pax_global_header00006660000000000000000000000064131120724210014503gustar00rootroot0000000000000052 comment=dca7bf439467cf562f5aea327a7030e2c604542d firehose-0.5/000077500000000000000000000000001311207242100131535ustar00rootroot00000000000000firehose-0.5/.gitignore000066400000000000000000000001231311207242100151370ustar00rootroot00000000000000# Ignore backups: *~ # Python bytecode: *.pyc # Built documentation: docs/_build firehose-0.5/.travis.yml000066400000000000000000000003041311207242100152610ustar00rootroot00000000000000language: python python: - "pypy" - "2.7" - "3.3" script: make before_install: - sudo apt-get update -qq - sudo apt-get install -qq libxml2-utils - sudo apt-get install -qq python-sphinx firehose-0.5/MANIFEST.in000066400000000000000000000002361311207242100147120ustar00rootroot00000000000000include firehose.rng include lgpl-2.1.txt include Makefile include README.rst recursive-include examples *.xml *.c recursive-include tests *.py *.plist *.xml firehose-0.5/Makefile000066400000000000000000000024771311207242100146250ustar00rootroot00000000000000# Copyright 2013 David Malcolm # Copyright 2013 Red Hat, Inc. # # This library is free software; you can redistribute it and/or # modify it under the terms of the GNU Lesser General Public # License as published by the Free Software Foundation; either # version 2.1 of the License, or (at your option) any later version. # # This library is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # Lesser General Public License for more details. # # You should have received a copy of the GNU Lesser General Public # License along with this library; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 # USA all: validate dump unittests executables docs-html validate: xmllint --relaxng firehose.rng --noout examples/example-*.xml dump: python firehose/model.py unittests: python -m unittest discover -v executables: PYTHONPATH=. \ python firehose/parsers/cppcheck.py \ tests/parsers/example-output/cppcheck-xml-v2/example-001.xml PYTHONPATH=. \ python firehose/parsers/clanganalyzer.py \ tests/parsers/example-output/clanganalyzer/report-001.plist docs-html: cd docs && make html firehose-0.5/README.rst000066400000000000000000000070771311207242100146550ustar00rootroot00000000000000"firehose" is a Python package intended for managing the results from code analysis tools (e.g. compiler warnings, static analysis, linters, etc). It currently provides parsers for the output of gcc, clang-analyzer, cppcheck, and findbugs. These parsers convert the results into a common data model of Python objects, with methods for lossless roundtrips through a provided XML format. There is also a JSON equivalent. It is available on pypi here: https://pypi.python.org/pypi/firehose and via git from: https://github.com/fedora-static-analysis/firehose The mailing list is: https://admin.fedoraproject.org/mailman/listinfo/firehose-devel Documentation can be read here: http://firehose.readthedocs.io/en/latest/ Firehose is Free Software, licensed under the LGPLv2.1 or (at your option) any later version. It requires Python 2.7 or 3.2 onwards, and has been successfully tested with PyPy. It is currently of alpha quality. The API and serialization formats are not yet set in stone (and we're keen on hearing feedback before we lock things down more). Motivation: http://lists.fedoraproject.org/pipermail/devel/2012-December/175232.html I want to slurp the results from static code analysis into a database, which means coercing all of the results into some common interchange format, codenamed "firehose" (which could also be the name of the database). The idea is a common XML format that all tools can emit that: * describes a warning * gives source-code location of the warning: filename, function, line number. * optionally with a `CWE `_ identifier * potentially with other IDs and URLs, e.g. the ID "SIG30-C" with URL https://www.securecoding.cert.org/confluence/display/seccode/SIG30-C.+Call+only+asynchronous-safe+functions+within+signal+handlers * optionally describes code path to get there (potentially interprocedural across source files), potentially with "state" annotations (e.g. in the case of a reference-counting bug, it's useful to be able to annotate the changes to the refcount). together with a simple Python API for working with the format as a collection of Python objects (creating, write to XML, read from XML, modification, etc) I initially considered using JSON, but went with XML because if multiple tools are going to emit this, it's good to be able to validate things against a schema (see `firehose.rng `_, a RELAX-NG schema). References to source files in the format can include a hash of the source file itself (e.g. SHA-1) so that you can uniquely identify which source file you were talking about. This format would be slurped into the DB for the web UI, and can have other things done to it without needing a server: e.g.: * convert it to the textual form of a gcc compilation error, so that Emacs etc can parse it and take you to the source * be turned into a simple HTML report locally on your workstation Projects using Firehose: * `mock-with-analysis `_ can rebuild a source RPM, capturing the results of 4 different code analysis tools in Firehose format (along with all source files that were mentioned in any report). * The `"firehose" branch `_ of `cpychecker `_ can natively emit Firehose XML reports * https://github.com/paultag/storz/blob/master/wrappers/storz-lintian firehose-0.5/docs/000077500000000000000000000000001311207242100141035ustar00rootroot00000000000000firehose-0.5/docs/Makefile000066400000000000000000000127041311207242100155470ustar00rootroot00000000000000# Makefile for Sphinx documentation # # You can set these variables from the command line. SPHINXOPTS = SPHINXBUILD = sphinx-build PAPER = BUILDDIR = _build # Internal variables. PAPEROPT_a4 = -D latex_paper_size=a4 PAPEROPT_letter = -D latex_paper_size=letter ALLSPHINXOPTS = -d $(BUILDDIR)/doctrees $(PAPEROPT_$(PAPER)) $(SPHINXOPTS) . # the i18n builder cannot share the environment and doctrees with the others I18NSPHINXOPTS = $(PAPEROPT_$(PAPER)) $(SPHINXOPTS) . .PHONY: help clean html dirhtml singlehtml pickle json htmlhelp qthelp devhelp epub latex latexpdf text man changes linkcheck doctest gettext help: @echo "Please use \`make ' where is one of" @echo " html to make standalone HTML files" @echo " dirhtml to make HTML files named index.html in directories" @echo " singlehtml to make a single large HTML file" @echo " pickle to make pickle files" @echo " json to make JSON files" @echo " htmlhelp to make HTML files and a HTML help project" @echo " qthelp to make HTML files and a qthelp project" @echo " devhelp to make HTML files and a Devhelp project" @echo " epub to make an epub" @echo " latex to make LaTeX files, you can set PAPER=a4 or PAPER=letter" @echo " latexpdf to make LaTeX files and run them through pdflatex" @echo " text to make text files" @echo " man to make manual pages" @echo " texinfo to make Texinfo files" @echo " info to make Texinfo files and run them through makeinfo" @echo " gettext to make PO message catalogs" @echo " changes to make an overview of all changed/added/deprecated items" @echo " linkcheck to check all external links for integrity" @echo " doctest to run all doctests embedded in the documentation (if enabled)" clean: -rm -rf $(BUILDDIR)/* html: $(SPHINXBUILD) -b html $(ALLSPHINXOPTS) $(BUILDDIR)/html @echo @echo "Build finished. The HTML pages are in $(BUILDDIR)/html." dirhtml: $(SPHINXBUILD) -b dirhtml $(ALLSPHINXOPTS) $(BUILDDIR)/dirhtml @echo @echo "Build finished. The HTML pages are in $(BUILDDIR)/dirhtml." singlehtml: $(SPHINXBUILD) -b singlehtml $(ALLSPHINXOPTS) $(BUILDDIR)/singlehtml @echo @echo "Build finished. The HTML page is in $(BUILDDIR)/singlehtml." pickle: $(SPHINXBUILD) -b pickle $(ALLSPHINXOPTS) $(BUILDDIR)/pickle @echo @echo "Build finished; now you can process the pickle files." json: $(SPHINXBUILD) -b json $(ALLSPHINXOPTS) $(BUILDDIR)/json @echo @echo "Build finished; now you can process the JSON files." htmlhelp: $(SPHINXBUILD) -b htmlhelp $(ALLSPHINXOPTS) $(BUILDDIR)/htmlhelp @echo @echo "Build finished; now you can run HTML Help Workshop with the" \ ".hhp project file in $(BUILDDIR)/htmlhelp." qthelp: $(SPHINXBUILD) -b qthelp $(ALLSPHINXOPTS) $(BUILDDIR)/qthelp @echo @echo "Build finished; now you can run "qcollectiongenerator" with the" \ ".qhcp project file in $(BUILDDIR)/qthelp, like this:" @echo "# qcollectiongenerator $(BUILDDIR)/qthelp/firehose.qhcp" @echo "To view the help file:" @echo "# assistant -collectionFile $(BUILDDIR)/qthelp/firehose.qhc" devhelp: $(SPHINXBUILD) -b devhelp $(ALLSPHINXOPTS) $(BUILDDIR)/devhelp @echo @echo "Build finished." @echo "To view the help file:" @echo "# mkdir -p $$HOME/.local/share/devhelp/firehose" @echo "# ln -s $(BUILDDIR)/devhelp $$HOME/.local/share/devhelp/firehose" @echo "# devhelp" epub: $(SPHINXBUILD) -b epub $(ALLSPHINXOPTS) $(BUILDDIR)/epub @echo @echo "Build finished. The epub file is in $(BUILDDIR)/epub." latex: $(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex @echo @echo "Build finished; the LaTeX files are in $(BUILDDIR)/latex." @echo "Run \`make' in that directory to run these through (pdf)latex" \ "(use \`make latexpdf' here to do that automatically)." latexpdf: $(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex @echo "Running LaTeX files through pdflatex..." $(MAKE) -C $(BUILDDIR)/latex all-pdf @echo "pdflatex finished; the PDF files are in $(BUILDDIR)/latex." text: $(SPHINXBUILD) -b text $(ALLSPHINXOPTS) $(BUILDDIR)/text @echo @echo "Build finished. The text files are in $(BUILDDIR)/text." man: $(SPHINXBUILD) -b man $(ALLSPHINXOPTS) $(BUILDDIR)/man @echo @echo "Build finished. The manual pages are in $(BUILDDIR)/man." texinfo: $(SPHINXBUILD) -b texinfo $(ALLSPHINXOPTS) $(BUILDDIR)/texinfo @echo @echo "Build finished. The Texinfo files are in $(BUILDDIR)/texinfo." @echo "Run \`make' in that directory to run these through makeinfo" \ "(use \`make info' here to do that automatically)." info: $(SPHINXBUILD) -b texinfo $(ALLSPHINXOPTS) $(BUILDDIR)/texinfo @echo "Running Texinfo files through makeinfo..." make -C $(BUILDDIR)/texinfo info @echo "makeinfo finished; the Info files are in $(BUILDDIR)/texinfo." gettext: $(SPHINXBUILD) -b gettext $(I18NSPHINXOPTS) $(BUILDDIR)/locale @echo @echo "Build finished. The message catalogs are in $(BUILDDIR)/locale." changes: $(SPHINXBUILD) -b changes $(ALLSPHINXOPTS) $(BUILDDIR)/changes @echo @echo "The overview file is in $(BUILDDIR)/changes." linkcheck: $(SPHINXBUILD) -b linkcheck $(ALLSPHINXOPTS) $(BUILDDIR)/linkcheck @echo @echo "Link check complete; look for any errors in the above output " \ "or in $(BUILDDIR)/linkcheck/output.txt." doctest: $(SPHINXBUILD) -b doctest $(ALLSPHINXOPTS) $(BUILDDIR)/doctest @echo "Testing of doctests in the sources finished, look at the " \ "results in $(BUILDDIR)/doctest/output.txt." firehose-0.5/docs/conf.py000066400000000000000000000170701311207242100154070ustar00rootroot00000000000000# -*- coding: utf-8 -*- # # firehose documentation build configuration file, created by # sphinx-quickstart on Thu Mar 30 13:58:55 2017. # # This file is execfile()d with the current directory set to its containing dir. # # Note that not all possible configuration values are present in this # autogenerated file. # # All configuration values have a default; values that are commented out # serve to show the default. import sys, os # If extensions (or modules to document with autodoc) are in another directory, # add these directories to sys.path here. If the directory is relative to the # documentation root, use os.path.abspath to make it absolute, like shown here. #sys.path.insert(0, os.path.abspath('.')) # -- General configuration ----------------------------------------------------- # If your documentation needs a minimal Sphinx version, state it here. #needs_sphinx = '1.0' # Add any Sphinx extension module names here, as strings. They can be extensions # coming with Sphinx (named 'sphinx.ext.*') or your custom ones. extensions = [] # Add any paths that contain templates here, relative to this directory. templates_path = ['_templates'] # The suffix of source filenames. source_suffix = '.rst' # The encoding of source files. #source_encoding = 'utf-8-sig' # The master toctree document. master_doc = 'index' # General information about the project. project = u'firehose' copyright = u'2017, David Malcolm' # The version info for the project you're documenting, acts as replacement for # |version| and |release|, also used in various other places throughout the # built documents. # # The short X.Y version. version = '0.5' # The full version, including alpha/beta/rc tags. release = '0.5' # The language for content autogenerated by Sphinx. Refer to documentation # for a list of supported languages. #language = None # There are two options for replacing |today|: either, you set today to some # non-false value, then it is used: #today = '' # Else, today_fmt is used as the format for a strftime call. #today_fmt = '%B %d, %Y' # List of patterns, relative to source directory, that match files and # directories to ignore when looking for source files. exclude_patterns = ['_build'] # The reST default role (used for this markup: `text`) to use for all documents. #default_role = None # If true, '()' will be appended to :func: etc. cross-reference text. #add_function_parentheses = True # If true, the current module name will be prepended to all description # unit titles (such as .. function::). #add_module_names = True # If true, sectionauthor and moduleauthor directives will be shown in the # output. They are ignored by default. #show_authors = False # The name of the Pygments (syntax highlighting) style to use. pygments_style = 'sphinx' # A list of ignored prefixes for module index sorting. #modindex_common_prefix = [] # -- Options for HTML output --------------------------------------------------- # The theme to use for HTML and HTML Help pages. See the documentation for # a list of builtin themes. html_theme = 'default' # Theme options are theme-specific and customize the look and feel of a theme # further. For a list of options available for each theme, see the # documentation. #html_theme_options = {} # Add any paths that contain custom themes here, relative to this directory. #html_theme_path = [] # The name for this set of Sphinx documents. If None, it defaults to # " v documentation". #html_title = None # A shorter title for the navigation bar. Default is the same as html_title. #html_short_title = None # The name of an image file (relative to this directory) to place at the top # of the sidebar. #html_logo = None # The name of an image file (within the static path) to use as favicon of the # docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 # pixels large. #html_favicon = None # Add any paths that contain custom static files (such as style sheets) here, # relative to this directory. They are copied after the builtin static files, # so a file named "default.css" will overwrite the builtin "default.css". html_static_path = ['_static'] # If not '', a 'Last updated on:' timestamp