/.");
data/zip-3.0/atari/atari.c:232:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char fullpath[FILENAME_MAX], file_arg[FILENAME_MAX];
data/zip-3.0/atari/atari.c:252:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fn[FILENAME_MAX];
data/zip-3.0/atari/atari.c:258:20: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(strcat(path, " -> "), fn);
data/zip-3.0/atari/atari.c:616:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(z->cextra, z->extra, (EB_HEADSIZE+EB_UT_LEN(1)));
data/zip-3.0/atari/atari.c:647:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[40];
data/zip-3.0/atari/atari.c:656:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
"cc ", (sprintf(buf, " version %d", _RELEASE), buf),
data/zip-3.0/atari/atari.c:659:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
"Turbo C", (sprintf(buf, " (0x%04x = %d)", __TURBOC__, __TURBOC__), buf),
data/zip-3.0/atari/zipup.h:15:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define zopen(n,p) open(n,p)
data/zip-3.0/atheos/atheos.c:406:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open( name, linkput ? O_RDONLY | O_NOTRAVERSE : O_RDONLY );
data/zip-3.0/atheos/atheos.c:461:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ptr, &fa_info, sizeof( struct attr_info ) );
data/zip-3.0/atheos/atheos.c:468:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[80];
data/zip-3.0/atheos/atheos.c:469:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buff, "read %d, expected %d", read_bytes, (ssize_t)fa_info.ai_size );
data/zip-3.0/atheos/atheos.c:576:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(c_ef, l_ef-EB_L_UT_SIZE, EB_C_UT_SIZE);
data/zip-3.0/atheos/atheos.c:767:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( l_ef, compbuff, (size_t)compsize );
data/zip-3.0/atheos/atheos.c:834:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open( file, O_RDWR );
data/zip-3.0/atheos/zipup.h:18:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define zopen(n,p) open(n,p)
data/zip-3.0/beos/beos.c:72:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define opendir(path) fopen(path, "r")
data/zip-3.0/beos/beos.c:392:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open( name, O_RDONLY | O_NOTRAVERSE );
data/zip-3.0/beos/beos.c:394:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open( name, O_RDONLY );
data/zip-3.0/beos/beos.c:460:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ptr, &big_fa_info, sizeof( struct attr_info ) );
data/zip-3.0/beos/beos.c:470:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[80];
data/zip-3.0/beos/beos.c:472:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buff, "read %ld, expected %ld",
data/zip-3.0/beos/beos.c:589:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(c_ef, l_ef-EB_L_UT_SIZE, EB_C_UT_SIZE);
data/zip-3.0/beos/beos.c:785:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( l_ef, compbuff, (size_t)compsize );
data/zip-3.0/beos/beos.c:862:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open( file, O_RDWR );
data/zip-3.0/beos/zipup.h:15:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define zopen(n,p) open(n,p)
data/zip-3.0/cmsmvs/cms.c:26:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((stream = fopen(n, "r")) != (FILE *)NULL)
data/zip-3.0/cmsmvs/cmsmvs.c:22:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((buf->fp = fopen(path, "r")) != NULL) {
data/zip-3.0/cmsmvs/cmsmvs.c:80:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mem[10] = ""; /* member name */
data/zip-3.0/cmsmvs/cmsmvs.c:81:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[10] = ""; /* extension name */
data/zip-3.0/cmsmvs/cmsmvs.c:192:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((stream = fopen(f, FOPR)) == (FILE *)NULL) {
data/zip-3.0/cmsmvs/cmsmvs.c:264:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
stream = fopen(z->name,"rb");
data/zip-3.0/cmsmvs/cmsmvs.c:266:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
stream = fopen(z->name,"r");
data/zip-3.0/cmsmvs/cmsmvs.c:285:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(eb_ptr+EB_HEADSIZE,&fdata,sizeof(fdata));
data/zip-3.0/cmsmvs/cmsmvs.c:325:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[50];
data/zip-3.0/cmsmvs/cmsmvs.c:328:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char argstr[256];
data/zip-3.0/cmsmvs/cmsmvs.c:341:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(argstr, pCmdStart, iArgLen);
data/zip-3.0/cmsmvs/cmsmvs.c:367:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char liblvlmsg [50+1];
data/zip-3.0/cmsmvs/cmsmvs.c:370:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char complevel[64];
data/zip-3.0/cmsmvs/cmsmvs.c:413:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(complevel," V%dR%dM%d",
data/zip-3.0/cmsmvs/cmsmvs.c:417:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(complevel," V%dR%d", __IBMC__ / 100, (__IBMC__ % 100)/10);
data/zip-3.0/cmsmvs/cmsmvs.h:72:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
# define fdopen fopen
data/zip-3.0/cmsmvs/cstat.h:47:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[FILENAME_MAX];
data/zip-3.0/cmsmvs/mvs.c:18:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ptr, *name, ttr[TTRLEN];
data/zip-3.0/cmsmvs/mvs.c:29:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ttr, ptr, TTRLEN ); /* ttr name */
data/zip-3.0/cmsmvs/mvs.c:39:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( new->d_name, name, NAMELEN );
data/zip-3.0/cmsmvs/mvs.c:58:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen( dirname, "rb" );
data/zip-3.0/cmsmvs/mvs.c:142:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen(n, "r");
data/zip-3.0/cmsmvs/mvs.h:15:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d_name[NAMELEN+1];
data/zip-3.0/cmsmvs/mvs.h:21:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char D_path[FILENAME_MAX];
data/zip-3.0/cmsmvs/mvs.h:37:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rest[RECLEN];
data/zip-3.0/cmsmvs/zipup.h:14:29: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define zopen(n,p) (ftype)fopen((n),(p))
data/zip-3.0/crypt.c:634:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hh, h, RAND_HEAD_LEN);
data/zip-3.0/deflate.c:623:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)window, (char*)window+WSIZE, (unsigned)WSIZE);
data/zip-3.0/fileio.c:110:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[GETNAM_MAX + 1];
data/zip-3.0/fileio.c:469:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempbuf[FNMAX+4081];
data/zip-3.0/fileio.c:473:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(errbuf, " ");
data/zip-3.0/fileio.c:479:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(errbuf, " ");
data/zip-3.0/fileio.c:482:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(errbuf, "\n this may be a result of using -j");
data/zip-3.0/fileio.c:1362:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(t+1, tempath, l2); /* insert new hlq */
data/zip-3.0/fileio.c:1380:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cur_subvol [FILENAME_MAX];
data/zip-3.0/fileio.c:1381:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp_subvol [FILENAME_MAX];
data/zip-3.0/fileio.c:1486:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(p, "%08lx", (ulg)time(NULL));
data/zip-3.0/fileio.c:1490:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(t, "ziXXXXXX"); /* must use lowercase for Linux dos file system */
data/zip-3.0/fileio.c:1590:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sbuf[4]; /* buffer for sliding signature window for fix = 2 */
data/zip-3.0/fileio.c:1977:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst,src,len) /* v2.0f */
data/zip-3.0/fileio.c:2043:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[SPLIT_MAXPATH + 100];
data/zip-3.0/fileio.c:2085:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(split_dir, "(current directory)");
data/zip-3.0/fileio.c:2185:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, "(current directory)");
data/zip-3.0/fileio.c:2233:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((f = fopen(split_path, "r")) == NULL) {
data/zip-3.0/fileio.c:2248:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((f = fopen(split_path, "r")) == NULL) {
data/zip-3.0/fileio.c:2286:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[FNMAX + 40];
data/zip-3.0/fileio.c:2313:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(split_dir, "(current directory)");
data/zip-3.0/fileio.c:2351:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, "(current directory)");
data/zip-3.0/fileio.c:2421:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[6];
data/zip-3.0/fileio.c:2446:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ext, "z%02lu", num);
data/zip-3.0/fileio.c:2492:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[6];
data/zip-3.0/fileio.c:2508:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ext, "z%02lu", num);
data/zip-3.0/fileio.c:2715:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tempzip, "ziXXXXXX");
data/zip-3.0/fileio.c:2717:21: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
if ((yd = mkstemp(tempzip)) == EOF) {
data/zip-3.0/fileio.c:3001:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mb[6];
data/zip-3.0/fileio.c:3156:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char e[7];
data/zip-3.0/fileio.c:3183:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(e, "%02x", b[i]);
data/zip-3.0/fileio.c:3284:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[9];
data/zip-3.0/fileio.c:3359:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[9];
data/zip-3.0/fileio.c:3714:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
local char Far optionerrbuf[OPTIONERR_BUF_SIZE + 1];
data/zip-3.0/fileio.c:3745:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char optname[50];
data/zip-3.0/fileio.c:4101:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if ((*value = (char *)malloc(strlen(args[argnum + 1]) + 1)) == NULL) {
data/zip-3.0/fileio.c:4127:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if ((*value = (char *)malloc(strlen(args[argnum + 1]) + 1)) == NULL) {
data/zip-3.0/fileio.c:4197:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if ((arg = (char *)malloc(strlen(args[argnum]) + 1)) == NULL) {
data/zip-3.0/fileio.c:4302:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if ((*value = (char *)malloc(strlen(args[argnum + 1]) + 1)) == NULL) {
data/zip-3.0/fileio.c:4705:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if ((*value = (char *)malloc(strlen(args[argn]) + 1)) == NULL) {
data/zip-3.0/fileio.c:4759:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if ((*value = (char *)malloc(strlen(args[argn]) + 1)) == NULL) {
data/zip-3.0/globals.c:25:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[FNMAX+4081];
data/zip-3.0/human68k/human68k.c:342:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[40];
data/zip-3.0/human68k/human68k.c:351:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
"cc ", (sprintf(buf, " version %d", _RELEASE), buf),
data/zip-3.0/human68k/zipup.h:12:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define zopen(n,p) open(n,p)
data/zip-3.0/macos/osdep.h:100:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define fopen(path, mode) MacFopen(path, mode)
data/zip-3.0/macos/osdep.h:101:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define open(path, oflag) MacOpen(path, oflag)
data/zip-3.0/macos/source/charmap.h:42:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ZCONST unsigned char MacRoman_to_WinCP1252[128] = {
data/zip-3.0/macos/source/charmap.h:176:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ZCONST unsigned char WinCP1252_to_MacRoman[128] = {
data/zip-3.0/macos/source/extrafld.c:255:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(c_ef, l_ef-EB_L_UT_SIZE, EB_C_UT_SIZE);
data/zip-3.0/macos/source/extrafld.c:549:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(l_ef, compbuff, (size_t)compsize);
data/zip-3.0/macos/source/extrafld.c:630:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_buffer[NAME_MAX];
data/zip-3.0/macos/source/extrafld.c:631:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char comment[257];
data/zip-3.0/macos/source/extrafld.c:758:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ef, temp_Pathname, (size_t)FLength );
data/zip-3.0/macos/source/extrafld.c:772:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ef, tmp_buffer, (size_t)CLength );
data/zip-3.0/macos/source/extrafld.c:905:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Fork[20];
data/zip-3.0/macos/source/getenv.c:59:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char CompletePath[NAME_MAX];
data/zip-3.0/macos/source/getenv.c:224:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cmd[MAX_COMMAND];
data/zip-3.0/macos/source/helpers.c:40:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern ZCONST unsigned char MacRoman_to_WinCP1252[128];
data/zip-3.0/macos/source/helpers.c:43:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char argStr[1024];
data/zip-3.0/macos/source/helpers.c:44:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *argv[MAX_ARGS + 1];
data/zip-3.0/macos/source/helpers.c:146:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str[sizeof(value)*8];
data/zip-3.0/macos/source/helpers.c:291:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char VolumeName[257], volume[257];
data/zip-3.0/macos/source/helpers.c:460:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char VolName[257];
data/zip-3.0/macos/source/macglob.h:36:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char FullPath[NAME_MAX];
data/zip-3.0/macos/source/macglob.h:37:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char FileName[NAME_MAX];
data/zip-3.0/macos/source/macglob.h:64:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Pattern[NAME_MAX];
data/zip-3.0/macos/source/macglob.h:68:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char SearchDir[NAME_MAX];
data/zip-3.0/macos/source/macglob.h:69:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char CurrentPath[NAME_MAX];
data/zip-3.0/macos/source/macglob.h:72:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ZipFullPath[NAME_MAX];
data/zip-3.0/macos/source/macglob.h:76:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char TempZipFullPath[NAME_MAX];
data/zip-3.0/macos/source/macopen.c:33:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#undef open
data/zip-3.0/macos/source/macopen.c:34:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#undef fopen
data/zip-3.0/macos/source/macopen.c:40:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char TruncPath[NAME_MAX];
data/zip-3.0/macos/source/macopen.c:57:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return fopen(MacZip.ZipFullPath, mode);
data/zip-3.0/macos/source/macopen.c:67:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return fopen(MacZip.TempZipFullPath, mode);
data/zip-3.0/macos/source/macopen.c:79:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char RealFname[NAME_MAX];
data/zip-3.0/macos/source/macopen.c:111:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char lastpath[NAME_MAX];
data/zip-3.0/macos/source/macopen.c:112:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char currpath[NAME_MAX];
data/zip-3.0/macos/source/macopen.c:143:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newfname[NAME_MAX];
data/zip-3.0/macos/source/macopen.c:176:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char lastpath[NAME_MAX];
data/zip-3.0/macos/source/macopen.c:181:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char currpath[NAME_MAX], *envptr;
data/zip-3.0/macos/source/macos.c:59:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char ResourceMark[13]; /* var is initialized in file pathname.c */
data/zip-3.0/macos/source/macos.c:266:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char currpath[NAME_MAX], *envptr;
data/zip-3.0/macos/source/macos.c:381:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[NAME_MAX];
data/zip-3.0/macos/source/macos.c:460:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullpath[NAME_MAX];
data/zip-3.0/macos/source/macos.c:773:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[NAME_MAX];
data/zip-3.0/macos/source/macos.c:774:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer2[NAME_MAX];
data/zip-3.0/macos/source/macos.c:848:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char no_time[5] = "...";
data/zip-3.0/macos/source/macos.c:870:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char statusline[100];
data/zip-3.0/macos/source/macos.c:881:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(statusline, "%6d", filecount++);
data/zip-3.0/macos/source/macos.c:892:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[100];
data/zip-3.0/macos/source/macos.c:897:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d [%d%%]",progressSoFar, curr_percent);
data/zip-3.0/macos/source/macos.c:914:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char estStr[255];
data/zip-3.0/macos/source/macos.c:1028:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ZipVersion[100];
data/zip-3.0/macos/source/macos.c:1048:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char CopyR[300];
data/zip-3.0/macos/source/macos.c:1068:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ZipVersionLocal[50];
data/zip-3.0/macos/source/pathname.c:121:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[NAME_MAX], *tmpPtr, *namePtr;
data/zip-3.0/macos/source/pathname.c:264:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[255];
data/zip-3.0/macos/source/pathname.c:628:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char currentdir[NAME_MAX];
data/zip-3.0/macos/source/pathname.c:675:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char filename[35]; /* contents should be never longer than 32 chars */
data/zip-3.0/macos/source/pathname.c:678:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempLongFilename[1024], charnum[5];
data/zip-3.0/macos/source/pathname.c:710:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(charnum,"~%x", Num);
data/zip-3.0/macos/source/recurse.c:80:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char ResourceMark[13]; /* "XtraStuf.mac:" var is initialized in file pathname.c */
data/zip-3.0/macos/source/recurse.c:111:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer2[23];
data/zip-3.0/macos/source/recurse.c:122:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer2,"Globals->currentLevel: %d",Globals->currentLevel);
data/zip-3.0/macos/source/unixlike.c:77:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[NAME_MAX], path2[NAME_MAX];
data/zip-3.0/macos/source/unixlike.h:66:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d_name[NAME_MAX];
data/zip-3.0/msdos/msdos.c:149:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char vol[14];
data/zip-3.0/msdos/msdos.c:155:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(vol+1, ":/");
data/zip-3.0/msdos/msdos.c:548:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((h = open(f, 0)) != -1)
data/zip-3.0/msdos/msdos.c:838:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/zip-3.0/msdos/msdos.c:844:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "djgpp v%d.%02d / gcc ", __DJGPP__, __DJGPP_MINOR__);
data/zip-3.0/msdos/msdos.c:858:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "Watcom C/C++ %d.%02d", __WATCOMC__ / 100,
data/zip-3.0/msdos/msdos.c:861:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "Watcom C/C++ %d.%d", __WATCOMC__ / 100,
data/zip-3.0/msdos/msdos.c:917:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(sprintf(buf, "%d.%02d", _MSC_VER/100, _MSC_VER%100), buf)
data/zip-3.0/msdos/msdos.c:1115:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newname[4];
data/zip-3.0/msdos/zipup.h:12:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define zopen(n,p) open(n,p)
data/zip-3.0/novell/Netware.c:34:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fid[100];
data/zip-3.0/novell/Netware.c:65:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[_MAX_PATH];
data/zip-3.0/novell/Netware.c:66:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fsv[_MAX_SERVER+_MAX_VOLUME+1];
data/zip-3.0/novell/Netware.c:67:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fdir[_MAX_PATH];