is inserted at every page bottom, # using the given strftime format. #html_last_updated_fmt = '%b %d, %Y' # If true, SmartyPants will be used to convert quotes and dashes to # typographically correct entities. #html_use_smartypants = True # Custom sidebar templates, maps document names to template names. #html_sidebars = {} # Additional templates that should be rendered to pages, maps page names to # template names. #html_additional_pages = {} # If false, no module index is generated. #html_domain_indices = True # If false, no index is generated. #html_use_index = True # If true, the index is split into individual pages for each letter. #html_split_index = False # If true, links to the reST sources are added to the pages. #html_show_sourcelink = True # If true, "Created using Sphinx" is shown in the HTML footer. Default is True. #html_show_sphinx = True # If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. #html_show_copyright = True # If true, an OpenSearch description file will be output, and all pages will # contain a tag referring to it. The value of this option must be the # base URL from which the finished HTML is served. #html_use_opensearch = '' # This is the file name suffix for HTML files (e.g. ".xhtml"). #html_file_suffix = None # Output file base name for HTML help builder. htmlhelp_basename = 'firehosedoc' # -- Options for LaTeX output -------------------------------------------------- latex_elements = { # The paper size ('letterpaper' or 'a4paper'). #'papersize': 'letterpaper', # The font size ('10pt', '11pt' or '12pt'). #'pointsize': '10pt', # Additional stuff for the LaTeX preamble. #'preamble': '', } # Grouping the document tree into LaTeX files. List of tuples # (source start file, target name, title, author, documentclass [howto/manual]). latex_documents = [ ('index', 'firehose.tex', u'firehose Documentation', u'David Malcolm', 'manual'), ] # The name of an image file (relative to this directory) to place at the top of # the title page. #latex_logo = None # For "manual" documents, if this is true, then toplevel headings are parts, # not chapters. #latex_use_parts = False # If true, show page references after internal links. #latex_show_pagerefs = False # If true, show URL addresses after external links. #latex_show_urls = False # Documents to append as an appendix to all manuals. #latex_appendices = [] # If false, no module index is generated. #latex_domain_indices = True # -- Options for manual page output -------------------------------------------- # One entry per manual page. List of tuples # (source start file, name, description, authors, manual section). man_pages = [ ('index', 'firehose', u'firehose Documentation', [u'David Malcolm'], 1) ] # If true, show URL addresses after external links. #man_show_urls = False # -- Options for Texinfo output ------------------------------------------------ # Grouping the document tree into Texinfo files. List of tuples # (source start file, target name, title, author, # dir menu entry, description, category) texinfo_documents = [ ('index', 'firehose', u'firehose Documentation', u'David Malcolm', 'firehose', 'One line description of project.', 'Miscellaneous'), ] # Documents to append as an appendix to all manuals. #texinfo_appendices = [] # If false, no module index is generated. #texinfo_domain_indices = True # How to display URL addresses: 'footnote', 'no', or 'inline'. #texinfo_show_urls = 'footnote' firehose-0.5/docs/data-model.rst000066400000000000000000000516641311207242100166600ustar00rootroot00000000000000.. Copyright 2017 David Malcolm Copyright 2017 Red Hat, Inc. This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Data model ========== .. This could use an XML domain for Sphinx. .. py:module:: firehose.model .. py:class:: Analysis The :py:class:`Analysis` class represents one invocation of a code analysis tool. It corresponds to the ```` XML element, the top-level element of a Firehose XML document. .. py:attribute:: metadata :py:class:`Metadata` .. py:attribute:: results A list of :py:class:`Result` objects, representing the various issues, failures, and other information found during the analysis. .. py:attribute:: customfields :py:class:`CustomFields` or ``None`` Here is the pertinent part of the XML schema: .. literalinclude:: ../firehose.rng :start-after: datatypeLibrary="http://www.w3.org/2001/XMLSchema-datatypes"> :end-before: :language: xml .. py:method:: __init__(self, metadata, results, customfields=None): :param metadata: :type metadata: :py:class:`Metadata` :param results: :type results: list(:py:class:`Result`) :param customfields: :type customfields: :py:class:`CustomFields` or None .. TODO: talk about to_xml, from_xml, to_json, from_json .. py:classmethod:: from_xml(cls, fileobj) Parse XML from fileobj, and return an :py:class:`Analysis` instance representing the data seen there. .. py:method:: to_xml(self) Generate an :py:class:`ET.ElementTree()` representing the data within self. .. py:method:: to_xml_bytes(self) Generate a ``bytes`` instance containing an XML serialization of the data within self. .. def accept(self, visitor): def fixup_files(self, relativedir=None, hashalg=None): Record the absolute path of each file, and record the digest of the file content def set_custom_field(self, name, value): Results ******* .. py:class:: Result Result is a base class There are three subclasses: * an :py:class:`Issue` represents a report from the analyzer about a possible problem with the software under test. * an :py:class:`Info` represents additional kinds of information generated by an analyzer that isn't a problem per-se e.g. code metrics, licensing info, etc. * a :py:class:`Failure` represents a report about a failure of the analyzer itself (e.g. if the analyzer crashed). .. py:class:: Issue(Result) An :py:class:`Issue` represents a report from the analyzer about a possible problem with the software under test. It corresponds to the ```` XML element within a Firehose XML document. .. py:attribute:: cwe (``int`` or ``None``): The Common Weakness Enumeration ID (see http://cwe.mitre.org/index.html ) e.g. "131" representing CWE-131 aka "Incorrect Calculation of Buffer Size" http://cwe.mitre.org/data/definitions/131.html .. py:attribute:: testid (``str`` or ``None``): Each static analysis tool potentially has multiple tests, with its own IDs for its own tests. These can be captured here, as free-form strings. .. py:attribute:: location (:py:class:`Location`): Where is the problem? .. py:attribute:: message (:py:class:`Message`): A message summarizing the problem. .. py:attribute:: notes (:py:class:`Notes` or ``None``): Additional descriptive details. .. py:attribute:: trace (:py:class:`Trace` or ``None``): An optional list of events that describe the circumstances leading up to a problem. .. py:attribute:: severity (``str`` or ``None``): Each static analysis tool potentially can report a "severity", which may be of use for filtering. The precise strings are likely to vary from tool to tool. To avoid data-transfer issues, support storing it as an optional freeform string here. See: http://lists.fedoraproject.org/pipermail/firehose-devel/2013-February/000001.html .. py:attribute:: customfields (:py:class:`CustomFields` or ``None``): A given tool/testid may have additional key/value pairs that it may be useful to capture. .. def __init__(self, cwe, testid, location, message, notes, trace, severity=None, customfields=None): if cwe is not None: assert isinstance(cwe, int) if testid is not None: assert isinstance(testid, _string_type) assert isinstance(location, Location) assert isinstance(message, Message) if notes: assert isinstance(notes, Notes) if trace: assert isinstance(trace, Trace) if severity is not None: assert isinstance(severity, _string_type) if customfields is not None: assert isinstance(customfields, CustomFields) self.cwe = cwe self.testid = testid self.location = location self.message = message self.notes = notes self.trace = trace self.severity = severity self.customfields = customfields .. py:method:: write_as_gcc_output(self, out) Write the issue in the style of a GCC warning to the given file-like object. >>> issue.write_as_gcc_output(sys.stderr) examples/python-src-example.c:40:4: warning: ob_refcnt of '*item' is 1 too high [CWE-401] was expecting final item->ob_refcnt to be N + 1 (for some unknown N) due to object being referenced by: PyListObject.ob_item[0] but final item->ob_refcnt is N + 2 examples/python-src-example.c:36:14: note: PyLongObject allocated at: item = PyLong_FromLong(random()); examples/python-src-example.c:37:8: note: when PyList_Append() succeeds .. py:method:: get_cwe_str(self) Get a string giving the CWE title, or None:: >>> issue.get_cwe_str() 'CWE-131' .. py:method:: get_cwe_url(self) Get a string containing the URL of the CWE id, or None:: >>> issue.get_cwe_url() 'http://cwe.mitre.org/data/definitions/131.html' .. py:class:: Info(Result) An :py:class:`Info` represents additional kinds of information generated by an analyzer that isn't a problem per-se e.g. code metrics, licensing info, cross-referencing information, etc. It corresponds to the ```` XML element within a Firehose XML document. .. py:attribute:: infoid (``str`` or ``None``): an optional free-form string identifying the kind of information being reported. .. py:attribute:: location :py:class:`Location` or ``None`` .. py:attribute:: message :py:class:`Message` or ``None`` .. py:attribute:: customfields :py:class:`CustomFields` or ``None`` .. def __init__(self, infoid, location, message, customfields): if infoid is not None: assert isinstance(infoid, _string_type) if location is not None: assert isinstance(location, Location) if message is not None: assert isinstance(message, Message) if customfields is not None: assert isinstance(customfields, CustomFields) self.infoid = infoid self.location = location self.message = message self.customfields = customfields .. py:class:: Failure(Result) A :py:class:`Failure` represents a report about a failure of the analyzer itself (e.g. if the analyzer crashed). If any of these are present then we don't have full coverage. For some analyzers this is an all-or-nothing affair: we either get issues reported, or a failure happens (e.g. a segfault of the analysis tool). Other analyzers may be more fine-grained: able to report some issues, but choke on some subset of the code under analysis. For example cpychecker runs once per function, and any unhandled Python exceptions only affect one function. It corresponds to the ```` XML element within a Firehose XML document. .. py:attribute:: failureid (``str`` or ``None``): Each static analysis tool potentially can identify types of way that it can fail. Capture those that do here, as (optional) free-form strings. .. py:attribute:: location :py:class:`Location`: Some analysis tools may be able to annotate a failure report by providing the location *within the software-under-test* that broke them. For example, gcc-python-plugin has a ``gcc.set_location()`` method which can be used by a code analysis script to record what location is being analyzed, so that if unhandled Python exception happens, it is reported at that location. This is invaluable when debugging analysis failures. .. py:attribute:: message :py:class:`Message`: A summary of the failure. .. py:attribute:: customfields :py:class:`CustomFields` or ``None``: Every type of failure seems to have its own kinds of data that are worth capturing: * stdout/stderr/returncode for a failed subprocess * traceback for an unhandled Python exception * verbose extra information about a cppcheck failure etc. Hence we allow a ```` to optionally contain extra key/value pairs, based on the ``failureid``. .. def __init__(self, failureid, location, message, customfields): if failureid is not None: assert isinstance(failureid, _string_type) if location is not None: assert isinstance(location, Location) if message is not None: assert isinstance(message, Message) if customfields is not None: assert isinstance(customfields, CustomFields) self.failureid = failureid self.location = location self.message = message self.customfields = customfields Metadata ******** .. py:class:: Metadata Holder for metadata about an analyzer invocation. It corresponds to the ```` XML element within a Firehose XML document. .. py:attribute:: generator :py:class:`Generator` .. py:attribute:: sut :py:class:`Sut` or ``None`` .. py:attribute:: file_ :py:class:`File` or ``None`` .. py:attribute:: stats :py:class:`Stats` or ``None`` .. def __init__(self, generator, sut, file_, stats): assert isinstance(generator, Generator) if sut is not None: assert isinstance(sut, Sut) if file_ is not None: assert isinstance(file_, File) if stats is not None: assert isinstance(stats, Stats) self.generator = generator self.sut = sut self.file_ = file_ self.stats = stats .. py:class:: Generator .. py:attribute:: name ``str`` .. py:attribute:: version ``str`` or ``None`` .. py:class:: Stats :py:class:`Stats` is an optional field of :py:class:`Metadata` for capturing stats about an analysis run. .. py:attribute:: wallclocktime ``float``: how long (in seconds) the analyzer took to run Describing the software under test ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ .. warning:: this part of the schema may need more thought/work .. py:class:: Sut Base class for describing the software-under-test. .. py:class:: SourceRpm(Sut) It corresponds to the ```` XML element within a Firehose XML document. .. py:attribute:: name ``str`` .. py:attribute:: version ``str`` .. py:attribute:: release ``str`` .. py:attribute:: buildarch ``str`` .. py:class:: DebianBinary(Sut) Internal Firehose representation of a Debian binary package. This Object is extremely similar to a SourceRpm. It corresponds to the ```` XML element within a Firehose XML document. .. py:attribute:: name ``str``: the *binary* package name. .. py:attribute:: version ``str``: should match Upstream's version number .. py:attribute:: release ``str`` or ``None``: should be the Debian package local version. This should only be omited if the package is a Debian Native package. .. py:attribute:: buildarch ``str``: valid entries include ``amd64`', ``kfreebsd-amd64``, ``armhf``, ``hurd-i386``, among others for Debian. .. py:class:: DebianSource(Sut) Internal Firehose representation of a Debian source package. This Object is extremely similar to a SourceRpm, but does not include the `buildarch` attribute. It corresponds to the ```` XML element within a Firehose XML document. .. py:attribute:: name ``str``: should be the *source* package name .. py:attribute:: version ``str``: should match Upstream's version number .. py:attribute:: release ``str`` or ``None``: if given, should be the Debian package local version. This should only be omited if the package is a Debian Native package. .. py:class:: Message Summary text aimed at a developer. This is required for an :py:class:`Issue`, but is also can (optionally) be provided by a :py:class:`Failure` or :py:class:`Info`. It corresponds to the ```` XML element within a Firehose XML document. .. py:attribute:: text ``str`` .. py:class:: Notes Additional optional descriptive