data/zip-3.0/novell/Netware.c:68:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[_MAX_FNAME],fext[_MAX_EXT], both[_MAX_FNAME+_MAX_EXT];
data/zip-3.0/novell/Netware.c:102:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cwd[_MAX_PATH];
data/zip-3.0/novell/Netware.c:103:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char serverName[_MAX_SERVER];
data/zip-3.0/novell/Netware.c:104:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char volumeName[_MAX_VOLUME + 1];
data/zip-3.0/novell/Netware.c:105:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dirName[_MAX_DIR];
data/zip-3.0/novell/Netware.c:128:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[_MAX_PATH];
data/zip-3.0/novell/Netware.c:129:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zipdir[_MAX_PATH];
data/zip-3.0/novell/Netware.c:130:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szzipfile[_MAX_PATH];
data/zip-3.0/novell/Netware.c:252:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char v[5]; /* space for device current directory */
data/zip-3.0/novell/Netware.c:255:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[_MAX_PATH];
data/zip-3.0/novell/Netware.c:256:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fsv[_MAX_SERVER+_MAX_VOLUME+1];
data/zip-3.0/novell/Netware.c:257:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fdir[_MAX_PATH];
data/zip-3.0/novell/Netware.c:258:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[_MAX_FNAME],fext[_MAX_EXT], both[_MAX_FNAME+_MAX_EXT];
data/zip-3.0/novell/Netware.c:500:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szRelativ[512];
data/zip-3.0/novell/Netware.c:836:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/zip-3.0/novell/Netware.c:843:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(sprintf(buf, "djgpp v%d / gcc ", __DJGPP__), buf),
data/zip-3.0/novell/Netware.c:856:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(sprintf(buf, "Watcom C/C++ %d.%02d", __WATCOMC__ / 100,
data/zip-3.0/novell/Netware.c:859:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(sprintf(buf, "Watcom C/C++ %d.%d", __WATCOMC__ / 100,
data/zip-3.0/novell/Netware.c:908:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(sprintf(buf2, "(Visual C++ v%d.%d)", _MSC_VER/100 - 6,
data/zip-3.0/novell/Netware.c:911:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(sprintf(buf, "%d.%02d", _MSC_VER/100, _MSC_VER%100), buf),
data/zip-3.0/novell/Netware.c:957:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newname[4];
data/zip-3.0/novell/zipup.h:12:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define zopen(n,p) open(n,p)
data/zip-3.0/os2/os2.c:60:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char v[5]; /* space for device current directory */
data/zip-3.0/os2/os2.c:108:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
p = strcpy(v, "/.");
data/zip-3.0/os2/os2acl.c:87:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char acl_ugname[UNLEN+1];
data/zip-3.0/os2/os2acl.c:202:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/zip-3.0/os2/os2acl.c:238:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cwd[CCHMAXPATH];
data/zip-3.0/os2/os2acl.c:297:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
offs = sprintf(text, "ACL1:%X,%d\n",
data/zip-3.0/os2/os2zip.c:97:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nbuf[MAXPATHLEN + 1];
data/zip-3.0/os2/os2zip.c:113:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(nbuf+len, "\\.");
data/zip-3.0/os2/os2zip.c:134:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(nbuf+len-1, "*.*");
data/zip-3.0/os2/os2zip.c:139:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(nbuf+len, "\\*");
data/zip-3.0/os2/os2zip.c:281:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bName[3];
data/zip-3.0/os2/os2zip.c:529:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *) gealst.szName, ".LONGNAME");
data/zip-3.0/os2/os2zip.c:558:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char nbuf[CCHMAXPATH + 1];
data/zip-3.0/os2/os2zip.c:559:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempbuf[CCHMAXPATH + 1];
data/zip-3.0/os2/os2zip.c:637:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szName[CCHMAXPATH];
data/zip-3.0/os2/os2zip.c:793:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szName[CCHMAXPATH];
data/zip-3.0/os2/os2zip.c:874:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((PCH) pFEA2 + sizeof(pFEA2 -> oNextEntryOffset), pFEA, nLength);
data/zip-3.0/os2/os2zip.c:1017:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(eb_l_ptr, eb_c_ptr, eb_c_size);
data/zip-3.0/os2/os2zip.c:1106:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/zip-3.0/os2/os2zip.c:1120:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(sprintf(buf, "C Set/2 %d.%02d", __IBMC__/100,__IBMC__%100), buf),
data/zip-3.0/os2/os2zip.c:1122:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(sprintf(buf, "C Set++ %d.%02d", __IBMC__/100,__IBMC__%100), buf),
data/zip-3.0/os2/os2zip.c:1124:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(sprintf(buf, "Visual Age C++ %d.%02d", __IBMC__/100,__IBMC__%100), buf),
data/zip-3.0/os2/os2zip.c:1127:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
"Watcom C", (sprintf(buf, " (__WATCOMC__ = %d)", __WATCOMC__), buf),
data/zip-3.0/os2/os2zip.c:1153:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(sprintf(buf, "%d.%02d", _MSC_VER/100, _MSC_VER%100), buf),
data/zip-3.0/os2/os2zip.h:30:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d_name[MAXNAMLEN + 1]; /* null terminated */
data/zip-3.0/os2/zipup.h:12:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define zopen(n,p) open(n,p)
data/zip-3.0/qdos/qdos.c:94:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d_name[QDOS_FLMAX] __attribute__ ((packed));/* name area */
data/zip-3.0/qdos/qdos.c:113:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char longid[8] __attribute__ ((packed));
data/zip-3.0/qdos/qdos.c:228:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char path[64];
data/zip-3.0/qdos/qdos.c:229:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[64];
data/zip-3.0/qdos/qdos.c:293:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char defpath[40];
data/zip-3.0/qdos/qdos.c:326:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char path[64];
data/zip-3.0/qdos/qdos.c:328:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[64];
data/zip-3.0/qdos/qdos.c:436:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char match[40] = {0};
data/zip-3.0/qdos/qdos.c:437:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ddev[8] = {0};
data/zip-3.0/qdos/qdos.c:440:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char base[40];
data/zip-3.0/qdos/qdos.c:460:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[40];
data/zip-3.0/qdos/qdos.c:528:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fnam[256], *p;
data/zip-3.0/qdos/qdos.c:542:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nam[48];
data/zip-3.0/qdos/qdos.c:641:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fd = open(name, O_RDONLY | O_BINARY)) > 0)
data/zip-3.0/qdos/qdos.c:658:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(qs->d_name, name, nl);
data/zip-3.0/qdos/qdos.c:802:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(eb_c_ptr, eb_l_ptr, EB_C_UT_SIZE);
data/zip-3.0/qdos/qdos.c:806:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(eb_c_ptr+EB_C_UT_SIZE, eb_l_ptr+EB_L_UT_SIZE, EB_C_UX2_SIZE);
data/zip-3.0/qdos/qdos.c:840:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cq, lq, sizeof(qdosextra));
data/zip-3.0/qdos/zipup.h:15:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define zopen(n,p) open(n,p)
data/zip-3.0/revision.h:45:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern ZCONST char *copyright[1];
data/zip-3.0/revision.h:46:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern ZCONST char * far swlicense[50];
data/zip-3.0/revision.h:47:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern ZCONST char * far versinfolines[7];
data/zip-3.0/revision.h:48:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern ZCONST char * far cryptnote[7];
data/zip-3.0/tailor.h:273:14: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
IZ_IMP char *memcpy();
data/zip-3.0/tailor.h:281:13: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
IZ_IMP long atol();
data/zip-3.0/tailor.h:556:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
# define zfopen fopen
data/zip-3.0/tailor.h:576:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
# define zfopen fopen
data/zip-3.0/tailor.h:606:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
# define zfopen fopen
data/zip-3.0/tailor.h:626:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
# define zfopen fopen
data/zip-3.0/tailor.h:653:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
# define zfopen fopen
data/zip-3.0/tailor.h:680:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
# define zfopen fopen
data/zip-3.0/tailor.h:712:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
# define zfopen fopen
data/zip-3.0/tandem/tandem.c:252:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[FILENAME_MAX + 1];
data/zip-3.0/tandem/tandem.c:254:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[EXTENSION_MAX + 1];
data/zip-3.0/tandem/tandem.c:327:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[FILENAME_MAX + 1];
data/zip-3.0/tandem/tandem.c:328:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[EXTENSION_MAX + 1];
data/zip-3.0/tandem/tandem.c:388:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[FILENAME_MAX + 1];
data/zip-3.0/tandem/tandem.c:389:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[EXTENSION_MAX + 1];
data/zip-3.0/tandem/tandem.c:519:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[FILENAME_MAX + 1];
data/zip-3.0/tandem/tandem.c:521:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[EXTENSION_MAX + 1];
data/zip-3.0/tandem/tandem.c:776:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sname[FILENAME_MAX + 1];
data/zip-3.0/tandem/tandem.c:778:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[FILENAME_MAX + 1];
data/zip-3.0/tandem/tandem.c:784:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[EXTENSION_MAX + 1];
data/zip-3.0/tandem/tandem.h:79:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d_name[NAMELEN+1];
data/zip-3.0/tandem/tandem.h:85:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char D_path[NAMELEN+1];
data/zip-3.0/tandem/tanzip.c:28:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[40];
data/zip-3.0/tandem/tanzip.c:55:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#ifdef fopen
data/zip-3.0/tandem/tanzip.c:56:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
# undef fopen
data/zip-3.0/tandem/tanzip.c:74:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nsk_work[FILENAME_MAX + 1], *nsk_fname=&nsk_work[0];
data/zip-3.0/tandem/tanzip.c:113:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return fopen(fname,opt);
data/zip-3.0/tandem/tanzip.c:115:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define fopen nskopen
data/zip-3.0/tandem/tanzip.c:125:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nsk_delim[2] = {'\r', '\n'}; /* CR/LF */
data/zip-3.0/tandem/tanzip.c:139:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zreadbuf[MAX_LARGE_READ]; /* Buffer as large as biggest read */
data/zip-3.0/tandem/tanzip.c:151:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[FILENAME_MAX + 1];
data/zip-3.0/tandem/tanzip.c:153:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[EXTENSION_MAX + 1];
data/zip-3.0/tandem/tanzip.c:219:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bufptr, zread_ovptr, movelen);
data/zip-3.0/tandem/tanzip.c:250:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(readptr, nsk_delim, nsk_delim_len);
data/zip-3.0/tandem/tanzip.c:294:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(readptr, nsk_delim, nsk_delim_len);
data/zip-3.0/tandem/tanzip.c:302:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bufptr, zreadptr, movelen);
data/zip-3.0/tandem/tanzip.c:474:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[FILENAME_MAX + 1]= ""; /* file name */
data/zip-3.0/tandem/tanzip.c:475:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[EXTENSION_MAX + 1] = ""; /* extension name */
data/zip-3.0/tandem/tanzip.c:644:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ext, (char *)nsk_attr, EB_TANDEM_SIZE);
data/zip-3.0/tandem/tanzip.c:649:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cext, (char *)nsk_attr, EB_TANDEM_SIZE);
data/zip-3.0/tandem/tanzip.c:686:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cext, UTptr, EB_C_UT_SIZE);
data/zip-3.0/tandem/tanzip.c:688:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cext+EB_C_UT_SIZE, Uxptr, EB_C_UX2_SIZE);
data/zip-3.0/tandem/tanzip.h:12:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
# define fopen nskopen /* To allow us to set extent sizes */
data/zip-3.0/theos/_rename.c:24:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(bfn, "./");
data/zip-3.0/theos/_rename.c:36:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[FILENAME_MAX];
data/zip-3.0/theos/_rename.c:38:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bold[FILENAME_MAX], bnew[FILENAME_MAX];
data/zip-3.0/theos/_setargv.c:72:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[FILENAME_MAX];
data/zip-3.0/theos/_stat.c:145:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[FILENAME_MAX];
data/zip-3.0/theos/_stat.c:146:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cwd[FILENAME_MAX];
data/zip-3.0/theos/_stat.c:147:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char drive[3];
data/zip-3.0/theos/_stat.c:193:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[FILENAME_MAX];
data/zip-3.0/theos/_stat.c:198:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, "./");
data/zip-3.0/theos/_stat.c:200:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return fopen(buf, mode);
data/zip-3.0/theos/_stat.c:203:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (fp = fopen(fn, mode))
data/zip-3.0/theos/_stat.c:209:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return fopen(fn, mode);
data/zip-3.0/theos/_stat.c:214:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#undef open
data/zip-3.0/theos/_stat.c:215:5: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int open(const char*, int, ...);
data/zip-3.0/theos/_stat.c:220:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[FILENAME_MAX];
data/zip-3.0/theos/_stat.c:225:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, "./");
data/zip-3.0/theos/_stat.c:227:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return open(buf, mode);
data/zip-3.0/theos/_stat.c:230:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(fn, mode)) != EOF)
data/zip-3.0/theos/_stat.c:237:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return open(fn, mode);
data/zip-3.0/theos/_stat.c:247:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[FILENAME_MAX], buf2[FILENAME_MAX], buf3[FILENAME_MAX];
data/zip-3.0/theos/_stat.c:266:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
fn = strcpy(buf2, "/:S");
data/zip-3.0/theos/_stat.c:280:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf2, "./");
data/zip-3.0/theos/_stat.c:450:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirp[FILENAME_MAX];
data/zip-3.0/theos/osdep.h:51:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#undef open
data/zip-3.0/theos/osdep.h:52:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define fopen() _fopen()
data/zip-3.0/theos/osdep.h:54:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define open() __open()
data/zip-3.0/theos/theos.c:112:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char lib[FILENAME_MAX];
data/zip-3.0/theos/theos.c:113:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char drive[3];
data/zip-3.0/theos/theos.c:148:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char drive[3]; /* drive name */
data/zip-3.0/theos/theos.c:250:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p - 1, ".*");
data/zip-3.0/theos/zipup.h:15:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define zopen(n,p) open(n,p)
data/zip-3.0/timezone.c:48:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *tzname[2];
data/zip-3.0/timezone.h:46:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char types[TZ_MAX_TIMES];
data/zip-3.0/timezone.h:48:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chars[TZ_MAX_CHARS];
data/zip-3.0/tops20/tops20.c:82:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(p, "*.*");
data/zip-3.0/tops20/tops20.c:135:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fp, fname[200];
data/zip-3.0/tops20/tops20.c:263:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fp, fname[200];
data/zip-3.0/tops20/tops20.c:312:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cwd[256], *p, *q;
data/zip-3.0/tops20/tops20.c:540:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[40];
data/zip-3.0/tops20/tops20.c:549:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
"cc ", (sprintf(buf, " version %d", _RELEASE), buf),
data/zip-3.0/tops20/zipup.h:14:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define zopen(n,p) open(n,p)
data/zip-3.0/trees.c:1450:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out_buf, block, out_offset);
data/zip-3.0/trees.c:1466:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out_buf + out_offset, block, len);
data/zip-3.0/ttyio.c:262:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kbbuf[16]; /* input buffer with - some - excess length */
data/zip-3.0/ttyio.c:409:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (envptr == (char *)NULL || (n = atoi(envptr)) < 5) {
data/zip-3.0/ttyio.c:419:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (envptr == (char *)NULL || (n = atoi(envptr)) < 5) {
data/zip-3.0/ttyio.c:616:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((f = open(_PATH_TTY, 0)) == -1)
data/zip-3.0/ttyio.c:666:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((f = fopen(ctermid(NULL), "r")) == NULL)
data/zip-3.0/unix/unix.c:76:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define opendir(path) fopen(path, "r")
data/zip-3.0/unix/unix.c:473:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(extra, z->extra, z->ext);
data/zip-3.0/unix/unix.c:475:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cextra, z->cextra, z->cext);
data/zip-3.0/unix/unix.c:556:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((z->cextra) + z->cext, (z->extra) + z->ext, 4 + ef_data_size);
data/zip-3.0/unix/unix.c:657:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(z->cextra, z->extra, EB_C_UT_SIZE);
data/zip-3.0/unix/unix.c:662:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(z->cextra+EB_C_UT_SIZE, z->extra+EB_L_UT_SIZE, EB_C_UX2_SIZE);
data/zip-3.0/unix/unix.c:734:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char compiler_name[80];
data/zip-3.0/unix/unix.c:738:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char compiler_name[33];
data/zip-3.0/unix/unix.c:741:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char compiler_name[33];
data/zip-3.0/unix/unix.c:744:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char compiler_name[33];
data/zip-3.0/unix/unix.c:748:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char compiler_name[40];
data/zip-3.0/unix/unix.c:758:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char os_name[40];
data/zip-3.0/unix/unix.c:762:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char os_name[40];
data/zip-3.0/unix/unix.c:767:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char os_name[40];
data/zip-3.0/unix/unix.c:774:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(compiler_name, "NeXT DevKit %d.%02d (gcc " __VERSION__ ")",
data/zip-3.0/unix/unix.c:782:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( compiler_name, "Sun C version %x", __SUNPRO_C);
data/zip-3.0/unix/unix.c:788:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( compiler_name, "HP C version A.%02d.%02d",
data/zip-3.0/unix/unix.c:793:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( compiler_name, "HP C version A.%02d.%02d.%02d",
data/zip-3.0/unix/unix.c:799:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( compiler_name, "DEC C version %c%d.%d-%03d",