details for a :py:class:`Result` or for a :py:class:`State`. It corresponds to the ```` XML element within a Firehose XML document. .. py:attribute:: text ``str`` .. This might support some simple markup at some point (as might :py:class:`Message`). Describing source code ********************** .. py:class:: Location A particular source code location. It corresponds to the ```` XML element within a Firehose XML document. .. py:attribute:: file :py:class:`File` .. py:attribute:: function :py:class:`Function` or ``None``. The function (or method) containing the problem. This is optional. Some problems occur in global scope, and unfortunately, some analyzers don't always report which function each problem was discovered in. Given that function names are less likely to change than line numbers, this is something that we should patch in each upstream analyzer as we go. We can refer to either a location, or a range of locations within the file: .. py:attribute:: point :py:class:`Point` or ``None`` .. py:attribute:: range_ :py:class:`Range` or ``None`` .. def __init__(self, file, function, point=None, range_=None): assert isinstance(file, File) if function is not None: assert isinstance(function, Function) if point is not None: assert isinstance(point, Point) if range_ is not None: assert isinstance(range_, Range) self.file = file self.function = function self.point = point self.range_ = range_ @property def line(self): if self.point is not None: return self.point.line if self.range_ is not None: return self.range_.start.line @property def column(self): if self.point is not None: return self.point.column if self.range_ is not None: return self.range_.start.column .. py:class:: File A description of a particular source file. It corresponds to the ```` XML element within a Firehose XML document. .. py:attribute:: givenpath ``str``: the filename given by the analyzer. This is typically the one supplied to it on the command line, which might be absolute or relative. Examples: * "foo.c" * "./src/foo.c" * "/home/david/libfoo-1.0/src/foo.c" .. py:attribute:: abspath (``str`` or ``None``): Optionally, a record of the absolute path of the file, to help deal with collating results from a build that changes working directory (e.g. recursive make). .. py:attribute:: hash_ (:py:class:`Hash` or ``None``) .. def __init__(self, givenpath, abspath, hash_=None): assert isinstance(givenpath, ``str``) if abspath is not None: assert isinstance(abspath, ``str``) if hash_ is not None: assert isinstance(hash_, Hash) self.givenpath = givenpath self.abspath = abspath self.hash_ = hash_ .. py:class:: Hash An optional value within :py:class:`File`, allowing the report to specify a hash value for a particular file. This can be used for tracking different versions of files when collating different reports and e.g. for caching file content in a UI. It corresponds to the ```` XML element within a Firehose XML document. .. py:attribute:: alg ``str``: the name of the hash algorithm. TODO: what naming convention? .. py:attribute:: hexdigest ``str``: the hexadecimal value of the digest (lower-case hexdigits, without any leading `0x`). .. def __init__(self, alg, hexdigest): assert isinstance(alg, ``str``) assert isinstance(hexdigest, ``str``) self.alg = alg self.hexdigest = hexdigest .. py:class:: Function Identification of a particular function within source code. It corresponds to the ```` XML element within a Firehose XML document. .. py:attribute:: name ``str``: the name of the function or method. .. def __init__(self, name): self.name = name .. py:class:: Point Identification of a particular line/column within a source file. It corresponds to the ```` XML element within a Firehose XML document. .. py:attribute:: line ``int``: the 1-based number of the line containing the point .. py:attribute:: column ``int``: 1-based number of the column .. note:: GCC uses a 1-based convention for source columns, whereas Emacs's ``M-x column-number-mode`` uses a 0-based convention. For example, an error in the initial, left-hand column of source line 3 is reported by GCC as:: some-file.c:3:1: error: ...etc... On navigating to the location of that error in Emacs (e.g. via ``next-error``), the locus is reported in the Mode Line (assuming ``M-x column-number-mode``) as:: some-file.c 10% (3, 0) i.e. ``3:1:`` in GCC corresponds to ``(3, 0)`` in Emacs. .. py:class:: Range Identification of a range of text within a source file. It corresponds to the ```` XML element within a Firehose XML document. .. py:attribute:: start (:py:class:`Point`) .. py:attribute:: end (:py:class:`Point`) Capturing the circumstances leading up to a problem *************************************************** .. py:class:: Trace An optional list of events within an :py:class:`Issue` that describe the circumstances leading up to a problem. It corresponds to the ```` XML element within a Firehose XML document. See :ref:`example of a trace `. .. py:attribute:: states list of :py:class:`State` .. py:class:: State A state within a :py:class:`Trace`. .. py:attribute:: location :py:class:`Location` .. py:attribute:: notes :py:class:`Notes` or ``None`` .. def __init__(self, location, notes): assert isinstance(location, Location) if notes is not None: assert isinstance(notes, Notes) self.location = location self.notes = notes Other data ********** .. py:class:: CustomFields(OrderedDict) A big escape-hatch in the data model: support for arbitrary, ordered key/value pairs for roundtripping data specific to a particular situation. e.g. debugging attributes for a particular failure It corresponds to the ```` XML element within a Firehose XML document. .. TODO: * .. py:class:: Visitor * main firehose-0.5/docs/examples.rst000066400000000000000000000043611311207242100164570ustar00rootroot00000000000000.. Copyright 2017 David Malcolm Copyright 2017 Red Hat, Inc. This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Examples ======== A first example *************** .. literalinclude:: ../examples/example-1.xml :start-after: --> :language: xml :prepend: Example with a trace of activity ******************************** .. _trace_example: .. literalinclude:: ../examples/example-2.xml :start-after: --> :language: xml :prepend: Example of analysis failures **************************** .. literalinclude:: ../examples/example-3.xml :start-after: --> :language: xml :prepend: .. literalinclude:: ../examples/example-4.xml :start-after: --> :language: xml :prepend: .. literalinclude:: ../examples/example-6.xml :start-after: --> :language: xml :prepend: Example of ranges ***************** .. literalinclude:: ../examples/example-5.xml :start-after: --> :language: xml :prepend: Debian Examples **************** .. literalinclude:: ../examples/example-debian-source.xml :start-after: --> :language: xml :prepend: .. literalinclude:: ../examples/example-debian-binary.xml :start-after: --> :language: xml :prepend: etc firehose-0.5/docs/index.rst000066400000000000000000000041251311207242100157460ustar00rootroot00000000000000.. Copyright 2017 David Malcolm Copyright 2017 Red Hat, Inc. This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Welcome to firehose's documentation! ==================================== "firehose" is a Python package intended for managing the results from code analysis tools (e.g. compiler warnings, static analysis, linters, etc). It currently provides parsers for the output of gcc, clang-analyzer, cppcheck, and findbugs. These parsers convert the results into a common data model of Python objects, with methods for lossless roundtrips through a provided XML format. There is also a JSON equivalent. It is available on pypi here: https://pypi.python.org/pypi/firehose and via git from: https://github.com/fedora-static-analysis/firehose The mailing list is: https://admin.fedoraproject.org/mailman/listinfo/firehose-devel Firehose is Free Software, licensed under the LGPLv2.1 or (at your option) any later version. It requires Python 2.7 or 3.2 onwards, and has been successfully tested with PyPy. It is currently of alpha quality. The API and serialization formats are not yet set in stone (and we're keen on hearing feedback before we lock things down more). Contents: .. toctree:: :maxdepth: 2 motivation.rst examples.rst data-model.rst parsers.rst rng-schema.rst Indices and tables ================== * :ref:`genindex` * :ref:`modindex` * :ref:`search` firehose-0.5/docs/make.bat000066400000000000000000000117541311207242100155200ustar00rootroot00000000000000@ECHO OFF REM Command file for Sphinx documentation if "%SPHINXBUILD%" == "" ( set SPHINXBUILD=sphinx-build ) set BUILDDIR=_build set ALLSPHINXOPTS=-d %BUILDDIR%/doctrees %SPHINXOPTS% . set I18NSPHINXOPTS=%SPHINXOPTS% . if NOT "%PAPER%" == "" ( set ALLSPHINXOPTS=-D latex_paper_size=%PAPER% %ALLSPHINXOPTS% set I18NSPHINXOPTS=-D latex_paper_size=%PAPER% %I18NSPHINXOPTS% ) if "%1" == "" goto help if "%1" == "help" ( :help echo.Please use `make ^` where ^ is one of echo. html to make standalone HTML files echo. dirhtml to make HTML files named index.html in directories echo. singlehtml to make a single large HTML file echo. pickle to make pickle files echo. json to make JSON files echo. htmlhelp to make HTML files and a HTML help project echo. qthelp to make HTML files and a qthelp project echo. devhelp to make HTML files and a Devhelp project echo. epub to make an epub echo. latex to make LaTeX files, you can set PAPER=a4 or PAPER=letter echo. text to make text files echo. man to make manual pages echo. texinfo to make Texinfo files echo. gettext to make PO message catalogs echo. changes to make an overview over all changed/added/deprecated items echo. linkcheck to check all external links for integrity echo. doctest to run all doctests embedded in the documentation if enabled goto end ) if "%1" == "clean" ( for /d %%i in (%BUILDDIR%\*) do rmdir /q /s %%i del /q /s %BUILDDIR%\* goto end ) if "%1" == "html" ( %SPHINXBUILD% -b html %ALLSPHINXOPTS% %BUILDDIR%/html if errorlevel 1 exit /b 1 echo. echo.Build finished. The HTML pages are in %BUILDDIR%/html. goto end ) if "%1" == "dirhtml" ( %SPHINXBUILD% -b dirhtml %ALLSPHINXOPTS% %BUILDDIR%/dirhtml if errorlevel 1 exit /b 1 echo. echo.Build finished. The HTML pages are in %BUILDDIR%/dirhtml. goto end ) if "%1" == "singlehtml" ( %SPHINXBUILD% -b singlehtml %ALLSPHINXOPTS% %BUILDDIR%/singlehtml if errorlevel 1 exit /b 1 echo. echo.Build finished. The HTML pages are in %BUILDDIR%/singlehtml. goto end ) if "%1" == "pickle" ( %SPHINXBUILD% -b pickle %ALLSPHINXOPTS% %BUILDDIR%/pickle if errorlevel 1 exit /b 1 echo. echo.Build finished; now you can process the pickle files. goto end ) if "%1" == "json" ( %SPHINXBUILD% -b json %ALLSPHINXOPTS% %BUILDDIR%/json if errorlevel 1 exit /b 1 echo. echo.Build finished; now you can process the JSON files. goto end ) if "%1" == "htmlhelp" ( %SPHINXBUILD% -b htmlhelp %ALLSPHINXOPTS% %BUILDDIR%/htmlhelp if errorlevel 1 exit /b 1 echo. echo.Build finished; now you can run HTML Help Workshop with the ^ .hhp project file in %BUILDDIR%/htmlhelp. goto end ) if "%1" == "qthelp" ( %SPHINXBUILD% -b qthelp %ALLSPHINXOPTS% %BUILDDIR%/qthelp if errorlevel 1 exit /b 1 echo. echo.Build finished; now you can run "qcollectiongenerator" with the ^ .qhcp project file in %BUILDDIR%/qthelp, like this: echo.^> qcollectiongenerator %BUILDDIR%\qthelp\firehose.qhcp echo.To view the help file: echo.^> assistant -collectionFile %BUILDDIR%\qthelp\firehose.ghc goto end ) if "%1" == "devhelp" ( %SPHINXBUILD% -b devhelp %ALLSPHINXOPTS% %BUILDDIR%/devhelp if errorlevel 1 exit /b 1 echo. echo.Build finished. goto end ) if "%1" == "epub" ( %SPHINXBUILD% -b epub %ALLSPHINXOPTS% %BUILDDIR%/epub if errorlevel 1 exit /b 1 echo. echo.Build finished. The epub file is in %BUILDDIR%/epub. goto end ) if "%1" == "latex" ( %SPHINXBUILD% -b latex %ALLSPHINXOPTS% %BUILDDIR%/latex if errorlevel 1 exit /b 1 echo. echo.Build finished; the LaTeX files are in %BUILDDIR%/latex. goto end ) if "%1" == "text" ( %SPHINXBUILD% -b text %ALLSPHINXOPTS% %BUILDDIR%/text if errorlevel 1 exit /b 1 echo. echo.Build finished. The text files are in %BUILDDIR%/text. goto end ) if "%1" == "man" ( %SPHINXBUILD% -b man %ALLSPHINXOPTS% %BUILDDIR%/man if errorlevel 1 exit /b 1 echo. echo.Build finished. The manual pages are in %BUILDDIR%/man. goto end ) if "%1" == "texinfo" ( %SPHINXBUILD% -b texinfo %ALLSPHINXOPTS% %BUILDDIR%/texinfo if errorlevel 1 exit /b 1 echo. echo.Build finished. The Texinfo files are in %BUILDDIR%/texinfo. goto end ) if "%1" == "gettext" ( %SPHINXBUILD% -b gettext %I18NSPHINXOPTS% %BUILDDIR%/locale if errorlevel 1 exit /b 1 echo. echo.Build finished. The message catalogs are in %BUILDDIR%/locale. goto end ) if "%1" == "changes" ( %SPHINXBUILD% -b changes %ALLSPHINXOPTS% %BUILDDIR%/changes if errorlevel 1 exit /b 1 echo. echo.The overview file is in %BUILDDIR%/changes. goto end ) if "%1" == "linkcheck" ( %SPHINXBUILD% -b linkcheck %ALLSPHINXOPTS% %BUILDDIR%/linkcheck if errorlevel 1 exit /b 1 echo. echo.Link check complete; look for any errors in the above output ^ or in %BUILDDIR%/linkcheck/output.txt. goto end ) if "%1" == "doctest" ( %SPHINXBUILD% -b doctest %ALLSPHINXOPTS% %BUILDDIR%/doctest if errorlevel 1 exit /b 1 echo. echo.Testing of doctests in the sources finished, look at the ^ results in %BUILDDIR%/doctest/output.txt. goto end ) :end firehose-0.5/docs/motivation.rst000066400000000000000000000064271311207242100170370ustar00rootroot00000000000000.. Copyright 2017 David Malcolm Copyright 2017 Red Hat, Inc. This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Motivation ========== Motivation: http://lists.fedoraproject.org/pipermail/devel/2012-December/175232.html We want to slurp the results from static code analysis into a database, which means coercing all of the results into some common interchange format, codenamed "firehose" (which could also be the name of the database). The idea is a common XML format that all tools can emit that: * describes a warning * gives source-code location of the warning: filename, function, line number. * optionally with a `CWE `_ identifier * potentially with other IDs and URLs, e.g. the ID "SIG30-C" with URL https://www.securecoding.cert.org/confluence/display/seccode/SIG30-C.