data/zip-3.0/unix/unix.c:807:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(compiler_name, "cc version %d", _RELEASE);
data/zip-3.0/unix/unix.c:811:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( compiler_name, "IBM C version %d.%d.%d",
data/zip-3.0/unix/unix.c:865:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(os_name, "Cray UNICOS release %d", _UNICOS);
data/zip-3.0/unix/unix.c:1049:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char no_msg[ 64];
data/zip-3.0/unix/unix.c:1057:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( no_msg, "(no message, code = %d.)", err);
data/zip-3.0/unix/zipup.h:20:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define zopen(n,p) open(n,p)
data/zip-3.0/util.c:1109:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char fzofft_buf[ FZOFFT_NUM][ FZOFFT_LEN];
data/zip-3.0/util.c:1113:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char fmt[ 16] = "%";
data/zip-3.0/util.c:1158:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char fuzofft_buf[ FZOFFT_NUM][ FZOFFT_LEN];
data/zip-3.0/util.c:1162:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char fmt[ 16] = "%";
data/zip-3.0/util.c:1205:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempstrg[100];
data/zip-3.0/util.c:1246:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num = atoi(numstring);
data/zip-3.0/util.c:1295:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char digits[4];
data/zip-3.0/vms/cmdline.c:311:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[ FNMAX+ 81]; /* Error message buffer. */
data/zip-3.0/vms/cmdline.c:361:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char options[ 64];
data/zip-3.0/vms/cmdline.c:412:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(the_cmd_line, "zip");
data/zip-3.0/vms/cmdline.c:677:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(&the_cmd_line[x], "-P");
data/zip-3.0/vms/cmdline.c:956:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(&the_cmd_line[x], "-b");
data/zip-3.0/vms/cmdline.c:969:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(&the_cmd_line[x], "-O");
data/zip-3.0/vms/cmdline.c:1334:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char since_time[9];
data/zip-3.0/vms/cmdline.c:1345:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(&the_cmd_line[x], "-t");
data/zip-3.0/vms/cmdline.c:1355:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char before_time[9];
data/zip-3.0/vms/cmdline.c:1366:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(&the_cmd_line[x], "-tt");
data/zip-3.0/vms/cmdline.c:1379:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(&the_cmd_line[x], "-n");
data/zip-3.0/vms/cmdline.c:1464:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(&the_cmd_line[x], "-x");
data/zip-3.0/vms/cmdline.c:1496:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(&the_cmd_line[x], "-i");
data/zip-3.0/vms/cmdline.c:1715:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(timearg, "%02d%02d%04d", numtimbuf.month,
data/zip-3.0/vms/vms.c:278:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[40];
data/zip-3.0/vms/vms.c:279:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vms_vers[ 16];
data/zip-3.0/vms/vms.c:283:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[40];
data/zip-3.0/vms/vms.c:314:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(sprintf(buf2, " %c%d.%d-%03d",
data/zip-3.0/vms/vms.c:394:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char zip_tmp_nam[ 16] = "ZI<unique>.;";
data/zip-3.0/vms/vms.c:399:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char exp_str[ NAM_MAXRSS+ 1]; /* Expanded name storage. */
data/zip-3.0/vms/vms.c:404:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( &zip_tmp_nam[ 2], "%08X", time( NULL));
data/zip-3.0/vms/vms.c:410:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( &zip_tmp_nam[ 2], "%08X", pid);
data/zip-3.0/vms/vms.c:454:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( nam.NAM_L_TYPE, ".;");
data/zip-3.0/vms/vms.c:511:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char result[ NAM_MAXRSS+ 1];
data/zip-3.0/vms/vms.c:512:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char exp[ NAM_MAXRSS+ 1];
data/zip-3.0/vms/vms.c:594:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char exp[ NAM_MAXRSS+ 1]; /* Expanded name storage. */
data/zip-3.0/vms/vms_im.c:126:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char verbuf[80];
data/zip-3.0/vms/vms_im.c:160:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( cxtra, xtra, (EB_HEADSIZE+ EB_UT_LEN( 1)));
data/zip-3.0/vms/vms_im.c:410:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( cxtra, xtra, (scan- xtra));
data/zip-3.0/vms/vms_im.c:775:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[132];
data/zip-3.0/vms/vms_im.c:866:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(to->body[0]), from, size);
data/zip-3.0/vms/vms_msg_gen.c:29:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *sev_str[ 8] = {
data/zip-3.0/vms/vms_pk.c:156:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char EName[NAM_MAXRSS];
data/zip-3.0/vms/vms_pk.c:157:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char RName[NAM_MAXRSS];
data/zip-3.0/vms/vms_pk.c:518:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( cxtra, xtra, (EB_HEADSIZE+ EB_UT_LEN( 1)));
data/zip-3.0/vms/vms_pk.c:552:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(h->data, (char*)&(ctx->PKi), sizeof(ctx->PKi));
data/zip-3.0/vms/vms_pk.c:565:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)&(f->value[0]), ctx->aclbuf, ctx->acllen);
data/zip-3.0/vms/vms_pk.c:574:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( cxtra, xtra, l);
data/zip-3.0/vms/vmsdefs.h:149:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fat$fill[8];
data/zip-3.0/vms/vmsmunch.c:167:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void asctim(char *time, long int binval[2]);
data/zip-3.0/vms/vmsmunch.c:168:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void bintim(char *time, long int binval[2]);
data/zip-3.0/vms/vmsmunch.c:252:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char EName[NAM_MAXRSS];
data/zip-3.0/vms/vmsmunch.c:253:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char RName[NAM_MAXRSS];
data/zip-3.0/vms/vmsmunch.c:406:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *time,
data/zip-3.0/vms/vmsmunch.c:426:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *time,
data/zip-3.0/vms/vmszip.c:61:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hex_digit[ 16] = {
data/zip-3.0/vms/vmszip.c:111:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char char_prop[ 256] = {
data/zip-3.0/vms/vmszip.c:160:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d_qualwildname[ NAM_MAXRSS+ 1];
data/zip-3.0/vms/vmszip.c:161:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d_name[ NAM_MAXRSS+ 1];
data/zip-3.0/vms/vmszip.c:547:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char wild_version_part[10]="\0";
data/zip-3.0/vms/vmszip.c:637:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(p, "*.*");
data/zip-3.0/vms/vmszip.c:939:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cwd[ NAM_MAXRSS+ 1];
data/zip-3.0/vms/vmszip.c:1125:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[ NAML$C_MAXRSS+ 1];
data/zip-3.0/vms/vmszip.c:1321:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timbuf[24];
data/zip-3.0/vms/vmszip.c:1440:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
system(strcat(strcpy(s, "set prot=(o:rwed) "), d));
data/zip-3.0/vms/zipup.h:17:57: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define zopen(n,p) (vms_native?vms_open(n) :(ftype)fopen((n), p))
data/zip-3.0/win32/nt.c:217:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char TempRootPath[MAX_PATH + 1];
data/zip-3.0/win32/nt.c:351:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(VolumeCaps, &g_VolumeCaps, sizeof(VOLUMECAPS));
data/zip-3.0/win32/nt.h:67:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char RootPath[MAX_PATH+1]; /* path to network / filesystem */
data/zip-3.0/win32/win32.c:76:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char root[4];
data/zip-3.0/win32/win32.c:118:3: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t root[4];
data/zip-3.0/win32/win32.c:260:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rootPathName[4];
data/zip-3.0/win32/win32.c:261:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp1[MAX_PATH], tmp2[MAX_PATH];
data/zip-3.0/win32/win32.c:297:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t rootPathName[4];
data/zip-3.0/win32/win32.c:298:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t tmp1[MAX_PATH], tmp2[MAX_PATH];
data/zip-3.0/win32/win32.c:689:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rootpath[4];
data/zip-3.0/win32/win32.c:690:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char vol[14];
data/zip-3.0/win32/win32.c:696:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(rootpath, "x:\\");
data/zip-3.0/win32/win32.c:1108:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[2];
data/zip-3.0/win32/win32.c:1149:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/zip-3.0/win32/win32.c:1151:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[80];
data/zip-3.0/win32/win32.c:1157:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "Microsoft C %d.%02d ", _MSC_VER/100, _MSC_VER%100);
data/zip-3.0/win32/win32.c:1166:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf2, "(Visual C++ v%d.%d)", _MSC_VER/100 - 6, _MSC_VER%100/10);
data/zip-3.0/win32/win32.c:1175:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "Watcom C/C++ %d.%02d", __WATCOMC__ / 100,
data/zip-3.0/win32/win32.c:1178:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "Watcom C/C++ %d.%d", __WATCOMC__ / 100,
data/zip-3.0/win32/win32.c:1218:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "rsxnt(djgpp v%d.%02d) / gcc ",
data/zip-3.0/win32/win32.c:1222:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "rsxnt(emx+djgpp v%d.%02d) / gcc ",
data/zip-3.0/win32/win32.c:1337:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[9];
data/zip-3.0/win32/win32.c:1425:11: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
wsize = MultiByteToWideChar(CP_ACP, 0,
data/zip-3.0/win32/win32.c:1436:11: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
wsize = MultiByteToWideChar(CP_ACP, 0,
data/zip-3.0/win32/win32i64.c:104:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fTemp = fopen(filename,mode);
data/zip-3.0/win32/win32zip.c:502:13: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
ulenw = MultiByteToWideChar(
data/zip-3.0/win32/win32zip.c:524:12: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
ulen = MultiByteToWideChar(
data/zip-3.0/win32/win32zip.c:634:13: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
ulenw = MultiByteToWideChar(
data/zip-3.0/win32/win32zip.c:652:12: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
ulen = MultiByteToWideChar(
data/zip-3.0/win32/win32zip.c:680:13: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
ulenw = MultiByteToWideChar(
data/zip-3.0/win32/win32zip.c:698:12: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
ulen = MultiByteToWideChar(
data/zip-3.0/win32/win32zip.c:1581:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((h = open(f, 0)) != -1)
data/zip-3.0/win32/win32zip.c:1771:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char stackbuffer[NTSD_BUFFERSIZE];
data/zip-3.0/win32/win32zip.c:1841:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errbuf, "security info too large to store (%ld bytes), %d max", bytes, 0x7FFF);
data/zip-3.0/win32/win32zip.c:1866:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errbuf, " (%ld bytes security)", bytes);
data/zip-3.0/win32/win32zip.c:1938:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(eb_c_ptr, eb_l_ptr, EB_C_UT_SIZE);
data/zip-3.0/win32/zipup.h:33:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
# define zopen(n,p) open(n,p)
data/zip-3.0/windll/example.c:97:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szFullPath[PATH_MAX];
data/zip-3.0/windll/example.c:141:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/zip-3.0/windll/example.c:160:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/zip-3.0/windll/example.c:195:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/zip-3.0/windll/example.c:215:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/zip-3.0/windll/example.c:224:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/zip-3.0/windll/windll.h:32:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szBuffer[40];\
data/zip-3.0/windll/windll.h:50:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char szFilesToAdd[80];
data/zip-3.0/windll/windll.h:51:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char rgszFiles[cchFilesMax];
data/zip-3.0/zbz2err.c:57:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errbuf, "fatal error (code %d) in bzip2 library", errcode);
data/zip-3.0/zip.c:1052:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char bz_opt_ver[81];
data/zip-3.0/zip.c:1053:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char bz_opt_ver2[81];
data/zip-3.0/zip.c:1054:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char bz_opt_ver3[81];
data/zip-3.0/zip.c:1203:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( bz_opt_ver,
data/zip-3.0/zip.c:1205:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( bz_opt_ver2,
data/zip-3.0/zip.c:1207:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( bz_opt_ver3,
data/zip-3.0/zip.c:1289:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[4004];
data/zip-3.0/zip.c:1291:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1001];
data/zip-3.0/zip.c:1296:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(cmd, " -v");
data/zip-3.0/zip.c:1317:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "Found UnZip version %4.2f", UnZip_Version);
data/zip-3.0/zip.c:1407:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(path, zippath, len);
data/zip-3.0/zip.c:1408:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(&path[len], "unzip.exe");
data/zip-3.0/zip.c:1479:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cmd, "unzip -t ");
data/zip-3.0/zip.c:1481:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(cmd, "-Q4 ");
data/zip-3.0/zip.c:1483:19: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (!verbose) strcat(cmd, "-qq ");
data/zip-3.0/zip.c:1552:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(pattern + 1, "r");
data/zip-3.0/zip.c:1680:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempstrg[100];
data/zip-3.0/zip.c:3444:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errbuf, "no such option ID: %ld", option);
data/zip-3.0/zip.c:3554:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mode[10];
data/zip-3.0/zip.c:3573:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(p, ".log");
data/zip-3.0/zip.c:3893:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tempzip, "ziXXXXXX");
data/zip-3.0/zip.c:3895:17: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
if ((yd = mkstemp(tempzip)) == EOF) {
data/zip-3.0/zip.c:4562:13: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(fnw, L"testdir/");
data/zip-3.0/zip.c:4573:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fn, "testdir/");
data/zip-3.0/zip.c:4580:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(fn, "w");
data/zip-3.0/zip.c:4586:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fn, "testdir/");
data/zip-3.0/zip.c:4597:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(fn, "w");
data/zip-3.0/zip.c:4712:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(errbuf, "try: zip \"");
data/zip-3.0/zip.c:4714:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(strcat(errbuf, args[i]), "\" ");
data/zip-3.0/zip.c:4715:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(strcat(errbuf, args[i]), " *.* -i");
data/zip-3.0/zip.c:4717:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(errbuf, "try: zip");
data/zip-3.0/zip.c:4721:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(errbuf, " \"\" -i");
data/zip-3.0/zip.c:4723:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(errbuf, " . -i");
data/zip-3.0/zip.c:4894:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tempzip, "ziXXXXXX");
data/zip-3.0/zip.c:4896:17: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
if ((yd = mkstemp(tempzip)) == EOF) {
data/zip-3.0/zip.c:5658:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempstrg[100];
data/zip-3.0/zip.c:5671:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempstrg[100];
data/zip-3.0/zip.c:5816:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(strcat(strcpy(p, zcomment), "\r\n"), e);
data/zip-3.0/zip.h:319:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char errbuf[FNMAX+4081]; /* Handy place to build error messages */
data/zip-3.0/zip.h:727:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
char *memcpy OF((char *, char *, unsigned int));
data/zip-3.0/zipcloak.c:316:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char passwd[IZ_PWLEN+1]; /* password for encryption or decryption */
data/zip-3.0/zipcloak.c:317:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char verify[IZ_PWLEN+1]; /* password for encryption or decryption */
data/zip-3.0/zipcloak.c:580:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((inzip = fopen(zipfile, "a")) == NULL) ziperr(ZE_CREAT, zipfile);
data/zip-3.0/zipcloak.c:615:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tempzip, "ziXXXXXX");
data/zip-3.0/zipcloak.c:617:17: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
if ((yd = mkstemp(tempzip)) == EOF) {
data/zip-3.0/zipcloak.c:625:32: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((y = tempzf = outzip = fopen(tempzip = tempname(zipfile), FOPW)) == NULL) {
data/zip-3.0/zipcloak.c:648:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((in_file = fopen(zipfile, FOPR)) == NULL) ziperr(ZE_NAME, zipfile);
data/zip-3.0/zipfile.c:423:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(r[-1] == '.' ? r - 1 : r, ".zip");
data/zip-3.0/zipfile.c:428:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(q, ".zip");
data/zip-3.0/zipfile.c:430:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(t, ".zip");
data/zip-3.0/zipfile.c:435:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(t, " ZIP");
data/zip-3.0/zipfile.c:437:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(t, ".zip");
data/zip-3.0/zipfile.c:444:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(t, "_zip");
data/zip-3.0/zipfile.c:737:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(returnExtra, newExtra, newExtraLen);
data/zip-3.0/zipfile.c:755:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tempExtra + returnExtraLen, pTemp, blocksize + 4);
data/zip-3.0/zipfile.c:762:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tempExtra + returnExtraLen, newExtra, newExtraLen);
data/zip-3.0/zipfile.c:768:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(returnExtra, tempExtra, returnExtraLen);
data/zip-3.0/zipfile.c:855:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(errbuf,
data/zip-3.0/zipfile.c:857:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(errbuf,
data/zip-3.0/zipfile.c:955:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(errbuf,
data/zip-3.0/zipfile.c:957:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(errbuf,
data/zip-3.0/zipfile.c:1191:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pTemp, pZipListEntry->cextra, len);
data/zip-3.0/zipfile.c:1192:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pTemp + len, pExtraFieldPtr + oldefsize,
data/zip-3.0/zipfile.c:1257:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pTemp, pZEntry->extra, usTemp );
data/zip-3.0/zipfile.c:1262:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pTemp, pOldTemp, usTemp);
data/zip-3.0/zipfile.c:1302:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pTemp, pZEntry->cextra, usTemp );
data/zip-3.0/zipfile.c:1307:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pTemp, pOldTemp, usTemp);
data/zip-3.0/zipfile.c:1387:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pTemp, pZEntry->extra, usTemp );
data/zip-3.0/zipfile.c:1392:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pTemp, pOldTemp, usTemp);