+Call+only+asynchronous-safe+functions+within+signal+handlers * optionally describes code path to get there (potentially interprocedural across source files), potentially with "state" annotations (e.g. in the case of a reference-counting bug, it's useful to be able to annotate the changes to the refcount). together with a simple Python API for working with the format as a collection of Python objects (creating, write to XML, read from XML, modification, etc) The data can be round-tripped through both XML and JSON. There is a `RELAX-NG schema `_ for validating XML files. References to source files in the format can include a hash of the source file itself (e.g. SHA-1) so that you can uniquely identify which source file you were talking about. This format would be slurped into the DB for the web UI, and can have other things done to it without needing a server: e.g.: * convert it to the textual form of a gcc compilation error, so that Emacs etc can parse it and take you to the source * be turned into a simple HTML report locally on your workstation Projects using Firehose: * `mock-with-analysis `_ can rebuild a source RPM, capturing the results of 4 different code analysis tools in Firehose format (along with all source files that were mentioned in any report). * The `"firehose" branch `_ of `cpychecker `_ can natively emit Firehose XML reports * https://github.com/paultag/storz/blob/master/wrappers/storz-lintian firehose-0.5/docs/parsers.rst000066400000000000000000000035251311207242100163210ustar00rootroot00000000000000.. Copyright 2017 David Malcolm Copyright 2017 Red Hat, Inc. This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Parsers ======= There are various parsers that take the output of specific analyzers and turn them into :py:class:`firehose.model.Analysis` instances. * clanganalyzer.py Parser for the ``.plist`` files emitted by the `clang-static-analyzer `_, when :option:`-plist` is passed as an option to "scan-build" or "clang" * cppcheck.py Parser for output from `cppcheck `_, specifically, version 2 of its XML format as generated by: .. code-block:: sh cppcheck PATH_TO_SOURCES --xml --xml-version=2 * findbugs.py Parser for xml output from `findbugs `_. * frama_c.py Parser for warnings emitted by `frama-c `_. * gcc.py Parser for warnings emitted by `GCC `_. * flawfinder.py Parser for warnings emitted by `flawfinder `_. * splint.py Parser for the :option:`-csv` output format from `splint `_. firehose-0.5/docs/rng-schema.rst000066400000000000000000000020061311207242100166570ustar00rootroot00000000000000.. Copyright 2017 David Malcolm Copyright 2017 Red Hat, Inc. This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Schema for the XML format ========================= For reference, here's the RELAX-NG schema for the XML serialization format: .. literalinclude:: ../firehose.rng :language: xml firehose-0.5/examples/000077500000000000000000000000001311207242100147715ustar00rootroot00000000000000firehose-0.5/examples/example-1.xml000066400000000000000000000046751311207242100173200ustar00rootroot00000000000000 Mismatching type in call to PyArg_ParseTuple with format code "i" argument 3 ("&count") had type "long int *" (pointing to 64 bits) but was expecting "int *" (pointing to 32 bits) for format code "i" PyArg_ParseTuple i i "int *" (pointing to 32 bits) "long int *" (pointing to 64 bits) &count 3 firehose-0.5/examples/example-2.xml000066400000000000000000000054541311207242100173150ustar00rootroot00000000000000 ob_refcnt of '*item' is 1 too high was expecting final item->ob_refcnt to be N + 1 (for some unknown N) due to object being referenced by: PyListObject.ob_item[0] but final item->ob_refcnt is N + 2 PyLongObject allocated at: item = PyLong_FromLong(random()); when PyList_Append() succeeds firehose-0.5/examples/example-3.xml000066400000000000000000000030411311207242100173040ustar00rootroot00000000000000 -11 firehose-0.5/examples/example-4.xml000066400000000000000000000155351311207242100173200ustar00rootroot00000000000000 wspy_register.c: In function 'register_all_py_protocols_func': wspy_register.c:159:42: error: Unhandled Python exception raised calling 'execute' method Traceback (most recent call last): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/__init__.py", line 75, in execute self._check_refcounts(fun) File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/__init__.py", line 79, in _check_refcounts self.show_possible_null_derefs) File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/refcounts.py", line 3668, in check_refcounts limits=limits) File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2893, in iter_traces transitions = curstate.get_transitions() File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2013, in get_transitions return self._get_transitions_for_stmt(stmt) File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2029, in _get_transitions_for_stmt return self._get_transitions_for_GimpleCall(stmt) File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2212, in _get_transitions_for_GimpleCall raise NotImplementedError('not yet implemented: %s' % fnname) NotImplementedError: not yet implemented: PySequence_Check firehose-0.5/examples/example-5.xml000066400000000000000000000040261311207242100173120ustar00rootroot00000000000000 Mismatching type in call to PyArg_ParseTuple with format code "i" argument 3 ("&count") had type "long int *" (pointing to 64 bits) but was expecting "int *" (pointing to 32 bits) for format code "i" firehose-0.5/examples/example-6.xml000066400000000000000000000035651311207242100173220ustar00rootroot00000000000000 this function is too complicated for the reference-count checker to fully analyze: not all paths were analyzed firehose-0.5/examples/example-7.xml000066400000000000000000000055551311207242100173240ustar00rootroot00000000000000 Body of function foo falls-through. Adding a return statement def\'n of func main at new.c:3 (sum 1081) conflicts with the one at main.c:10 (sum 1879968716785197); keeping the one at main.c:10. accessing out of bounds index [0..64]. assert sq64 &lt; 64; accessing out of bounds index [0..120]. assert Sq64ToSq120[index] &lt; 120; accessing uninitialized left-value: assert \\initialized(&table-&gt;pTable); completely indeterminate value in board with offsets {402400}. no final state. Probably unreachable... no final state. Probably unreachable... no final state. Probably unreachable... no final state. Probably unreachable... No code nor explicit assigns clause for function gettimeofday, generating default assigns from the specification firehose-0.5/examples/example-debian-binary.xml000066400000000000000000000022611311207242100216510ustar00rootroot00000000000000 firehose-0.5/examples/example-debian-source.xml000066400000000000000000000022231311207242100216630ustar00rootroot00000000000000 firehose-0.5/examples/example-frama_c.log000066400000000000000000001543431311207242100205270ustar00rootroot00000000000000[kernel] Parsing FRAMAC_SHARE/libc/__fc_builtin_for_normalization.i (no preprocessing) [kernel] Parsing attack.c (with preprocessing) [kernel] Parsing bitboards.c (with preprocessing) [kernel] Parsing board.c (with preprocessing) [kernel] Parsing data.c (with preprocessing) [kernel] Parsing hashkeys.c (with preprocessing) [kernel] Parsing init.c (with preprocessing) [kernel] Parsing io.c (with preprocessing) [kernel] Parsing main.c (with preprocessing) [kernel] Parsing makemove.c (with preprocessing) [kernel] Parsing misc.c (with preprocessing) [kernel] Parsing movegen.c (with preprocessing) [kernel] Parsing new.c (with preprocessing) new.c:13:[kernel] warning: Body of function foo falls-through. Adding a return statement [kernel] Parsing perft.c (with preprocessing) [kernel] Parsing pvtable.c (with preprocessing) [kernel] Parsing search.c (with preprocessing) [kernel] Parsing validate.c (with preprocessing) new.c:3:[kernel] warning: def'n of func main at new.c:3 (sum 1081) conflicts with the one at main.c:10 (sum 1879968716785197); keeping the one at main.c:10. [sparecode] remove unused code... [value] Analyzing a complete application starting at main [value] Computing initial state [value] Initial state computed [value] Values of globals at initialization __FC_errno ∈ [--..--] __fc_stdin ∈ {{ NULL ; &S___fc_stdin[0] }} __fc_stdout ∈ {{ NULL ; &S___fc_stdout[0] }} __fc_fopen[0..511] ∈ {0} __p_fc_fopen ∈ {{ &__fc_fopen[0] }} __fc_random_counter ∈ {0} __fc_rand_max ∈ {32767} __fc_heap_status ∈ [--..