data/zip-3.0/zipfile.c:1487:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pTemp, pZEntry->extra, usTemp );
data/zip-3.0/zipfile.c:1492:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pTemp, pOldTemp, usTemp);
data/zip-3.0/zipfile.c:1619:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pTemp, pZEntry->cextra, usTemp );
data/zip-3.0/zipfile.c:1624:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pTemp, pOldTemp, usTemp);
data/zip-3.0/zipfile.c:1698:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char waste[ 4];
data/zip-3.0/zipfile.c:1771:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errbuf, "made by version %d.%d on system type %d: ",
data/zip-3.0/zipfile.c:1778:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errbuf, "needs unzip %d.%d on system type %d: ",
data/zip-3.0/zipfile.c:1793:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errbuf, "local flags = 0x%04x, central = 0x%04x: ",
data/zip-3.0/zipfile.c:1800:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errbuf, "undefined bits used in flags = 0x%04x: ", z->flg);
data/zip-3.0/zipfile.c:1804:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errbuf, "unknown compression method %u: ", z->how);
data/zip-3.0/zipfile.c:1809:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errbuf, "starts on disk %lu: ", z->dsk);
data/zip-3.0/zipfile.c:1814:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errbuf, "unknown internal attributes = 0x%04x: ", z->att);
data/zip-3.0/zipfile.c:1823:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errbuf, "unknown external attributes = 0x%08lx: ", z->atx);
data/zip-3.0/zipfile.c:1837:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errbuf,
data/zip-3.0/zipfile.c:1880:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b[CENHEAD]; /* buffer for central headers */
data/zip-3.0/zipfile.c:2002:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errbuf, "%lu", (ulg)zcount + 1);
data/zip-3.0/zipfile.c:2163:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LOCHEAD + 1];
data/zip-3.0/zipfile.c:2295:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errbuf, "Local Version Needed (%d) does not match CD (%d): ", locz->ver, z->ver);
data/zip-3.0/zipfile.c:2329:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b[CENHEAD]; /* buffer for central headers */
data/zip-3.0/zipfile.c:2339:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bf[8];
data/zip-3.0/zipfile.c:2647:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errbuf, "%lu", (ulg)zcount + 1);
data/zip-3.0/zipfile.c:2767:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[16];
data/zip-3.0/zipfile.c:2808:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errbuf, " offset %u--local = %02x, central = %02x",
data/zip-3.0/zipfile.c:2909:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[16];
data/zip-3.0/zipfile.c:2937:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
local char sigbuf[4]; /* signature found */
data/zip-3.0/zipfile.c:3039:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sig[4];
data/zip-3.0/zipfile.c:3085:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tsig1[4];
data/zip-3.0/zipfile.c:3086:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tsig2[4];
data/zip-3.0/zipfile.c:3134:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sig[4];
data/zip-3.0/zipfile.c:3135:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b[4];
data/zip-3.0/zipfile.c:3204:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char scbuf[FIXSCAN_BUFSIZE]; /* buffer big enough for headers */
data/zip-3.0/zipfile.c:3249:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(errbuf, "if archive to fix is split archive, need to provide\n");
data/zip-3.0/zipfile.c:3250:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(errbuf, " path of the last split with .zip extension,\n");
data/zip-3.0/zipfile.c:3251:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(errbuf, " even if it doesn't exist (zip will ask for splits)");
data/zip-3.0/zipfile.c:3291:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(errbuf, "Missing end (EOCDR) signature - either this archive\n");
data/zip-3.0/zipfile.c:3292:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(errbuf, " is not readable or the end is damaged");
data/zip-3.0/zipfile.c:3392:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errbuf, " Found end record (EOCDR) - says expect %lu splits", total_disks);
data/zip-3.0/zipfile.c:3394:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errbuf, " Found end record (EOCDR) - says expect single disk archive");
data/zip-3.0/zipfile.c:3516:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errbuf, "skipping disk %lu ...\n", current_in_disk);
data/zip-3.0/zipfile.c:3745:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errbuf, "%lu", (ulg)zcount + 1);
data/zip-3.0/zipfile.c:3779:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errbuf, "local (%lu) and cen (%lu) crc mismatch", z->crc, cz->crc);
data/zip-3.0/zipfile.c:3923:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuftemp[40];
data/zip-3.0/zipfile.c:3925:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(errbuf, "unexpected signature ");
data/zip-3.0/zipfile.c:3927:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errbuftemp, "%02x ", sigbuf[c]);
data/zip-3.0/zipfile.c:4022:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char scbuf[SCAN_BUFSIZE]; /* buffer just enough for all header types */
data/zip-3.0/zipfile.c:4394:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errbuf, "Zip entry offsets do not need adjusting");
data/zip-3.0/zipfile.c:4584:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errbuf, "This archive requires version %d.%d", major, minor);
data/zip-3.0/zipfile.c:4652:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errbuf, "skipping disk %lu ...\n", current_in_disk);
data/zip-3.0/zipfile.c:4723:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuftemp[40];
data/zip-3.0/zipfile.c:4725:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(errbuf, "bad archive - unexpected signature ");
data/zip-3.0/zipfile.c:4727:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errbuftemp, "%02x ", sigbuf[c]);
data/zip-3.0/zipfile.c:4821:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errbuf, "%lu", (ulg)zcount + 1);
data/zip-3.0/zipfile.c:6018:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LOCHEAD + 1];
data/zip-3.0/zipfile.c:6134:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errbuf, "Illegal host system mapping in local header: %d", os);
data/zip-3.0/zipfile.c:6147:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errbuf, "Illegal PK version mapping in local header: %d", pkver);
data/zip-3.0/zipfile.c:6156:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errbuf, "Unrecognized compression method in local header: %d", localz->how);
data/zip-3.0/zipfile.c:6701:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(r, ".DIR;1"); /* this assumes a little padding--see PAD */
data/zip-3.0/zipnote.c:392:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char abf[WRBUFSIZ+1]; /* input line buffer */
data/zip-3.0/zipnote.c:550:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((x = fopen(zipfile, "a")) == NULL)
data/zip-3.0/zipnote.c:636:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tempzip, "ziXXXXXX");
data/zip-3.0/zipnote.c:638:15: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
if ((yd = mkstemp(tempzip)) == EOF) {
data/zip-3.0/zipnote.c:646:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((tempzf = y = fopen(tempzip = tempname(zipfile), FOPW)) == NULL)
data/zip-3.0/zipnote.c:651:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((in_file = fopen(zipfile, FOPR)) == NULL)
data/zip-3.0/zipsplit.c:80:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
local char template[TEMPL_SIZ]; /* name template for output files */
data/zip-3.0/zipsplit.c:434:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)e, (char *)a, n * sizeof(uzoff_t));
data/zip-3.0/zipsplit.c:494:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m[10];
data/zip-3.0/zipsplit.c:536:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[5000];
data/zip-3.0/zipsplit.c:680:25: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((c = (ulg)atol(argv[r])) < 100) /* 100 is smallest zip file */
data/zip-3.0/zipsplit.c:685:20: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = (ulg)atol(argv[r]);
data/zip-3.0/zipsplit.c:738:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)p, (char *)a, zcount * sizeof(uzoff_t));
data/zip-3.0/zipsplit.c:865:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((e = fopen(zipfile, FOPR)) == NULL)
data/zip-3.0/zipsplit.c:881:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m[10];
data/zip-3.0/zipsplit.c:893:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((f = fopen(path, "w")) == NULL)
data/zip-3.0/zipsplit.c:915:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((y = f = fopen(path, FOPW)) == NULL)
data/zip-3.0/zipup.c:190:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
local char file_outbuf[1024]; /* output buffer for compression to file */
data/zip-3.0/zipup.c:360:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typestr[4]; /* filetype hex string taken from a */
data/zip-3.0/zipup.c:367:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(typestr,"%.3X",(((unsigned*)a)[2] & 0x000FFF00) >> 8);
data/zip-3.0/zipup.c:488:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tempextra, z->extra, z->ext);
data/zip-3.0/zipup.c:495:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tempcextra, z->cextra, z->cext);
data/zip-3.0/zipup.c:1225:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, b, size);
data/zip-3.0/zipup.c:1321:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errbuf, "cannot initialize zlib deflate");
data/zip-3.0/zipup.c:1324:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errbuf, "zlib deflateInit failure (%d)", err);
data/zip-3.0/zipup.c:1373:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b, in_buf + in_offset, (unsigned)block_size);
data/zip-3.0/zipup.c:1487:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errbuf, "unexpected zlib deflate error %d", err);
data/zip-3.0/zipup.c:1565:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errbuf, "unexpected zlib deflate error %d", err);
data/zip-3.0/zipup.c:1688:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errbuf, "cannot initialize bzlib compress");
data/zip-3.0/zipup.c:1691:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errbuf, "bzlib bzCompressInit failure (%d)", err);
data/zip-3.0/zipup.c:1795:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errbuf, "unexpected bzlib compress error %d", err);
data/zip-3.0/zipup.c:1902:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errbuf, "unexpected bzlib compress error %d", err);
data/zip-3.0/acorn/acornzip.c:65:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name = wildtail + strlen(wildtail) - 1;
data/zip-3.0/acorn/acornzip.c:84:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newlen = strlen(whole) + strlen(subwild) + 32;
data/zip-3.0/acorn/acornzip.c:84:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newlen = strlen(whole) + strlen(subwild) + 32;
data/zip-3.0/acorn/acornzip.c:86:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newlen = strlen(whole) + 31;
data/zip-3.0/acorn/acornzip.c:94:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newlen = strlen(newwhole);
data/zip-3.0/acorn/acornzip.c:106:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name = newwhole + strlen(newwhole);
data/zip-3.0/acorn/acornzip.c:141:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(path=malloc(strlen(p)+3))) {
data/zip-3.0/acorn/acornzip.c:199:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p = malloc(strlen(n)+2)) == NULL)
data/zip-3.0/acorn/acornzip.c:205:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
a = p + strlen(p);
data/zip-3.0/acorn/acornzip.c:207:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(a, ".");
data/zip-3.0/acorn/acornzip.c:219:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((a = malloc(strlen(p) + strlen(e) + 1)) == NULL)
data/zip-3.0/acorn/acornzip.c:219:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((a = malloc(strlen(p) + strlen(e) + 1)) == NULL)
data/zip-3.0/acorn/acornzip.c:258:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((tmp = malloc(strlen(x) + 1)) == NULL)
data/zip-3.0/acorn/acornzip.c:315:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((n = malloc(strlen(t) + 1)) == NULL) {
data/zip-3.0/acorn/acornzip.c:342:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((x = malloc(strlen(n) + 1 + PAD)) == NULL)
data/zip-3.0/acorn/acornzip.c:430:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int len = strlen(f);
data/zip-3.0/acorn/acornzip.c:503:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((name=(char *)malloc(strlen(z->name)+1))==NULL) {
data/zip-3.0/acorn/acornzip.c:510:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (name[strlen(name)-1]=='.') { /* remove the last '.' in directory names */
data/zip-3.0/acorn/acornzip.c:511:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name[strlen(name)-1]=0;
data/zip-3.0/acorn/riscos.c:103:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
thisdir->dirname=(char *)malloc(strlen(dirname)+1);
data/zip-3.0/acorn/riscos.c:110:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (thisdir->dirname[strlen(thisdir->dirname)-1]=='.')
data/zip-3.0/acorn/riscos.c:111:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
thisdir->dirname[strlen(thisdir->dirname)-1]=0;
data/zip-3.0/acorn/riscos.c:145:44: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (SWI_OS_GBPB_9(d->dirname,d->buf,&d->read,&d->offset,DIR_BUFSIZE,NULL)!=NULL)
data/zip-3.0/acorn/riscos.c:157:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
d->act=(char *)(d->act+strlen(d->act)+1);
data/zip-3.0/acorn/riscos.c:161:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dent.d_namlen=strlen(dent.d_name);
data/zip-3.0/acorn/riscos.c:200:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(d);
data/zip-3.0/acorn/riscos.c:261:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
exts2swap=malloc(1+strlen(envptr));
data/zip-3.0/acorn/riscos.h:51:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int read;
data/zip-3.0/amiga/amigazip.c:71:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name = wildtail + strlen(wildtail) - 1;
data/zip-3.0/amiga/amigazip.c:90:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newlen = strlen(whole) + strlen(subwild) + (ONENAMELEN + 2);
data/zip-3.0/amiga/amigazip.c:90:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newlen = strlen(whole) + strlen(subwild) + (ONENAMELEN + 2);
data/zip-3.0/amiga/amigazip.c:92:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newlen = strlen(whole) + (ONENAMELEN + 1);
data/zip-3.0/amiga/amigazip.c:101:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newlen = strlen(newwhole);
data/zip-3.0/amiga/amigazip.c:113:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name = newwhole + strlen(newwhole);
data/zip-3.0/amiga/amigazip.c:198:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p = malloc(strlen(n)+2)) == NULL)
data/zip-3.0/amiga/amigazip.c:201:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
a = p + strlen(p);
data/zip-3.0/amiga/amigazip.c:203:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(a, "/");
data/zip-3.0/amiga/amigazip.c:212:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((a = malloc(strlen(p) + strlen(e) + 1)) == NULL)
data/zip-3.0/amiga/amigazip.c:212:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((a = malloc(strlen(p) + strlen(e) + 1)) == NULL)
data/zip-3.0/amiga/amigazip.c:266:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((n = malloc(strlen(t) + 1)) == NULL)
data/zip-3.0/amiga/amigazip.c:285:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((x = malloc(strlen(n) + 1 + PAD)) == NULL)
data/zip-3.0/amiga/amigazip.c:325:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(f);
data/zip-3.0/amiga/filedate.c:301:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*ptr = strlen(fib->fib_FileName);
data/zip-3.0/amiga/filedate.c:365:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
long len = value ? strlen(value) : 0;
data/zip-3.0/amiga/filedate.c:397:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(put_tz + strlen(put_tz), ":%02d", offset / 60);
data/zip-3.0/amiga/filedate.c:399:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(put_tz + strlen(put_tz), ":%02d", offset % 60);
data/zip-3.0/amiga/stat.c:210:5: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
int umask(void) { return 0; }
data/zip-3.0/amiga/stat.c:243:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(_arg_lin, cp + 1, c);
data/zip-3.0/amiga/stat.c:283:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cp += strlen(cp) + 1;
data/zip-3.0/amiga/z-stat.h:88:5: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
int umask(void);
data/zip-3.0/amiga/zipup.h:19:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define zread(f,b,n) read(f,b,n)
data/zip-3.0/aosvs/aosvs.c:117:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p = malloc(strlen(n)+2)) == NULL)
data/zip-3.0/aosvs/aosvs.c:123:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
a = p + strlen(p);
data/zip-3.0/aosvs/aosvs.c:125:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(a, "/");
data/zip-3.0/aosvs/aosvs.c:137:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((a = malloc(strlen(p) + strlen(e) + 1)) == NULL)
data/zip-3.0/aosvs/aosvs.c:137:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((a = malloc(strlen(p) + strlen(e) + 1)) == NULL)
data/zip-3.0/aosvs/aosvs.c:212:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((n = malloc(strlen(t) + 3)) == NULL)
data/zip-3.0/aosvs/aosvs.c:219:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((n = malloc(strlen(t) + 5)) == NULL)
data/zip-3.0/aosvs/aosvs.c:226:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((n = malloc(strlen(t) + 1)) == NULL)
data/zip-3.0/aosvs/aosvs.c:260:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((x = malloc(strlen(n) + 1 + PAD)) == NULL)
data/zip-3.0/aosvs/aosvs.c:299:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(f);
data/zip-3.0/aosvs/aosvs.c:378:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(znamebuf, z->name, $MXPL);
data/zip-3.0/aosvs/aosvs.c:380:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (znamebuf[strlen(znamebuf)-1] == '/')
data/zip-3.0/aosvs/aosvs.c:381:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
znamebuf[strlen(znamebuf)-1] = '\0';
data/zip-3.0/aosvs/aosvs.c:414:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(zzextrafld.extra_header_id, ZEXTRA_HEADID,
data/zip-3.0/aosvs/aosvs.c:416:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(zzextrafld.extra_sentinel, ZEXTRA_SENTINEL,
data/zip-3.0/aosvs/aosvs.c:444:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aclend = strlen(zzextrafld.aclbuf) + 1;
data/zip-3.0/aosvs/aosvs.c:448:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(zzextrafld.extra_header_id, ZEXTRA_HEADID,
data/zip-3.0/aosvs/aosvs.c:450:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(zzextrafld.extra_sentinel, ZEXTRA_SENTINEL,
data/zip-3.0/aosvs/aosvs.c:628:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(cp_ux, "../", 3);
data/zip-3.0/aosvs/aosvs.c:634:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(cp_ux, "/PER/", 5);
data/zip-3.0/aosvs/aosvs.c:640:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(cp_ux, "./", 2);
data/zip-3.0/api.c:96:9: [1] (buffer) lstrcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Risk is low because the source is a constant
character.
lstrcat(szRootDir, "\\");
data/zip-3.0/api.c:220:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((argVee[i] = (char *) malloc( sizeof(char) * strlen(cmd)+1 )) == NULL)
data/zip-3.0/api.c:312:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((argVee[argCee] = (char *) malloc( sizeof(char) * strlen("wiz.exe")+1 )) == NULL)
data/zip-3.0/api.c:619:10: [1] (buffer) lstrcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Risk is low because the source is a constant
character.
lstrcat(szRootDir, "\\"); /* append trailing \\ */
data/zip-3.0/atari/atari.c:58:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(vol, "/");
data/zip-3.0/atari/atari.c:63:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(vol, dtaptr->dta_name, sizeof(vol)-1);
data/zip-3.0/atari/atari.c:121:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p = a = malloc(strlen(w) + 1)) == NULL)
data/zip-3.0/atari/atari.c:148:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
p = strcat(strcpy(v, p), ":"); /* copy device as path */
data/zip-3.0/atari/atari.c:151:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p, "/");
data/zip-3.0/atari/atari.c:154:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p, ".");
data/zip-3.0/atari/atari.c:169:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
p = strcpy(v, ".");
data/zip-3.0/atari/atari.c:180:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((r = strlen(p)) > 1 &&
data/zip-3.0/atari/atari.c:196:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((n = malloc(strlen(p) + strlen(e) + 2)) == NULL)
data/zip-3.0/atari/atari.c:196:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((n = malloc(strlen(p) + strlen(e) + 2)) == NULL)
data/zip-3.0/atari/atari.c:203:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (n[r = strlen(n) - 1] != '/' && n[r] != ':')
data/zip-3.0/atari/atari.c:204:11: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(n, "/");
data/zip-3.0/atari/atari.c:256:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int l = strlen(path);
data/zip-3.0/atari/atari.c:299:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(fullpath);
data/zip-3.0/atari/atari.c:343:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat( file_arg, "$" ); /* to get things like *.[ch] work */
data/zip-3.0/atari/atari.c:346:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( fullpath, "." );
data/zip-3.0/atari/atari.c:402:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p = malloc(strlen(n)+2)) == NULL)
data/zip-3.0/atari/atari.c:408:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
a = p + strlen(p);
data/zip-3.0/atari/atari.c:410:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(a, "/");
data/zip-3.0/atari/atari.c:422:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((a = malloc(strlen(p) + strlen(e) + 1)) == NULL)
data/zip-3.0/atari/atari.c:422:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((a = malloc(strlen(p) + strlen(e) + 1)) == NULL)
data/zip-3.0/atari/atari.c:473:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((n = malloc(strlen(t) + 1)) == NULL)
data/zip-3.0/atari/atari.c:497:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((x = malloc(strlen(n) + 1 + PAD)) == NULL)
data/zip-3.0/atari/atari.c:537:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(f);
data/zip-3.0/atari/zipup.h:16:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define zread(f,b,n) read(f,b,n)
data/zip-3.0/atheos/atheos.c:110:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p = malloc(strlen(n)+2)) == NULL)
data/zip-3.0/atheos/atheos.c:116:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
a = p + strlen(p);
data/zip-3.0/atheos/atheos.c:118:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(a, "/");
data/zip-3.0/atheos/atheos.c:130:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((a = malloc(strlen(p) + strlen(e) + 1)) == NULL)
data/zip-3.0/atheos/atheos.c:130:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((a = malloc(strlen(p) + strlen(e) + 1)) == NULL)
data/zip-3.0/atheos/atheos.c:194:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((n = malloc(strlen(t) + 1)) == NULL)
data/zip-3.0/atheos/atheos.c:216:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((x = malloc(strlen(n) + 1 + PAD)) == NULL)
data/zip-3.0/atheos/atheos.c:266:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(f);
data/zip-3.0/atheos/atheos.c:440:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
entname_size = strlen( fa_ent->d_name ) + 1;
data/zip-3.0/atheos/atheos.c:842:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nLen = strlen( type );
data/zip-3.0/atheos/zipup.h:19:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define zread(f,b,n) read(f,b,n)
data/zip-3.0/beos/beos.c:146:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p = malloc(strlen(n)+2)) == NULL)
data/zip-3.0/beos/beos.c:152:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
a = p + strlen(p);
data/zip-3.0/beos/beos.c:154:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(a, "/");
data/zip-3.0/beos/beos.c:166:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((a = malloc(strlen(p) + strlen(e) + 1)) == NULL)
data/zip-3.0/beos/beos.c:166:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((a = malloc(strlen(p) + strlen(e) + 1)) == NULL)
data/zip-3.0/beos/beos.c:214:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((n = malloc(strlen(t) + 1)) == NULL)
data/zip-3.0/beos/beos.c:237:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((x = malloc(strlen(n) + 1 + PAD)) == NULL)
data/zip-3.0/beos/beos.c:288:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(f);
data/zip-3.0/beos/beos.c:430:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
this_size = strlen( fa_ent->d_name ) + 1;
data/zip-3.0/beos/beos.c:453:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr += strlen( fa_ent->d_name );
data/zip-3.0/beos/beos.c:869:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fa.size = (off_t)(strlen( type ) + 1);
data/zip-3.0/beos/beos.c:892:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(d);
data/zip-3.0/beos/zipup.h:16:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define zread(f,b,n) read(f,b,n)
data/zip-3.0/cmsmvs/cmsmvs.c:94:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((n = malloc(strlen(t) + 1)) == NULL)
data/zip-3.0/cmsmvs/cmsmvs.c:103:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int l = strlen(n) - 2;
data/zip-3.0/cmsmvs/cmsmvs.c:119:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(t,".");
data/zip-3.0/cmsmvs/cmsmvs.c:160:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((x = malloc(strlen(n) + 1 + PAD)) == NULL)
data/zip-3.0/cmsmvs/cmsmvs.h:63:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define getch() getc(stdin)
data/zip-3.0/cmsmvs/mvs.c:179:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p = malloc(strlen(n)+2)) == NULL)
data/zip-3.0/cmsmvs/mvs.c:185:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
a = p + strlen(p);
data/zip-3.0/cmsmvs/mvs.c:187:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(a, "/");
data/zip-3.0/cmsmvs/mvs.c:199:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((a = malloc(strlen(p) + strlen(e) + 1)) == NULL)
data/zip-3.0/cmsmvs/mvs.c:199:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((a = malloc(strlen(p) + strlen(e) + 1)) == NULL)
data/zip-3.0/crypt.c:288:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((c = getc(in_file)) == EOF) {
data/zip-3.0/crypt.c:369:19: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((c1 = getc(in_file)) == EOF) {
data/zip-3.0/crypt.c:408:19: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((c1 = getc(in_file)) == EOF) {
data/zip-3.0/crypt.c:514:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((GLOBAL(key) = (char *)malloc(strlen(passwrd)+1)) ==
data/zip-3.0/crypt.c:577:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((key_translated = malloc(strlen(GLOBAL(key)) + 1)) == (char *)NULL)
data/zip-3.0/crypt.c:590:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((key_translated = malloc(strlen(GLOBAL(key)) + 1)) == (char *)NULL)
data/zip-3.0/crypt.h:157:34: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(encrypted? update_keys(__G__ getc(G.in)^decrypt_byte(__G)) : getc(G.in))
data/zip-3.0/crypt.h:157:66: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(encrypted? update_keys(__G__ getc(G.in)^decrypt_byte(__G)) : getc(G.in))
data/zip-3.0/fileio.c:116:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = getc(fp)) == '\n' || c == '\r')
data/zip-3.0/fileio.c:124:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(fp);
data/zip-3.0/fileio.c:140:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p = malloc(strlen(name) + 1)) == NULL) {
data/zip-3.0/fileio.c:685:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((z->name = malloc(strlen(name) + 1 + PAD)) == NULL) {
data/zip-3.0/fileio.c:714:40: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((z->namew = (wchar_t *)malloc((wcslen(namew) + 1) * sizeof(wchar_t))) == NULL) {
data/zip-3.0/fileio.c:780:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(f->name = malloc(strlen(name) + 1 + PAD)) == NULL)
data/zip-3.0/fileio.c:804:40: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((f->namew = (wchar_t *)malloc((wcslen(namew) + 1) * sizeof(wchar_t))) == NULL) {
data/zip-3.0/fileio.c:936:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((oname = malloc(strlen(zname) + 1)) == NULL)
data/zip-3.0/fileio.c:954:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((z->name = malloc(strlen(name) + 1 + PAD)) == NULL) {
data/zip-3.0/fileio.c:1030:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(f->name = malloc(strlen(name) + 1 + PAD)) == NULL)
data/zip-3.0/fileio.c:1335:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((t = malloc(strlen(tempath) + L_tmpnam + 2)) == NULL)
data/zip-3.0/fileio.c:1351:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int l1 = strlen(t);
data/zip-3.0/fileio.c:1358:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int l2 = strlen(tempath);
data/zip-3.0/fileio.c:1402:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(tptr, zip, _min(FILENAME_MAX, (zptr - zip)) ); /* temp subvol */
data/zip-3.0/fileio.c:1403:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(t, zip, _min(NAMELEN, ((zptr - zip) + 1)) ); /* temp stem */
data/zip-3.0/fileio.c:1406:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = t + strlen(t); /* point to end of stem */
data/zip-3.0/fileio.c:1440:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((t = malloc(strlen(tempath) + 12)) == NULL)
data/zip-3.0/fileio.c:1449:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(t, "/");
data/zip-3.0/fileio.c:1457:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(t, "/");
data/zip-3.0/fileio.c:1462:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(t, ".");
data/zip-3.0/fileio.c:1467:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(t, "_");
data/zip-3.0/fileio.c:1470:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(t, "/");
data/zip-3.0/fileio.c:1485:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *p = t + strlen(t);
data/zip-3.0/fileio.c:1859:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((split_path = malloc(strlen(in_path) + 1)) == NULL) {
data/zip-3.0/fileio.c:1906:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((split_path = malloc(strlen(in_path) + 1)) == NULL) {
data/zip-3.0/fileio.c:2049:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((split_dir = malloc(strlen(in_path) + 40)) == NULL) {
data/zip-3.0/fileio.c:2055:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen(split_dir) - 1; i >= 0; i--) {
data/zip-3.0/fileio.c:2066:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((archive_name = malloc(strlen(in_path) + 1)) == NULL) {
data/zip-3.0/fileio.c:2069:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(in_path) == strlen(split_dir)) {
data/zip-3.0/fileio.c:2069:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(in_path) == strlen(split_dir)) {
data/zip-3.0/fileio.c:2072:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(archive_name, in_path + strlen(split_dir));
data/zip-3.0/fileio.c:2076:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((split_name = malloc(strlen(split_path) + 1)) == NULL) {
data/zip-3.0/fileio.c:2079:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(in_path) == strlen(split_dir)) {
data/zip-3.0/fileio.c:2079:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(in_path) == strlen(split_dir)) {
data/zip-3.0/fileio.c:2082:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(split_name, split_path + strlen(split_dir));
data/zip-3.0/fileio.c:2166:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf) > 0) {
data/zip-3.0/fileio.c:2174:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen(buf); i >= 0; i--) {
data/zip-3.0/fileio.c:2189:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(archive_name);
data/zip-3.0/fileio.c:2191:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((in_path = malloc(strlen(archive_name) + 40)) == NULL) {
data/zip-3.0/fileio.c:2198:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen(buf); i >= 0; i--) {
data/zip-3.0/fileio.c:2207:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((in_path = malloc(strlen(buf) + strlen(archive_name) + 40)) == NULL) {
data/zip-3.0/fileio.c:2207:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((in_path = malloc(strlen(buf) + strlen(archive_name) + 40)) == NULL) {
data/zip-3.0/fileio.c:2220:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((split_dir = malloc(strlen(in_path) + 40)) == NULL) {
data/zip-3.0/fileio.c:2225:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen(split_dir); i >= 0; i--) {
data/zip-3.0/fileio.c:2289:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((split_dir = malloc(strlen(out_path) + 40)) == NULL) {
data/zip-3.0/fileio.c:2295:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen(split_dir); i >= 0; i--) {
data/zip-3.0/fileio.c:2304:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((split_name = malloc(strlen(out_path) + 1)) == NULL) {
data/zip-3.0/fileio.c:2307:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(out_path) == strlen(split_dir)) {
data/zip-3.0/fileio.c:2307:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(out_path) == strlen(split_dir)) {
data/zip-3.0/fileio.c:2310:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(split_name, out_path + strlen(split_dir));
data/zip-3.0/fileio.c:2332:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf) > 0) {
data/zip-3.0/fileio.c:2340:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen(buf); i >= 0; i--) {
data/zip-3.0/fileio.c:2355:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(split_name);
data/zip-3.0/fileio.c:2357:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((out_path = malloc(strlen(split_name) + 40)) == NULL) {
data/zip-3.0/fileio.c:2364:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen(buf); i >= 0; i--) {
data/zip-3.0/fileio.c:2373:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((out_path = malloc(strlen(buf) + strlen(split_name) + 40)) == NULL) {
data/zip-3.0/fileio.c:2373:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((out_path = malloc(strlen(buf) + strlen(split_name) + 40)) == NULL) {
data/zip-3.0/fileio.c:2382:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((split_dir = malloc(strlen(out_path) + 40)) == NULL) {
data/zip-3.0/fileio.c:2387:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen(split_dir); i >= 0; i--) {
data/zip-3.0/fileio.c:2393:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((split_name = malloc(strlen(out_path) + 1)) == NULL) {
data/zip-3.0/fileio.c:2396:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(split_name, out_path + strlen(split_dir));
data/zip-3.0/fileio.c:2436:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((split_path = malloc(strlen(base_path) + 1)) == NULL) {
data/zip-3.0/fileio.c:2450:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
base_len = strlen(base_path) - 3;
data/zip-3.0/fileio.c:2451:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
path_len = base_len + strlen(ext);
data/zip-3.0/fileio.c:2458:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vers_len = strlen( vers_ptr);
data/zip-3.0/fileio.c:2511:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
base_len = strlen(base_path) - 3;
data/zip-3.0/fileio.c:2512:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
path_len = base_len + strlen(ext);
data/zip-3.0/fileio.c:2519:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vers_len = strlen( vers_ptr);
data/zip-3.0/fileio.c:2695:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((tempzip = malloc(strlen(tempath) + 12)) == NULL) {
data/zip-3.0/fileio.c:2700:15: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tempzip, "/");
data/zip-3.0/fileio.c:2705:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((tempzip = malloc(strlen(zipfile) + 12)) == NULL) {
data/zip-3.0/fileio.c:2709:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i = strlen(tempzip); i > 0; i--) {
data/zip-3.0/fileio.c:3018:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(utf8buf + count, mb, c);
data/zip-3.0/fileio.c:3063:15: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wchar_len = wcslen(wchar_string);
data/zip-3.0/fileio.c:3173:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(r, "#");
data/zip-3.0/fileio.c:3177:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(r, "U");
data/zip-3.0/fileio.c:3180:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(r, "L");
data/zip-3.0/fileio.c:3208:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(e);
data/zip-3.0/fileio.c:3318:9: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(buffer, buf, b);
data/zip-3.0/fileio.c:3327:7: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(buffer, buf, b);
data/zip-3.0/fileio.c:3341:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((local_string = (char *)malloc(strlen(buffer) + 1)) == NULL) {
data/zip-3.0/fileio.c:3384:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((escape_string = (char *)malloc(strlen(buffer) + 1)) == NULL) {
data/zip-3.0/fileio.c:3415:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((temp_string = (char *)malloc(2 * strlen(local_string) + 1)) == NULL) {
data/zip-3.0/fileio.c:3446:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((ebc = malloc(strlen(display_string) + 1)) == NULL) {
data/zip-3.0/fileio.c:3455:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((display_string = (char *)malloc(strlen(temp_string) + 1)) == NULL) {
data/zip-3.0/fileio.c:3505:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wsize = mbstowcs(wc_string, local_string, strlen(local_string) + 1);
data/zip-3.0/fileio.c:3799:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((new_args[j] = malloc(strlen(args[j]) + 1)) == NULL) {
data/zip-3.0/fileio.c:3884:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((newarg = (char *) malloc(strlen(arg) + 1)) == NULL) {
data/zip-3.0/fileio.c:4076:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(*value, start, (int)(s - start));
data/zip-3.0/fileio.c:4092:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((*value = (char *)malloc(strlen(arg + (*optchar) + clen) + 1))
data/zip-3.0/fileio.c:4101:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((*value = (char *)malloc(strlen(args[argnum + 1]) + 1)) == NULL) {
data/zip-3.0/fileio.c:4118:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((*value = (char *)malloc(strlen(arg + (*optchar) + clen) + 1))
data/zip-3.0/fileio.c:4127:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((*value = (char *)malloc(strlen(args[argnum + 1]) + 1)) == NULL) {
data/zip-3.0/fileio.c:4197:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((arg = (char *)malloc(strlen(args[argnum]) + 1)) == NULL) {
data/zip-3.0/fileio.c:4234:70: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (options[op].longopt && strncmp(options[op].longopt, longopt, strlen(longopt)) == 0) {
data/zip-3.0/fileio.c:4281:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((*value = (char *)malloc(strlen(valuestart) + 1)) == NULL) {
data/zip-3.0/fileio.c:4294:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((*value = (char *)malloc(strlen(valuestart) + 1)) == NULL) {
data/zip-3.0/fileio.c:4302:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((*value = (char *)malloc(strlen(args[argnum + 1]) + 1)) == NULL) {
data/zip-3.0/fileio.c:4632:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((*value = (char *)malloc(strlen(arg) + 1)) == NULL) {
data/zip-3.0/fileio.c:4705:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((*value = (char *)malloc(strlen(args[argn]) + 1)) == NULL) {
data/zip-3.0/fileio.c:4759:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((*value = (char *)malloc(strlen(args[argn]) + 1)) == NULL) {
data/zip-3.0/fileio.c:4785:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((*value = (char *)malloc(strlen(arg) + 1)) == NULL) {
data/zip-3.0/fileio.c:4827:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((*value = (char *)malloc(strlen(arg) + 1)) == NULL) {
data/zip-3.0/fileio.c:4883:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((*value = (char *)malloc(strlen(arg) + 1)) == NULL) {
data/zip-3.0/human68k/human68k.c:48:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((name = malloc(strlen(w) + 1)) == NULL) {
data/zip-3.0/human68k/human68k.c:121:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p = malloc(strlen(n)+2)) == NULL)
data/zip-3.0/human68k/human68k.c:127:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
a = p + strlen(p);
data/zip-3.0/human68k/human68k.c:129:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(a, "/");
data/zip-3.0/human68k/human68k.c:141:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((a = malloc(strlen(p) + strlen(e) + 1)) == NULL)
data/zip-3.0/human68k/human68k.c:141:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((a = malloc(strlen(p) + strlen(e) + 1)) == NULL)
data/zip-3.0/human68k/human68k.c:187:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((n = malloc(strlen(t) + 1)) == NULL)
data/zip-3.0/human68k/human68k.c:206:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((x = malloc(strlen(n) + 1 + PAD)) == NULL)
data/zip-3.0/human68k/human68k.c:245:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(f);
data/zip-3.0/human68k/zipup.h:13:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define zread(f,b,n) read(f,b,n)
data/zip-3.0/macos/ZipLib.h:32:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#undef getc
data/zip-3.0/macos/ZipLib.h:33:8: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#undef getchar
data/zip-3.0/macos/ZipLib.h:145:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s_i = strlen((str2)); \
data/zip-3.0/macos/ZipLib.h:150:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s_i = strlen((str1)); \
data/zip-3.0/macos/ZipSx.h:32:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#undef getc
data/zip-3.0/macos/ZipSx.h:33:8: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#undef getchar
data/zip-3.0/macos/ZipSx.h:146:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s_i = strlen((str2)); \
data/zip-3.0/macos/ZipSx.h:151:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s_i = strlen((str1)); \
data/zip-3.0/macos/osdep.h:74:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#undef getc
data/zip-3.0/macos/osdep.h:75:8: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#undef getchar
data/zip-3.0/macos/source/extrafld.c:757:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FLength = strlen(temp_Pathname) + 1;
data/zip-3.0/macos/source/extrafld.c:761:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
err = FSpLocationFromFullPath(strlen(MacZip.FullPath), MacZip.FullPath,
data/zip-3.0/macos/source/extrafld.c:771:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CLength = strlen(tmp_buffer) + 1;
data/zip-3.0/macos/source/getenv.c:140:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(file);
data/zip-3.0/macos/source/getenv.c:246:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned short length = strlen(line);
data/zip-3.0/macos/source/getenv.c:257:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(Env->key) < length)
data/zip-3.0/macos/source/getenv.c:308:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(Env1->value) > 0)
data/zip-3.0/macos/source/helpers.c:78:1: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cstr, (char *) &pstr[1], *pstr);
data/zip-3.0/macos/source/helpers.c:90:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(to, from, 1+strlen(from));
data/zip-3.0/macos/source/helpers.c:96:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sstrcpy(to + strlen(to), from);
data/zip-3.0/macos/source/macopen.c:187:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(path) == 0))
data/zip-3.0/macos/source/macopen.c:296:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FSpLocationFromFullPath(strlen(path),path, &spec);
data/zip-3.0/macos/source/macos.c:271:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(path) == 0))
data/zip-3.0/macos/source/macos.c:410:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((internalFilen = malloc(strlen(t) + 10 + strlen(ResourceMark) )) == NULL)
data/zip-3.0/macos/source/macos.c:410:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((internalFilen = malloc(strlen(t) + 10 + strlen(ResourceMark) )) == NULL)
data/zip-3.0/macos/source/macos.c:549:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((x = malloc(strlen(n) + 1)) == NULL)
data/zip-3.0/macos/source/macos.c:607:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(f) == 0) return 0;
data/zip-3.0/macos/source/macos.c:675:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmpPtr2 += strlen(tmpPtr1);
data/zip-3.0/macos/source/macos.c:683:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmpPtr2 += strlen(tmpPtr1);
data/zip-3.0/macos/source/macos.c:694:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmpPtr2 += strlen(tmpPtr1);
data/zip-3.0/macos/source/macos.c:701:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmpPtr2 += strlen(tmpPtr1);
data/zip-3.0/macos/source/pathname.c:110:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (unsigned short) strlen(VolumeName);
data/zip-3.0/macos/source/pathname.c:128:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned short namelen, pathlen = strlen(ExtractPath);
data/zip-3.0/macos/source/pathname.c:143:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namelen = strlen(namePtr);
data/zip-3.0/macos/source/pathname.c:145:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namelen = strlen(ExtractPath);
data/zip-3.0/macos/source/pathname.c:168:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ext_length = strlen(last_dotpos);
data/zip-3.0/macos/source/pathname.c:201:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned short namelen, pathlen = strlen(thePath);
data/zip-3.0/macos/source/pathname.c:212:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namelen = strlen(namePtr);
data/zip-3.0/macos/source/pathname.c:496:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(RealFn); /* determine Fork type */
data/zip-3.0/macos/source/pathname.c:516:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(RfDfFilen) > (sizeof(ResourceMark) - 1))
data/zip-3.0/macos/source/pathname.c:661:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CompletePath[strlen(CompletePath)-1] = '\0';
data/zip-3.0/macos/source/pathname.c:665:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pathlen = strlen(CompletePath);
data/zip-3.0/macos/source/pathname.c:680:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned long full_length = strlen(LongFilename);
data/zip-3.0/macos/source/pathname.c:699:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ext_length = strlen(last_dotpos);
data/zip-3.0/macos/source/pathname.c:711:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
num_to_cut += strlen(charnum);
data/zip-3.0/macos/source/unixlike.c:104:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(MacZip.FullPath, *hFullPath, fullPathLength);
data/zip-3.0/macos/zipup.h:20:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define zread(f,b,n) read(f,b,n)
data/zip-3.0/msdos/msdos.c:124:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p = malloc(strlen(name) + (2 + sizeof(wild_match_all)))) == NULL)
data/zip-3.0/msdos/msdos.c:128:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
q = p + strlen(p);
data/zip-3.0/msdos/msdos.c:157:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(vol, "/");
data/zip-3.0/msdos/msdos.c:161:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(vol, d.ff_name, sizeof(vol)-1);
data/zip-3.0/msdos/msdos.c:203:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name = wildtail + strlen(wildtail) - 1;
data/zip-3.0/msdos/msdos.c:227:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newlen = strlen(whole) + strlen(subwild) + (ONENAMELEN + 2);
data/zip-3.0/msdos/msdos.c:227:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newlen = strlen(whole) + strlen(subwild) + (ONENAMELEN + 2);
data/zip-3.0/msdos/msdos.c:229:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newlen = strlen(whole) + (ONENAMELEN + 1);
data/zip-3.0/msdos/msdos.c:237:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newlen = strlen(newwhole);
data/zip-3.0/msdos/msdos.c:250:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name = newwhole + strlen(newwhole);
data/zip-3.0/msdos/msdos.c:297:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p = malloc(strlen(w) + 2)) == NULL)
data/zip-3.0/msdos/msdos.c:316:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(q, ".");
data/zip-3.0/msdos/msdos.c:367:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = malloc(strlen(n) + 1);
data/zip-3.0/msdos/msdos.c:399:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p = malloc(strlen(n)+2)) == NULL)
data/zip-3.0/msdos/msdos.c:405:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
a = p + strlen(p);
data/zip-3.0/msdos/msdos.c:407:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(a, "/");
data/zip-3.0/msdos/msdos.c:430:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((a = malloc(strlen(p) + strlen(e) + 1)) == NULL)
data/zip-3.0/msdos/msdos.c:430:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((a = malloc(strlen(p) + strlen(e) + 1)) == NULL)
data/zip-3.0/msdos/msdos.c:508:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((n = malloc(strlen(t) + 1)) == NULL)
data/zip-3.0/msdos/msdos.c:533:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((x = malloc(strlen(n) + 1 + PAD)) == NULL)
data/zip-3.0/msdos/msdos.c:584:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(f);
data/zip-3.0/msdos/msdos.c:977:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned namlen = strlen(name);
data/zip-3.0/msdos/msdos.c:1120:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newname[strlen(path) - 1] = '\\'; /* stat(".") fails for root! */
data/zip-3.0/msdos/zipup.h:13:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define zread(f,b,n) read(f,b,n)
data/zip-3.0/novell/Netware.c:181:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (szzipfile, "/");
data/zip-3.0/novell/Netware.c:221:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (szzipfile, "/");
data/zip-3.0/novell/Netware.c:301:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((n = malloc(strlen(p) + strlen(e) + 2)) == NULL)
data/zip-3.0/novell/Netware.c:301:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((n = malloc(strlen(p) + strlen(e) + 2)) == NULL)
data/zip-3.0/novell/Netware.c:308:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (n[r = strlen(n) - 1] != '/' && n[r] != ':')
data/zip-3.0/novell/Netware.c:309:11: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(n, "/");
data/zip-3.0/novell/Netware.c:380:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p = malloc(strlen(n)+2)) == NULL)
data/zip-3.0/novell/Netware.c:386:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
a = p + strlen(p);
data/zip-3.0/novell/Netware.c:388:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(a, "/");
data/zip-3.0/novell/Netware.c:455:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p = malloc(strlen(n)+2)) == NULL)
data/zip-3.0/novell/Netware.c:461:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
a = p + strlen(p);
data/zip-3.0/novell/Netware.c:463:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(a, "/");
data/zip-3.0/novell/Netware.c:475:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((a = malloc(strlen(p) + strlen(e) + 1)) == NULL)
data/zip-3.0/novell/Netware.c:475:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((a = malloc(strlen(p) + strlen(e) + 1)) == NULL)
data/zip-3.0/novell/Netware.c:525:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(szp) == 0) {
data/zip-3.0/novell/Netware.c:564:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sztUpper = malloc (strlen(t) + 10);
data/zip-3.0/novell/Netware.c:568:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp (sztUpper, szRelativ, strlen(szRelativ)) == 0) {
data/zip-3.0/novell/Netware.c:569:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = t + strlen(szRelativ);
data/zip-3.0/novell/Netware.c:582:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = t + strlen(szRelativ);
data/zip-3.0/novell/Netware.c:590:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((n = malloc(strlen(t) + 1)) == NULL)
data/zip-3.0/novell/Netware.c:612:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((x = malloc(strlen(n) + 1 + PAD)) == NULL)
data/zip-3.0/novell/Netware.c:653:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(f);
data/zip-3.0/novell/Netware.c:722:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(f), isstdin = !strcmp(f, "-");
data/zip-3.0/novell/Netware.c:962:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newname[strlen(path) - 1] = '\\'; /* stat(".") fails for root! */
data/zip-3.0/novell/zipup.h:13:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define zread(f,b,n) read(f,b,n)
data/zip-3.0/os2/os2.c:81:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p = a = malloc(strlen(w) + 1)) == NULL)
data/zip-3.0/os2/os2.c:86:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r = strlen(p);
data/zip-3.0/os2/os2.c:113:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
p = strcat(strcpy(v, p), ":"); /* copy device as path */
data/zip-3.0/os2/os2.c:116:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p, "/");
data/zip-3.0/os2/os2.c:119:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p, ".");
data/zip-3.0/os2/os2.c:134:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
p = strcpy(v, ".");
data/zip-3.0/os2/os2.c:145:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((r = strlen(p)) > 1 &&
data/zip-3.0/os2/os2.c:161:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((n = malloc(strlen(p) + strlen(e) + 2)) == NULL)
data/zip-3.0/os2/os2.c:161:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((n = malloc(strlen(p) + strlen(e) + 2)) == NULL)
data/zip-3.0/os2/os2.c:168:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (n[r = strlen(n) - 1] != '/' && n[r] != ':')
data/zip-3.0/os2/os2.c:169:11: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(n, "/");
data/zip-3.0/os2/os2.c:240:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p = malloc(strlen(n)+2)) == NULL)
data/zip-3.0/os2/os2.c:246:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
a = p + strlen(p);
data/zip-3.0/os2/os2.c:248:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(a, "/");
data/zip-3.0/os2/os2.c:260:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((a = malloc(strlen(p) + strlen(e) + 1)) == NULL)
data/zip-3.0/os2/os2.c:260:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((a = malloc(strlen(p) + strlen(e) + 1)) == NULL)
data/zip-3.0/os2/os2.c:335:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((n = malloc(strlen(t) + 1)) == NULL)
data/zip-3.0/os2/os2.c:356:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((x = malloc(strlen(n) + 1 + PAD)) == NULL)
data/zip-3.0/os2/os2.c:392:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int len = strlen(f);
data/zip-3.0/os2/os2acl.c:255:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cwdlen = strlen(cwd);
data/zip-3.0/os2/os2acl.c:264:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer, cwd, 2);
data/zip-3.0/os2/os2acl.c:272:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buffer, "/");
data/zip-3.0/os2/os2acl.c:304:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(text);
data/zip-3.0/os2/os2acl.c:350:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(al[cnt].acl_ugname, ptr, ptr2 - ptr);
data/zip-3.0/os2/os2zip.c:103:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((len = strlen(nbuf)) == 0)
data/zip-3.0/os2/os2zip.c:120:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(nbuf+len, ".");
data/zip-3.0/os2/os2zip.c:137:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(nbuf+len, "*");
data/zip-3.0/os2/os2zip.c:152:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((dp -> _d_entry = malloc(strlen(s) + 1)) == NULL) )
data/zip-3.0/os2/os2zip.c:198:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(strcpy(dp.d_name, dirp -> dd_cp -> _d_entry));
data/zip-3.0/os2/os2zip.c:530:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gealst.cbName = (BYTE) strlen((char *) gealst.szName);
data/zip-3.0/os2/os2zip.c:564:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tempbuf, name, CCHMAXPATH);
data/zip-3.0/os2/os2zip.c:584:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(nbuf, "\\");
data/zip-3.0/os2/os2zip.c:642:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nLength = strlen(szName);
data/zip-3.0/os2/os2zip.c:674:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nLength = sizeof(GEA2) + strlen(pGEA -> szName);
data/zip-3.0/os2/os2zip.c:798:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nLength = strlen(szName);
data/zip-3.0/os2/os2zip.c:826:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nLength = strlen(pFound -> szName);
data/zip-3.0/os2/os2zip.c:934:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bytes = strlen(buffer);
data/zip-3.0/os2/zipup.h:13:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define zread(f,b,n) read(f,b,n)
data/zip-3.0/qdos/qdos.c:237:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
q = path + strlen(path);
data/zip-3.0/qdos/qdos.c:297:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
deflen = strlen(defpath);
data/zip-3.0/qdos/qdos.c:413:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nlen = strlen(dnam);
data/zip-3.0/qdos/qdos.c:416:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (p, dnam, nlen);
data/zip-3.0/qdos/qdos.c:454:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (ddev, dnam, 5);
data/zip-3.0/qdos/qdos.c:464:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
llen = strlen(temp);
data/zip-3.0/qdos/qdos.c:472:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (ddev, temp, 5);
data/zip-3.0/qdos/qdos.c:531:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (p, qd.d_name, qd.d_szname);
data/zip-3.0/qdos/qdos.c:545:21: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (nam + 5, qd.d_name, qd.d_szname);
data/zip-3.0/qdos/qdos.c:647:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fd, &ntc, 8);
data/zip-3.0/qdos/qdos.c:651:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nl = strlen(name);
data/zip-3.0/qdos/qfileio.c:108:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((n = malloc(strlen(t) + 1)) == NULL)
data/zip-3.0/qdos/qfileio.c:128:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((x = malloc(strlen(n) + 1 + PAD)) == NULL)
data/zip-3.0/qdos/qfileio.c:167:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(f);
data/zip-3.0/qdos/zipup.h:16:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define zread(f,b,n) read(f,b,n)
data/zip-3.0/tailor.h:360:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define lastchar(ptr) ((*(ptr)=='\0') ? '\0' : ptr[strlen(ptr)-1])
data/zip-3.0/tandem/tandem.c:52:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((x = malloc(strlen(n) + 4)) == NULL) /* + 4 for safety */
data/zip-3.0/tandem/tandem.c:86:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
y = x + strlen(x);
data/zip-3.0/tandem/tandem.c:100:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
z = t + strlen(t);
data/zip-3.0/tandem/tandem.c:137:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
y = x + strlen(x);
data/zip-3.0/tandem/tandem.c:284:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(fname);
data/zip-3.0/tandem/tandem.c:291:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(fname);
data/zip-3.0/tandem/tandem.c:315:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
unsigned read : 3;
data/zip-3.0/tandem/tandem.c:360:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(fname);
data/zip-3.0/tandem/tandem.c:401:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(fname);
data/zip-3.0/tandem/tandem.c:457:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(ext, fptr, _min(EXTENSION_MAX, strlen(fptr)));
data/zip-3.0/tandem/tandem.c:457:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(ext, fptr, _min(EXTENSION_MAX, strlen(fptr)));
data/zip-3.0/tandem/tandem.c:460:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(fname, fstart, _min(FILENAME_MAX, (fptr - fstart)));
data/zip-3.0/tandem/tandem.c:464:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(fname, srce, _min(FILENAME_MAX, strlen(srce)));
data/zip-3.0/tandem/tandem.c:464:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(fname, srce, _min(FILENAME_MAX, strlen(srce)));
data/zip-3.0/tandem/tandem.c:578:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fnamelen = strlen(fname);
data/zip-3.0/tandem/tandem.c:788:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snamelen = strlen(sname);
data/zip-3.0/tandem/tandem.c:844:6: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(dirp->D_curpos->d_name,fname,fnamelen);
data/zip-3.0/tandem/tandem.h:185:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
unsigned read : 3;
data/zip-3.0/tandem/tanzip.c:96:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(fname);
data/zip-3.0/tandem/tanzip.c:157:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(fname);
data/zip-3.0/tandem/tanzip.c:435:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p = malloc(strlen(n)+4)) == NULL)
data/zip-3.0/tandem/tanzip.c:492:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((n = malloc(strlen(t) + 4)) == NULL) /* + 4 for safety */
data/zip-3.0/tandem/tanzip.c:511:7: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(n,t,(p - t));
data/zip-3.0/theos/_setargv.c:98:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path, q, p-q+1);
data/zip-3.0/theos/_stat.c:38:9: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask |= S_IWUSR|S_IWGRP;
data/zip-3.0/theos/_stat.c:41:9: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask |= S_IXUSR|S_IXGRP;
data/zip-3.0/theos/_stat.c:44:9: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask |= S_IEUSR|S_IEGRP;
data/zip-3.0/theos/_stat.c:48:13: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask |= S_IROTH|S_IXOTH;
data/zip-3.0/theos/_stat.c:50:13: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask |= S_IROTH;
data/zip-3.0/theos/_stat.c:54:9: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask |= S_IWOTH;
data/zip-3.0/theos/_stat.c:58:13: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask |= S_IMODF;
data/zip-3.0/theos/_stat.c:60:13: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask |= S_IXOTH;
data/zip-3.0/theos/_stat.c:64:9: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask |= S_INHID;
data/zip-3.0/theos/_stat.c:66:12: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
return umask;
data/zip-3.0/theos/_stat.c:167:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(drive, q, 2);
data/zip-3.0/theos/_stat.c:453:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (dirpath && (l = strlen(dirpath))) {
data/zip-3.0/theos/theos.c:117:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(drive, p, 2);
data/zip-3.0/theos/theos.c:173:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((path = malloc(strlen(n) + 2)) == NULL)
data/zip-3.0/theos/theos.c:218:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((path = malloc(strlen(n) + 2)) == NULL)
data/zip-3.0/theos/theos.c:232:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(path, "/");
data/zip-3.0/theos/theos.c:259:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((a = malloc(strlen(e) + 1)) == NULL)
data/zip-3.0/theos/theos.c:281:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p = malloc(strlen(n)+2)) == NULL)
data/zip-3.0/theos/theos.c:287:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
a = p + strlen(p);
data/zip-3.0/theos/theos.c:289:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(a, "/");
data/zip-3.0/theos/theos.c:301:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((a = malloc(strlen(p) + strlen(e) + 1)) == NULL)
data/zip-3.0/theos/theos.c:301:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((a = malloc(strlen(p) + strlen(e) + 1)) == NULL)
data/zip-3.0/theos/theos.c:348:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((n = malloc(strlen(t) + 1)) == NULL)
data/zip-3.0/theos/theos.c:373:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((x = malloc(strlen(n) + 1 + PAD)) == NULL)
data/zip-3.0/theos/theos.c:414:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(f);
data/zip-3.0/theos/theos.c:502:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = &z->name[strlen(z->name) - 1];
data/zip-3.0/theos/zipup.h:16:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define zread(f,b,n) read(f,b,n)
data/zip-3.0/timezone.c:468:12: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy(cp, stdname, stdlen);
data/zip-3.0/timezone.c:472:16: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy(cp, dstname, dstlen);
data/zip-3.0/timezone.c:499:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
old_TZstring = realloc(old_TZstring, strlen(TZstring) + 1);
data/zip-3.0/timezone.c:501:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
old_TZstring = malloc(strlen(TZstring) + 1);
data/zip-3.0/tops20/tops20.c:68:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((p = (char *)malloc((m = strlen(n)) + 4)) == NULL)) {
data/zip-3.0/tops20/tops20.c:143:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((fp = (char *)malloc(strlen(fname) + 1)) == NULL) {
data/zip-3.0/tops20/tops20.c:205:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = malloc(strlen(n) + 1);
data/zip-3.0/tops20/tops20.c:275:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((fp = (char *)malloc(strlen(fname) + 1)) == NULL) {
data/zip-3.0/tops20/tops20.c:297:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((n = malloc(strlen(t) + 1)) == NULL)
data/zip-3.0/tops20/tops20.c:327:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(n, p, (c=strlen(p))) == 0)
data/zip-3.0/tops20/tops20.c:340:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strcmp((t=n+strlen(n)-6), ".dir;1"))
data/zip-3.0/tops20/tops20.c:343:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(t, "/");
data/zip-3.0/tops20/tops20.c:372:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((x = malloc(strlen(n) + 1 + PAD)) == NULL)
data/zip-3.0/tops20/tops20.c:378:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((x = malloc(strlen(n) + 3 + PAD)) == NULL)
data/zip-3.0/tops20/tops20.c:427:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(f);
data/zip-3.0/tops20/zipup.h:15:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define zread(f,b,n) read(f,b,n)
data/zip-3.0/ttyio.c:460:5: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(f, &c, 1); /* read our character */
data/zip-3.0/ttyio.c:494:5: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(f, &c, 1);
data/zip-3.0/ttyio.c:497:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(f, &c2, 1); /* throw away all other chars up thru newline */
data/zip-3.0/ttyio.c:628:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(f, &c, 1);
data/zip-3.0/ttyio.c:681:28: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((c = (char)getc(f)) == '\r')
data/zip-3.0/ttyio.h:149:19: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
# define getch() getchar() /* not correct, but may not be on a console */
data/zip-3.0/unix/unix.c:164:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p = malloc(strlen(n)+2)) == NULL)
data/zip-3.0/unix/unix.c:170:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
a = p + strlen(p);
data/zip-3.0/unix/unix.c:172:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(a, "/");
data/zip-3.0/unix/unix.c:184:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((a = malloc(strlen(p) + strlen(e) + 1)) == NULL)
data/zip-3.0/unix/unix.c:184:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((a = malloc(strlen(p) + strlen(e) + 1)) == NULL)
data/zip-3.0/unix/unix.c:266:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((n = malloc(strlen(t) + 1)) == NULL)
data/zip-3.0/unix/unix.c:292:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((x = malloc(strlen(n) + 1 + PAD)) == NULL)
data/zip-3.0/unix/unix.c:347:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(f);
data/zip-3.0/unix/unix.c:573:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(z->name);
data/zip-3.0/unix/unix.c:701:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(d);
data/zip-3.0/unix/zipup.h:21:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define zread(f,b,n) read(f,b,n)
data/zip-3.0/util.c:196:22: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
swrest = sw + (wcslen(sw) - wcslen(pw));
data/zip-3.0/util.c:196:35: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
swrest = sw + (wcslen(sw) - wcslen(pw));
data/zip-3.0/util.c:363:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
srest = s + (strlen(s) - strlen(p));
data/zip-3.0/util.c:363:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
srest = s + (strlen(s) - strlen(p));
data/zip-3.0/util.c:514:34: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((sw1 = (wchar_t *)malloc((wcslen(sw) + 2) * sizeof(wchar_t))) != NULL))
data/zip-3.0/util.c:517:5: [1] (buffer) wcscat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Risk is low because the source is a constant
character.
wcscat(sw1, L".");
data/zip-3.0/util.c:545:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((s1 = malloc(strlen(s) + 2)) != NULL))
data/zip-3.0/util.c:548:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(s1, ".");
data/zip-3.0/util.c:832:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bufptr = malloc(1 + strlen(envptr));
data/zip-3.0/util.c:1123:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat( fmt, ".");
data/zip-3.0/util.c:1134:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat( fmt, "d"); /* Default radix = decimal. */
data/zip-3.0/util.c:1172:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat( fmt, ".");
data/zip-3.0/util.c:1183:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat( fmt, "u"); /* Default radix = decimal. */
data/zip-3.0/util.c:1240:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(numstring) > 8) {
data/zip-3.0/vms/cmdline.c:530:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdl_len += strlen( OPT_CN)+ 1;
data/zip-3.0/vms/cmdline.c:566:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdl_len += strlen( opt)+ 1;
data/zip-3.0/vms/cmdline.c:581:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdl_len += strlen( opt)+ 1;
data/zip-3.0/vms/cmdline.c:595:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdl_len += strlen( opt)+ 1;
data/zip-3.0/vms/cmdline.c:616:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdl_len += strlen( OPT_IC)+ 1;
data/zip-3.0/vms/cmdline.c:624:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdl_len += strlen( OPT_ICN)+ 1;
data/zip-3.0/vms/cmdline.c:640:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdl_len += strlen( OPT_FD)+ 1;
data/zip-3.0/vms/cmdline.c:654:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdl_len += strlen( OPT_DF)+ 1;
data/zip-3.0/vms/cmdline.c:678:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(&the_cmd_line[x+3], work_str.dsc$a_pointer,
data/zip-3.0/vms/cmdline.c:708:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdl_len += strlen( OPT_FS)+ 1;
data/zip-3.0/vms/cmdline.c:745:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdl_len += strlen( OPT_H2)+ 1;
data/zip-3.0/vms/cmdline.c:957:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(&the_cmd_line[x+3], work_str.dsc$a_pointer,
data/zip-3.0/vms/cmdline.c:970:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(&the_cmd_line[x+3], work_str.dsc$a_pointer,
data/zip-3.0/vms/cmdline.c:993:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdl_len += strlen( OPT_DB)+ 1;
data/zip-3.0/vms/cmdline.c:1002:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdl_len += strlen( OPT_DC)+ 1;
data/zip-3.0/vms/cmdline.c:1013:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdl_len += strlen( OPT_DD)+ 1;
data/zip-3.0/vms/cmdline.c:1020:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdl_len += strlen( OPT_DS);
data/zip-3.0/vms/cmdline.c:1027:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( &the_cmd_line[ x],
data/zip-3.0/vms/cmdline.c:1036:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdl_len += strlen( OPT_DG)+ 1;
data/zip-3.0/vms/cmdline.c:1045:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdl_len += strlen( OPT_DU)+ 1;
data/zip-3.0/vms/cmdline.c:1054:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdl_len += strlen( OPT_DV)+ 1;
data/zip-3.0/vms/cmdline.c:1075:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdl_len += strlen( OPT_LA)+ 1;
data/zip-3.0/vms/cmdline.c:1085:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdl_len += strlen( OPT_LF)+ 2+ work_str.dsc$w_length;
data/zip-3.0/vms/cmdline.c:1088:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(&the_cmd_line[x+strlen( OPT_LF)+ 1], work_str.dsc$a_pointer,
data/zip-3.0/vms/cmdline.c:1088:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(&the_cmd_line[x+strlen( OPT_LF)+ 1], work_str.dsc$a_pointer,
data/zip-3.0/vms/cmdline.c:1097:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdl_len += strlen( OPT_LI)+ 1;
data/zip-3.0/vms/cmdline.c:1119:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdl_len += strlen( OPT_SB)+ 1;
data/zip-3.0/vms/cmdline.c:1129:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdl_len += strlen( OPT_SP)+ 1;
data/zip-3.0/vms/cmdline.c:1141:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdl_len += strlen( OPT_S)+ 1;
data/zip-3.0/vms/cmdline.c:1147:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( &the_cmd_line[ x],
data/zip-3.0/vms/cmdline.c:1156:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdl_len += strlen( OPT_SV)+ 1;
data/zip-3.0/vms/cmdline.c:1178:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdl_len += strlen( OPT_SC)+ 1;
data/zip-3.0/vms/cmdline.c:1187:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdl_len += strlen( OPT_SD)+ 1;
data/zip-3.0/vms/cmdline.c:1196:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdl_len += strlen( OPT_SF)+ 1;
data/zip-3.0/vms/cmdline.c:1205:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdl_len += strlen( OPT_SO)+ 1;
data/zip-3.0/vms/cmdline.c:1221:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdl_len += strlen( OPT_FZ)+ 1;
data/zip-3.0/vms/cmdline.c:1239:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdl_len += strlen( OPT_W)+ 1;
data/zip-3.0/vms/cmdline.c:1248:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdl_len += strlen( OPT_NW)+ 1;
data/zip-3.0/vms/cmdline.c:1263:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdl_len += strlen( OPT_MM)+ 1;
data/zip-3.0/vms/cmdline.c:1281:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdl_len += strlen( OPT_TT)+ 2+ work_str.dsc$w_length;
data/zip-3.0/vms/cmdline.c:1284:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(&the_cmd_line[x+strlen( OPT_TT)+ 1], work_str.dsc$a_pointer,
data/zip-3.0/vms/cmdline.c:1284:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(&the_cmd_line[x+strlen( OPT_TT)+ 1], work_str.dsc$a_pointer,
data/zip-3.0/vms/cmdline.c:1304:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdl_len += strlen( OPT_ZB)+ 1;
data/zip-3.0/vms/cmdline.c:1313:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdl_len += strlen( OPT_ZD)+ 1;
data/zip-3.0/vms/cmdline.c:1322:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdl_len += strlen( OPT_ZS)+ 1;
data/zip-3.0/vms/cmdline.c:1398:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdl_len += strlen( OPT_XN)+ 1;
data/zip-3.0/vms/cmdline.c:1406:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdl_len += strlen( OPT_X)+ 1;
data/zip-3.0/vms/cmdline.c:1422:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(&the_cmd_line[x], work_str.dsc$a_pointer,
data/zip-3.0/vms/cmdline.c:1449:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(&the_cmd_line[x], "-x@", 3);
data/zip-3.0/vms/cmdline.c:1450:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(&the_cmd_line[x+3], work_str.dsc$a_pointer,
data/zip-3.0/vms/cmdline.c:1481:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(&the_cmd_line[x], "-i@", 3);
data/zip-3.0/vms/cmdline.c:1482:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(&the_cmd_line[x+3], work_str.dsc$a_pointer,
data/zip-3.0/vms/cmdline.c:1532:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr += strlen(ptr) + 1;
data/zip-3.0/vms/vms.c:140:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FAB_OR_NAML( fab, nam).FAB_OR_NAML_FNS = strlen( file);
data/zip-3.0/vms/vms.c:289:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( vms_vers, VMS_VERSION, sizeof( vms_vers));
data/zip-3.0/vms/vms.c:437:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FAB_OR_NAML( fab, nam).FAB_OR_NAML_DNS = strlen( zip);
data/zip-3.0/vms/vms.c:441:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FAB_OR_NAML( fab, nam).FAB_OR_NAML_FNS = strlen( zip_tmp_nam);
data/zip-3.0/vms/vms.c:459:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp_name = malloc( strlen( nam.NAM_ESA)+ 1);
data/zip-3.0/vms/vms.c:528:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FAB_OR_NAML( fab, nam).FAB_OR_NAML_FNS = strlen( s);
data/zip-3.0/vms/vms.c:545:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p = malloc( strlen( s)+ 1)) != NULL )
data/zip-3.0/vms/vms.c:610:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FAB_OR_NAML( fab, nam).FAB_OR_NAML_FNS = strlen( s);
data/zip-3.0/vms/vms_im.c:198:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FAB_OR_NAML( fab, nam).FAB_OR_NAML_FNS = strlen( z->name);
data/zip-3.0/vms/vms_im.c:459:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(verbuf) + 1; /* Transmit ending 0 too */
data/zip-3.0/vms/vms_im.c:555:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FAB_OR_NAML( fab, nam)->FAB_OR_NAML_FNS = strlen( name);
data/zip-3.0/vms/vms_msg_gen.c:74:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(ziperrors[ code_zip].string) != 0))
data/zip-3.0/vms/vms_pk.c:208:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FAB_OR_NAML( Fab, Nam).FAB_OR_NAML_FNS = strlen(file);
data/zip-3.0/vms/vmsmunch.c:278:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Fab.fab$b_fns = strlen(filename);
data/zip-3.0/vms/vmsmunch.c:431:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
date_str.dsc$w_length = strlen(time);
data/zip-3.0/vms/vmszip.c:329:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FAB_OR_NAML( fab, nam).FAB_OR_NAML_FNS = strlen( file_spec);
data/zip-3.0/vms/vmszip.c:368:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (cp = file_spec; cp < file_spec+ strlen( file_spec); cp++)
data/zip-3.0/vms/vmszip.c:511:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dev_descr.dsc$w_length = strlen( dev_descr.dsc$a_pointer);
data/zip-3.0/vms/vmszip.c:569:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
d->FAB_OR_NAML( fab, nam).FAB_OR_NAML_FNS = strlen(p);
data/zip-3.0/vms/vmszip.c:608:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(p = malloc((m = strlen(n)) + 4)) == NULL) {
data/zip-3.0/vms/vmszip.c:712:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(wild_version_part, d->nam.NAM_L_VER, d->nam.NAM_B_VER);
data/zip-3.0/vms/vmszip.c:749:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = malloc(strlen(n) + 1);
data/zip-3.0/vms/vmszip.c:888:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strncmp( ext_dir_and_name, MFD, strlen( MFD)) == 0) &&
data/zip-3.0/vms/vmszip.c:906:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((n = malloc(strlen( ext_dir_and_name)+ 1)) == NULL)
data/zip-3.0/vms/vmszip.c:988:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cwd_dir_only_len = strlen( cwd_dir_only);
data/zip-3.0/vms/vmszip.c:1063:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strcasecmp( (nn = n+ strlen( n)- DIR_TYPE_VER_LEN), DIR_TYPE_VER))
data/zip-3.0/vms/vmszip.c:1067:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( nn, "/");
data/zip-3.0/vms/vmszip.c:1139:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
endp = n+ strlen( n);
data/zip-3.0/vms/vmszip.c:1242:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((x = malloc(strlen(n) + 1 + DIR_PAD)) == NULL)
data/zip-3.0/vms/vmszip.c:1248:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((x = malloc(strlen(n) + 3 + DIR_PAD)) == NULL)
data/zip-3.0/vms/vmszip.c:1366:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(f);
data/zip-3.0/vms/vmszip.c:1436:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(d);
data/zip-3.0/win32/win32.c:86:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(root, dir, 3);
data/zip-3.0/win32/win32.c:128:5: [1] (buffer) wcsncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
wcsncpy(root, dir, 3);
data/zip-3.0/win32/win32.c:163:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *ansi_name = (char *)alloca(strlen(name) + 1);
data/zip-3.0/win32/win32.c:191:44: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wchar_t *ansi_namew = (wchar_t *)alloca((wcslen(namew) + 1) * sizeof(wchar_t));
data/zip-3.0/win32/win32.c:235:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *ansi_name = (char *)alloca(strlen(name) + 1);
data/zip-3.0/win32/win32.c:264:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *ansi_path = (char *)alloca(strlen(path) + 1);
data/zip-3.0/win32/win32.c:277:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(rootPathName, tmp0, 3); /* Build the root path name, */
data/zip-3.0/win32/win32.c:301:45: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wchar_t *ansi_path = (wchar_t *)alloca((wcslen(path) + 1) * sizeof(wchar_t));
data/zip-3.0/win32/win32.c:314:5: [1] (buffer) wcsncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
wcsncpy(rootPathName, tmp0, 3); /* Build the root path name, */
data/zip-3.0/win32/win32.c:544:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *ansi_name = (char *)alloca(strlen(name) + 1);
data/zip-3.0/win32/win32.c:668:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *ansi_name = (char *)alloca(strlen(x) + 1);
data/zip-3.0/win32/win32.c:808:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *ansi_path = (char *)alloca(strlen(path) + 1);
data/zip-3.0/win32/win32.c:869:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *ansi_path = (char *)alloca(strlen(path) + 1);
data/zip-3.0/win32/win32.c:916:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *ansi_path = (char *)alloca(strlen(pathw) + 1);
data/zip-3.0/win32/win32.c:977:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *ansi_path = (char *)alloca(strlen(pathw) + 1);
data/zip-3.0/win32/win32.c:1384:9: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(buffer, buf, 1);
data/zip-3.0/win32/win32.c:1393:7: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(buffer, buf, bytes_char);
data/zip-3.0/win32/win32.c:1407:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((local_string = (char *)realloc(buffer, strlen(buffer) + 1)) == NULL) {
data/zip-3.0/win32/win32zip.c:120:31: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((pw = (wchar_t *)malloc(wcslen(nw) * sizeof(wchar_t) +
data/zip-3.0/win32/win32zip.c:127:13: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
qw = pw + wcslen(pw);
data/zip-3.0/win32/win32zip.c:133:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(wild_match_all); i++) {
data/zip-3.0/win32/win32zip.c:162:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(p = malloc(strlen(n) + (2 + sizeof(wild_match_all)))) == NULL) {
data/zip-3.0/win32/win32zip.c:167:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
q = p + strlen(p);
data/zip-3.0/win32/win32zip.c:348:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c = fp + strlen(fp) - 1;
data/zip-3.0/win32/win32zip.c:389:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (f = fp + strlen(fp); f != fp; f--) {
data/zip-3.0/win32/win32zip.c:398:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nr = strlen(fp) - (f - fp);
data/zip-3.0/win32/win32zip.c:409:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((q = malloc(strlen(f) + 2)) == NULL) {
data/zip-3.0/win32/win32zip.c:413:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*n = q + (strlen(q) - nr + 1);
data/zip-3.0/win32/win32zip.c:415:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(q, "/");
data/zip-3.0/win32/win32zip.c:593:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((r = realloc(r, strlen(r) + strlen(q) + 3)) == NULL) {
data/zip-3.0/win32/win32zip.c:593:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((r = realloc(r, strlen(r) + strlen(q) + 3)) == NULL) {
data/zip-3.0/win32/win32zip.c:598:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(r, "/");
data/zip-3.0/win32/win32zip.c:607:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(r, "/");
data/zip-3.0/win32/win32zip.c:788:27: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name = wildtail + wcslen(wildtail) - 1;
data/zip-3.0/win32/win32zip.c:807:18: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newlen = wcslen(whole) + wcslen(subwild) + (ONENAMELEN + 2);
data/zip-3.0/win32/win32zip.c:807:34: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newlen = wcslen(whole) + wcslen(subwild) + (ONENAMELEN + 2);
data/zip-3.0/win32/win32zip.c:809:18: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newlen = wcslen(whole) + (ONENAMELEN + 1);
data/zip-3.0/win32/win32zip.c:817:14: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newlen = wcslen(newwhole);
data/zip-3.0/win32/win32zip.c:830:35: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name = newwhole + wcslen(newwhole);
data/zip-3.0/win32/win32zip.c:878:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name = wildtail + strlen(wildtail) - 1;
data/zip-3.0/win32/win32zip.c:897:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newlen = strlen(whole) + strlen(subwild) + (ONENAMELEN + 2);
data/zip-3.0/win32/win32zip.c:897:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newlen = strlen(whole) + strlen(subwild) + (ONENAMELEN + 2);
data/zip-3.0/win32/win32zip.c:899:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newlen = strlen(whole) + (ONENAMELEN + 1);
data/zip-3.0/win32/win32zip.c:907:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newlen = strlen(newwhole);
data/zip-3.0/win32/win32zip.c:920:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name = newwhole + strlen(newwhole);
data/zip-3.0/win32/win32zip.c:1007:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p = malloc(strlen(w) + 2)) == NULL)
data/zip-3.0/win32/win32zip.c:1030:11: [1] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant character.
wcscpy(qw, L".");
data/zip-3.0/win32/win32zip.c:1042:11: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(q, ".");
data/zip-3.0/win32/win32zip.c:1055:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(q, ".");
data/zip-3.0/win32/win32zip.c:1186:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p = (char *) malloc(strlen(n)+2)) == NULL)
data/zip-3.0/win32/win32zip.c:1192:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
a = p + strlen(p);
data/zip-3.0/win32/win32zip.c:1194:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(a, "/");
data/zip-3.0/win32/win32zip.c:1206:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((a = malloc(strlen(p) + strlen(e) + 1)) == NULL)
data/zip-3.0/win32/win32zip.c:1206:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((a = malloc(strlen(p) + strlen(e) + 1)) == NULL)
data/zip-3.0/win32/win32zip.c:1327:30: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pw = (wchar_t *)malloc( (wcslen(nw)+2) * sizeof(wchar_t) );
data/zip-3.0/win32/win32zip.c:1334:17: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aw = pw + wcslen(pw);
data/zip-3.0/win32/win32zip.c:1335:14: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (pw[wcslen(pw) - 1] != (wchar_t)'/')
data/zip-3.0/win32/win32zip.c:1336:9: [1] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant character.
wcscpy(aw, L"/");
data/zip-3.0/win32/win32zip.c:1348:29: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((aw = malloc((wcslen(pw) + wcslen(ew) + 1) * sizeof(wchar_t))) == NULL)
data/zip-3.0/win32/win32zip.c:1348:42: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((aw = malloc((wcslen(pw) + wcslen(ew) + 1) * sizeof(wchar_t))) == NULL)
data/zip-3.0/win32/win32zip.c:1451:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((n = malloc(strlen(t) + 1)) == NULL)
data/zip-3.0/win32/win32zip.c:1520:21: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((nw = malloc((wcslen(tw) + 1) * sizeof(wchar_t))) == NULL)
data/zip-3.0/win32/win32zip.c:1545:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((x = malloc(strlen(n) + 1 + PAD)) == NULL)
data/zip-3.0/win32/win32zip.c:1562:21: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((xw = malloc((wcslen(nw) + 1 + PAD) * sizeof(wchar_t))) == NULL)
data/zip-3.0/win32/win32zip.c:1619:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int len = strlen(f);
data/zip-3.0/win32/win32zip.c:1701:22: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int len = wcslen(fw);
data/zip-3.0/win32/zipup.h:45:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define zread(f,b,n) read(f,b,n)
data/zip-3.0/windll/windll.c:133:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
WinAssert(strlen(pszBuffer) < STDIO_BUF_SIZE);
data/zip-3.0/windll/windll.c:159:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
WinAssert(strlen(pszBuffer) < STDIO_BUF_SIZE);
data/zip-3.0/zip.c:474:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (a && strlen(a)) {
data/zip-3.0/zip.c:483:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (a && strlen(a)) {
data/zip-3.0/zip.c:489:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (a && strlen(a)) {
data/zip-3.0/zip.c:498:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (a && strlen(a)) {
data/zip-3.0/zip.c:1274:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(zipfile, "-");
data/zip-3.0/zip.c:1295:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(cmd, unzippath, 4000);
data/zip-3.0/zip.c:1336:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((zipnam = (char *)malloc(strlen(zipname) + 3)) == NULL)
data/zip-3.0/zip.c:1341:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(zipnam, "\""); /* accept spaces in name and path */
data/zip-3.0/zip.c:1343:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(zipnam, "\"");
data/zip-3.0/zip.c:1357:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((cmd = (char *)malloc(strlen(unzip_path) + strlen(zipnam) + 3)) == NULL)
data/zip-3.0/zip.c:1357:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((cmd = (char *)malloc(strlen(unzip_path) + strlen(zipnam) + 3)) == NULL)
data/zip-3.0/zip.c:1365:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(cmd, " ");
data/zip-3.0/zip.c:1367:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(cmd, " ");
data/zip-3.0/zip.c:1372:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(cmd, " ");
data/zip-3.0/zip.c:1440:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((cmd = malloc(strlen(unzip_path) + strlen(zipname) + 3)) == NULL) {
data/zip-3.0/zip.c:1440:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((cmd = malloc(strlen(unzip_path) + strlen(zipname) + 3)) == NULL) {
data/zip-3.0/zip.c:1449:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(cmd, " ");
data/zip-3.0/zip.c:1451:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(cmd, "'"); /* accept space or $ in name */
data/zip-3.0/zip.c:1453:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(cmd, "'");
data/zip-3.0/zip.c:1457:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(cmd, " ");
data/zip-3.0/zip.c:1462:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(cmd, " ");
data/zip-3.0/zip.c:1464:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(cmd, "'"); /* accept space or $ in name */
data/zip-3.0/zip.c:1466:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(cmd, "'");
data/zip-3.0/zip.c:1475:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((cmd = malloc(20 + strlen(zipname))) == NULL) {
data/zip-3.0/zip.c:1488:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(cmd, "'"); /* accept space or $ in name */
data/zip-3.0/zip.c:1490:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(cmd, "'");
data/zip-3.0/zip.c:1655:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((name = malloc(strlen(filearg) + 1)) == NULL) {
data/zip-3.0/zip.c:3130:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(argcnt == 2 && strlen(args[1]) == 2)) { /* -v only */
data/zip-3.0/zip.c:3361:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((in_path = malloc(strlen(zipfile) + 1)) == NULL) {
data/zip-3.0/zip.c:3369:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((out_path = malloc(strlen(zipfile) + 1)) == NULL) {
data/zip-3.0/zip.c:3569:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p = malloc(strlen(logfile_path) + 5)) == NULL) {
data/zip-3.0/zip.c:3579:7: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(mode, "a");
data/zip-3.0/zip.c:3581:7: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(mode, "w");
data/zip-3.0/zip.c:3604:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (j = 0; j < strlen(args[i]); j++) {
data/zip-3.0/zip.c:3626:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int plen = strlen(out_path);
data/zip-3.0/zip.c:3631:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
plen -= strlen( vms_file_version( out_path));
data/zip-3.0/zip.c:3873:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((tempzip = malloc(strlen(tempath) + 12)) == NULL) {
data/zip-3.0/zip.c:3878:11: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tempzip, "/");
data/zip-3.0/zip.c:3883:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((tempzip = malloc(strlen(zipfile) + 12)) == NULL) {
data/zip-3.0/zip.c:3887:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i = strlen(tempzip); i > 0; i--) {
data/zip-3.0/zip.c:4080:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((n = malloc(strlen(filelist->name) + 1)) == NULL)
data/zip-3.0/zip.c:4317:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (z->name && (z->name)[strlen(z->name) - 1] == '/') {
data/zip-3.0/zip.c:4560:32: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((fnw = malloc((wcslen(z->znamew) + 120) * sizeof(wchar_t))) == NULL)
data/zip-3.0/zip.c:4564:21: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (fnw[wcslen(fnw) - 1] == '/')
data/zip-3.0/zip.c:4571:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((fn = malloc(strlen(z->zname) + 120)) == NULL)
data/zip-3.0/zip.c:4575:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (fn[strlen(fn) - 1] == '/')
data/zip-3.0/zip.c:4584:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((fn = malloc(strlen(z->zname) + 120)) == NULL)
data/zip-3.0/zip.c:4592:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (fn[strlen(fn) - 1] == '/')
data/zip-3.0/zip.c:4719:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(strcat(errbuf, " "), args[i]);
data/zip-3.0/zip.c:4727:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(strcat(errbuf, " "), args[i]);
data/zip-3.0/zip.c:4820:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tempzip, "-");
data/zip-3.0/zip.c:4874:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((tempzip = malloc(strlen(tempath) + 12)) == NULL) {
data/zip-3.0/zip.c:4879:11: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tempzip, "/");
data/zip-3.0/zip.c:4884:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((tempzip = malloc(strlen(zipfile) + 12)) == NULL) {
data/zip-3.0/zip.c:4888:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i = strlen(tempzip); i > 0; i--) {
data/zip-3.0/zip.c:5484:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((f->iname = malloc(strlen(f->uname) + 1)) == NULL)
data/zip-3.0/zip.c:5718:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (z->comment = malloc(k = strlen(p)+1))
data/zip-3.0/zip.c:5736:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p = malloc((extent)(k = strlen(e))+1)) == NULL)
data/zip-3.0/zip.c:5797:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p = malloc((k = strlen(e))+1)) == NULL) {
data/zip-3.0/zip.c:5808:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (e[(r = strlen(e)) - 1] == '\n')
data/zip-3.0/zip.c:5810:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p = malloc((*zcomment ? strlen(zcomment) + 3 : 1) + r)) == NULL)
data/zip-3.0/zip.c:5826:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p = malloc(strlen(szCommentBuf)+1)) == NULL) {
data/zip-3.0/zip.c:5838:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
zcomlen = strlen(zcomment);
data/zip-3.0/zipcloak.c:553:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((in_path = malloc(strlen(zipfile) + 1)) == NULL) {
data/zip-3.0/zipcloak.c:560:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((out_path = malloc(strlen(zipfile) + 1)) == NULL) {
data/zip-3.0/zipcloak.c:595:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((tempzip = malloc(strlen(tempath) + 12)) == NULL) {
data/zip-3.0/zipcloak.c:600:11: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tempzip, "/");
data/zip-3.0/zipcloak.c:605:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((tempzip = malloc(strlen(zipfile) + 12)) == NULL) {
data/zip-3.0/zipcloak.c:609:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i = strlen(tempzip); i > 0; i--) {
data/zip-3.0/zipfile.c:376:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((t = malloc(strlen(s) + 5)) == NULL)
data/zip-3.0/zipfile.c:497:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int ssize = strlen(strValue);
data/zip-3.0/zipfile.c:829:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((iname = malloc(strlen(pZipListEntry->iname) + 1)) == NULL) {
data/zip-3.0/zipfile.c:834:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
chksum = crc32(chksum, (uch *)(iname), strlen(iname));
data/zip-3.0/zipfile.c:880:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(UPath, pTemp, ULen);
data/zip-3.0/zipfile.c:934:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((iname = malloc(strlen(pZipListEntry->iname) + 1)) == NULL) {
data/zip-3.0/zipfile.c:939:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
chksum = crc32(chksum, (uch *)(iname), strlen(iname));
data/zip-3.0/zipfile.c:980:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(UPath, pTemp, ULen);
data/zip-3.0/zipfile.c:1428:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ush ULen = strlen(pZEntry->uname);
data/zip-3.0/zipfile.c:1511:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((inameLocal = malloc(strlen(pZEntry->iname) + 1)) == NULL) {
data/zip-3.0/zipfile.c:1525:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
chksum = crc32(chksum, (uch *)(inameLocal), strlen(inameLocal));
data/zip-3.0/zipfile.c:1560:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ush ULen = strlen(pZEntry->uname);
data/zip-3.0/zipfile.c:1638:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((inameLocal = malloc(strlen(pZEntry->iname) + 1)) == NULL) {
data/zip-3.0/zipfile.c:1652:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
chksum = crc32(chksum, (uch *)(inameLocal), strlen(inameLocal));
data/zip-3.0/zipfile.c:1915:19: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((m = getc(f)) != EOF && m != 0x50) /* 0x50 == 'P' */
data/zip-3.0/zipfile.c:2050:25: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((m = getc(f)) != EOF && m != 0x50) ; /* 0x50 == 'P' */
data/zip-3.0/zipfile.c:2101:23: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((m = getc(f)) != EOF && m != 0x50) p++; /* 0x50 == 'P' */
data/zip-3.0/zipfile.c:2844:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((z->zname = malloc(strlen(z->name) + 1)) == NULL) {
data/zip-3.0/zipfile.c:2852:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((z->name = malloc(strlen(z->iname) + 1)) == NULL) {
data/zip-3.0/zipfile.c:2856:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((z->zname = malloc(strlen(z->iname) + 1)) == NULL) {
data/zip-3.0/zipfile.c:2881:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((z->oname = malloc(strlen(z->zname) + 1)) == NULL) {
data/zip-3.0/zipfile.c:2965:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
m = getc(f);
data/zip-3.0/zipfile.c:2977:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((m = getc(f)) == EOF)
data/zip-3.0/zipfile.c:2986:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((m = getc(f)) == EOF)
data/zip-3.0/zipfile.c:2998:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((m = getc(f)) == EOF)
data/zip-3.0/zipfile.c:3014:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
m = getc(f);
data/zip-3.0/zipfile.c:3234:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
plen = strlen(in_path);
data/zip-3.0/zipfile.c:3238:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
plen -= strlen(vms_file_version(in_path));
data/zip-3.0/zipfile.c:3806:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((z->uname = malloc(strlen(z->iname) + 1)) == NULL) {
data/zip-3.0/zipfile.c:4200:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int plen = strlen(in_path);
data/zip-3.0/zipfile.c:4210:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
plen -= strlen(vms_file_version(in_path));
data/zip-3.0/zipfile.c:4628:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((split_path = malloc(strlen(in_path) + 1)) == NULL) {
data/zip-3.0/zipfile.c:4660:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((split_path = malloc(strlen(in_path) + 1)) == NULL) {
data/zip-3.0/zipfile.c:4851:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((z->uname = malloc(strlen(z->iname) + 1)) == NULL) {
data/zip-3.0/zipfile.c:4924:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((z->name = malloc(strlen(z->zname) + 1)) == NULL) {
data/zip-3.0/zipfile.c:4951:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((name = malloc(strlen(z->iname) + 1)) == NULL) {
data/zip-3.0/zipfile.c:4962:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((z->zuname = malloc(strlen(name) + 1)) == NULL) {
data/zip-3.0/zipfile.c:4975:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((z->ouname = malloc(strlen(name) + 1)) == NULL) {
data/zip-3.0/zipfile.c:4982:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((z->ouname = malloc(strlen(name) + 1)) == NULL) {
data/zip-3.0/zipfile.c:5004:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((z->wuname = malloc(strlen(z->ouname) + 1)) == NULL) {
data/zip-3.0/zipfile.c:5044:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((z->oname = malloc(strlen(z->zname) + 1)) == NULL) {
data/zip-3.0/zipfile.c:5409:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nam = strlen(z->uname);
data/zip-3.0/zipfile.c:5460:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((oem = malloc(strlen(z->iname) + 1)) == NULL)
data/zip-3.0/zipfile.c:5650:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nam = strlen(z->uname);
data/zip-3.0/zipfile.c:5761:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((oem = malloc(strlen(z->iname) + 1)) == NULL)
data/zip-3.0/zipfile.c:5783:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((oem = malloc(strlen(z->comment) + 1)) == NULL)
data/zip-3.0/zipfile.c:6202:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((localz->iname = malloc(strlen(localz->uname) + 1)) == NULL) {
data/zip-3.0/zipfile.c:6275:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
z->nam = strlen(z->iname);
data/zip-3.0/zipfile.c:6299:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
localz->nam = z->nam = strlen(z->iname);
data/zip-3.0/zipfile.c:6302:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((localz->iname = malloc(strlen(z->iname) + 1)) == NULL) {
data/zip-3.0/zipfile.c:6348:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((z->oname = malloc(strlen(localz->iname) + 1)) == NULL) {
data/zip-3.0/zipfile.c:6767:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
z->nam = strlen(z->iname);
data/zip-3.0/zipfile.c:6804:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (p[strlen(p) - 1] == '/') { /* keep VMS [x.y]z.dir;1 intact */
data/zip-3.0/zipfile.c:6805:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p[strlen(p) - 1] = '\0';
data/zip-3.0/zipnote.c:348:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (line != NULL && (len = strlen(line)) > 0) {
data/zip-3.0/zipnote.c:374:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p = malloc(strlen(*a) + strlen(s) + 3)) == NULL)
data/zip-3.0/zipnote.c:374:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p = malloc(strlen(*a) + strlen(s) + 3)) == NULL)
data/zip-3.0/zipnote.c:524:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((in_path = malloc(strlen(zipfile) + 1)) == NULL) {
data/zip-3.0/zipnote.c:570:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((z->iname = malloc(strlen(a+1))) == NULL)
data/zip-3.0/zipnote.c:593:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
z->com = strlen(z->comment);
data/zip-3.0/zipnote.c:602:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
zcomlen = strlen(zcomment);
data/zip-3.0/zipnote.c:616:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((tempzip = malloc(strlen(tempath) + 12)) == NULL) {
data/zip-3.0/zipnote.c:621:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tempzip, "/");
data/zip-3.0/zipnote.c:626:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((tempzip = malloc(strlen(zipfile) + 12)) == NULL) {
data/zip-3.0/zipnote.c:630:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i = strlen(tempzip); i > 0; i--) {
data/zip-3.0/zipsplit.c:692:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((in_path = malloc(strlen(zipfile) + 1)) == NULL) {
data/zip-3.0/zipsplit.c:763:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((path = (char *)talloc(tempath == NULL ? 13 : strlen(tempath) + 14)) ==
data/zip-3.0/zipsplit.c:775:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tailchar = path[strlen(path) - 1]; /* last character */
data/zip-3.0/zipsplit.c:777:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(path, "/");
data/zip-3.0/zipsplit.c:780:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (path[0] && path[strlen(path) - 1] != '.')
data/zip-3.0/zipsplit.c:781:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(path, ".");
data/zip-3.0/zipsplit.c:784:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (path[0] && path[strlen(path) - 1] != '_')
data/zip-3.0/zipsplit.c:785:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(path, "_");
data/zip-3.0/zipsplit.c:788:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (path[0] && path[strlen(path) - 1] != '/')
data/zip-3.0/zipsplit.c:789:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(path, "/");
data/zip-3.0/zipsplit.c:794:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name = path + strlen(path);
data/zip-3.0/zipsplit.c:859:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(template,".");
data/zip-3.0/zipup.c:322:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
q = a + strlen(a) - 1;
data/zip-3.0/zipup.c:324:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
q = a + strlen(a) - 1;
data/zip-3.0/zipup.c:326:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (p = s + strlen(s) - 1; p >= s; p--)
data/zip-3.0/zipup.c:338:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
q = a + strlen(a) - 1;
data/zip-3.0/zipup.c:340:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
q = a + strlen(a) - 1;
data/zip-3.0/zipup.c:369:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (p=s;p<=s+strlen(s)-3;p+=3) { /* p+=3 to skip 3 hex type */
data/zip-3.0/zipup.c:427:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
z->nam = strlen(z->iname);
ANALYSIS SUMMARY:
Hits = 2170
Lines analyzed = 74182 in approximately 2.23 seconds (33263 lines/second)
Physical Source Lines of Code (SLOC) = 50543
Hits@level = [0] 612 [1] 812 [2] 685 [3] 30 [4] 628 [5] 15
Hits@level+ = [0+] 2782 [1+] 2170 [2+] 1358 [3+] 673 [4+] 643 [5+] 15
Hits/KSLOC@level+ = [0+] 55.0422 [1+] 42.9337 [2+] 26.8682 [3+] 13.3154 [4+] 12.7218 [5+] 0.296777
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.