--] PieceCol[0] ∈ {2} [1..6] ∈ {0} [7..12] ∈ {1} PieceKnight[0..1] ∈ {0} [2] ∈ {1} [3..7] ∈ {0} [8] ∈ {1} [9..12] ∈ {0} PieceKing[0..5] ∈ {0} [6] ∈ {1} [7..11] ∈ {0} [12] ∈ {1} PieceRookQueen[0..3] ∈ {0} [4..5] ∈ {1} [6..9] ∈ {0} [10..11] ∈ {1} [12] ∈ {0} PieceBishopQueen[0..2] ∈ {0} [3] ∈ {1} [4] ∈ {0} [5] ∈ {1} [6..8] ∈ {0} [9] ∈ {1} [10] ∈ {0} [11] ∈ {1} [12] ∈ {0} KnDir[0] ∈ {-8} [1] ∈ {-19} [2] ∈ {-21} [3] ∈ {-12} [4] ∈ {8} [5] ∈ {19} [6] ∈ {21} [7] ∈ {12} RkDir[0] ∈ {-1} [1] ∈ {-10} [2] ∈ {1} [3] ∈ {10} BiDir[0] ∈ {-9} [1] ∈ {-11} [2] ∈ {11} [3] ∈ {9} KiDir[0] ∈ {-1} [1] ∈ {-10} [2] ∈ {1} [3] ∈ {10} [4] ∈ {-9} [5] ∈ {-11} [6] ∈ {11} [7] ∈ {9} Sq120ToSq64[0..119] ∈ {0} BitTable[0] ∈ {63} [1] ∈ {30} [2] ∈ {3} [3] ∈ {32} [4] ∈ {25} [5] ∈ {41} [6] ∈ {22} [7] ∈ {33} [8] ∈ {15} [9] ∈ {50} [10] ∈ {42} [11] ∈ {13} [12] ∈ {11} [13] ∈ {53} [14] ∈ {19} [15] ∈ {34} [16] ∈ {61} [17] ∈ {29} [18] ∈ {2} [19] ∈ {51} [20] ∈ {21} [21] ∈ {43} [22] ∈ {45} [23] ∈ {10} [24] ∈ {18} [25] ∈ {47} [26] ∈ {1} [27] ∈ {54} [28] ∈ {9} [29] ∈ {57} [30] ∈ {0} [31] ∈ {35} [32] ∈ {62} [33] ∈ {31} [34] ∈ {40} [35] ∈ {4} [36] ∈ {49} [37] ∈ {5} [38] ∈ {52} [39] ∈ {26} [40] ∈ {60} [41] ∈ {6} [42] ∈ {23} [43] ∈ {44} [44] ∈ {46} [45] ∈ {27} [46] ∈ {56} [47] ∈ {16} [48] ∈ {7} [49] ∈ {39} [50] ∈ {48} [51] ∈ {24} [52] ∈ {59} [53] ∈ {14} [54] ∈ {12} [55] ∈ {55} [56] ∈ {38} [57] ∈ {28} [58] ∈ {58} [59] ∈ {20} [60] ∈ {37} [61] ∈ {17} [62] ∈ {36} [63] ∈ {8} Sq64ToSq120[0..63] ∈ {0} SetMask[0..63] ∈ {0} PceChar[0] ∈ {46} [1] ∈ {80} [2] ∈ {78} [3] ∈ {66} [4] ∈ {82} [5] ∈ {81} [6] ∈ {75} [7] ∈ {112} [8] ∈ {110} [9] ∈ {98} [10] ∈ {114} [11] ∈ {113} [12] ∈ {107} [13] ∈ {0} SideChar[0] ∈ {119} [1] ∈ {98} [2] ∈ {45} [3] ∈ {0} PieceBig[0..1] ∈ {0} [2..6] ∈ {1} [7] ∈ {0} [8..12] ∈ {1} PieceMaj[0..3] ∈ {0} [4..6] ∈ {1} [7..9] ∈ {0} [10..12] ∈ {1} PieceMin[0..1] ∈ {0} [2..3] ∈ {1} [4..7] ∈ {0} [8..9] ∈ {1} [10..12] ∈ {0} PieceVal[0] ∈ {0} [1] ∈ {100} [2..3] ∈ {325} [4] ∈ {550} [5] ∈ {1000} [6] ∈ {50000} [7] ∈ {100} [8..9] ∈ {325} [10] ∈ {550} [11] ∈ {1000} [12] ∈ {50000} RanksBrd[0..119] ∈ {0} RankChar[0] ∈ {49} [1] ∈ {50} [2] ∈ {51} [3] ∈ {52} [4] ∈ {53} [5] ∈ {54} [6] ∈ {55} [7] ∈ {56} [8] ∈ {0} FileChar[0] ∈ {97} [1] ∈ {98} [2] ∈ {99} [3] ∈ {100} [4] ∈ {101} [5] ∈ {102} [6] ∈ {103} [7] ∈ {104} [8] ∈ {0} PiecePawn[0] ∈ {0} [1] ∈ {1} [2..6] ∈ {0} [7] ∈ {1} [8..12] ∈ {0} PieceSlides[0..2] ∈ {0} [3..5] ∈ {1} [6..8] ∈ {0} [9..11] ∈ {1} [12] ∈ {0} PieceKeys[0..12][0..119] ∈ {0} SideKey ∈ {0} CastleKeys[0..15] ∈ {0} ClearMask[0..63] ∈ {0} FilesBrd[0..119] ∈ {0} CastlePerm[0..20] ∈ {15} [21] ∈ {13} [22..24] ∈ {15} [25] ∈ {12} [26..27] ∈ {15} [28] ∈ {14} [29..90] ∈ {15} [91] ∈ {7} [92..94] ∈ {15} [95] ∈ {3} [96..97] ∈ {15} [98] ∈ {11} [99..119] ∈ {15} __fc_time ∈ [--..--] __fc_tz ∈ [--..--] LoopSlidePce[0] ∈ {3} [1] ∈ {4} [2] ∈ {5} [3] ∈ {0} [4] ∈ {9} [5] ∈ {10} [6] ∈ {11} [7] ∈ {0} LoopNonSlidePce[0] ∈ {2} [1] ∈ {6} [2] ∈ {0} [3] ∈ {8} [4] ∈ {12} [5] ∈ {0} LoopSlideIndex[0] ∈ {0} [1] ∈ {4} LoopNonSlideIndex[0] ∈ {0} [1] ∈ {3} PceDir[0..1][0..7] ∈ {0} [2][0] ∈ {-8} [2][1] ∈ {-19} [2][2] ∈ {-21} [2][3] ∈ {-12} [2][4] ∈ {8} [2][5] ∈ {19} [2][6] ∈ {21} [2][7] ∈ {12} [3][0] ∈ {-9} [3][1] ∈ {-11} [3][2] ∈ {11} [3][3] ∈ {9} [3][4..7] ∈ {0} [4][0] ∈ {-1} [4][1] ∈ {-10} [4][2] ∈ {1} [4][3] ∈ {10} [4][4..7] ∈ {0} [5][0] ∈ {-1} [5][1] ∈ {-10} [5][2] ∈ {1} [5][3] ∈ {10} [5][4] ∈ {-9} [5][5] ∈ {-11} [5][6] ∈ {11} [5][7] ∈ {9} [6][0] ∈ {-1} [6][1] ∈ {-10} [6][2] ∈ {1} [6][3] ∈ {10} [6][4] ∈ {-9} [6][5] ∈ {-11} [6][6] ∈ {11} [6][7] ∈ {9} [7][0..7] ∈ {0} [8][0] ∈ {-8} [8][1] ∈ {-19} [8][2] ∈ {-21} [8][3] ∈ {-12} [8][4] ∈ {8} [8][5] ∈ {19} [8][6] ∈ {21} [8][7] ∈ {12} [9][0] ∈ {-9} [9][1] ∈ {-11} [9][2] ∈ {11} [9][3] ∈ {9} [9][4..7] ∈ {0} [10][0] ∈ {-1} [10][1] ∈ {-10} [10][2] ∈ {1} [10][3] ∈ {10} [10][4..7] ∈ {0} [11][0] ∈ {-1} [11][1] ∈ {-10} [11][2] ∈ {1} [11][3] ∈ {10} [11][4] ∈ {-9} [11][5] ∈ {-11} [11][6] ∈ {11} [11][7] ∈ {9} [12][0] ∈ {-1} [12][1] ∈ {-10} [12][2] ∈ {1} [12][3] ∈ {10} [12][4] ∈ {-9} [12][5] ∈ {-11} [12][6] ∈ {11} [12][7] ∈ {9} NumDir[0..1] ∈ {0} [2] ∈ {8} [3..4] ∈ {4} [5..6] ∈ {8} [7] ∈ {0} [8] ∈ {8} [9..10] ∈ {4} [11..12] ∈ {8} leafNodes ∈ {0} PvSize ∈ {2097152} SqStr[0..2] ∈ {0} MvStr[0..5] ∈ {0} S___fc_stdin[0]{.__fc_stdio_id; .__fc_position; .__fc_error; .__fc_eof} ∈ [--..--] [0].[bits 80 to 95] ∈ UNINITIALIZED [0].__fc_flags ∈ [--..--] [0].__fc_inode ∈ {{ NULL ; &S___fc_inode_0_S___fc_stdin[0] }} [0].__fc_real_data ∈ {{ NULL ; &S___fc_real_data_0_S___fc_stdin[0] }} {[0].__fc_real_data_max_size; [1]{.__fc_stdio_id; .__fc_position; .__fc_error; .__fc_eof}} ∈ [--..--] [1].[bits 80 to 95] ∈ UNINITIALIZED [1].__fc_flags ∈ [--..--] [1].__fc_inode ∈ {{ NULL ; &S___fc_inode_1_S___fc_stdin[0] }} [1].__fc_real_data ∈ {{ NULL ; &S___fc_real_data_1_S___fc_stdin[0] }} [1].__fc_real_data_max_size ∈ [--..--] S___fc_inode_0_S___fc_stdin[0..1] ∈ [--..--] S___fc_real_data_0_S___fc_stdin[0..1] ∈ [--..--] S___fc_inode_1_S___fc_stdin[0..1] ∈ [--..--] S___fc_real_data_1_S___fc_stdin[0..1] ∈ [--..--] S___fc_stdout[0]{.__fc_stdio_id; .__fc_position; .__fc_error; .__fc_eof} ∈ [--..--] [0].[bits 80 to 95] ∈ UNINITIALIZED [0].__fc_flags ∈ [--..--] [0].__fc_inode ∈ {{ NULL ; &S___fc_inode_0_S___fc_stdout[0] }} [0].__fc_real_data ∈ {{ NULL ; &S___fc_real_data_0_S___fc_stdout[0] }} {[0].__fc_real_data_max_size; [1]{.__fc_stdio_id; .__fc_position; .__fc_error; .__fc_eof}} ∈ [--..--] [1].[bits 80 to 95] ∈ UNINITIALIZED [1].__fc_flags ∈ [--..--] [1].__fc_inode ∈ {{ NULL ; &S___fc_inode_1_S___fc_stdout[0] }} [1].__fc_real_data ∈ {{ NULL ; &S___fc_real_data_1_S___fc_stdout[0] }} [1].__fc_real_data_max_size ∈ [--..--] S___fc_inode_0_S___fc_stdout[0..1] ∈ [--..--] S___fc_real_data_0_S___fc_stdout[0..1] ∈ [--..--] S___fc_inode_1_S___fc_stdout[0..1] ∈ [--..--] S___fc_real_data_1_S___fc_stdout[0..1] ∈ [--..--] [value] computing for function AllInit <- main. Called from main.c:12. [value] computing for function InitSq120To64 <- AllInit <- main. Called from init.c:104. init.c:85:[value] entering loop for the first time init.c:89:[value] entering loop for the first time init.c:93:[value] entering loop for the first time init.c:94:[value] entering loop for the first time init.c:96:[kernel] warning: accessing out of bounds index [0..64]. assert sq64 < 64; [value] Recording results for InitSq120To64 [value] Done for function InitSq120To64 [value] computing for function InitBitMasks <- AllInit <- main. Called from init.c:105. init.c:67:[value] entering loop for the first time init.c:72:[value] entering loop for the first time [value] Recording results for InitBitMasks [value] Done for function InitBitMasks [value] computing for function InitHashKeys <- AllInit <- main. Called from init.c:106. init.c:52:[value] entering loop for the first time init.c:53:[value] entering loop for the first time [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] using specification for function rand [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:54. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:57. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:57. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:57. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:57. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:57. [value] Done for function rand init.c:58:[value] entering loop for the first time [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] computing for function rand <- InitHashKeys <- AllInit <- main. Called from init.c:59. [value] Done for function rand [value] Recording results for InitHashKeys [value] Done for function InitHashKeys [value] computing for function InitFilesRanksBrd <- AllInit <- main. Called from init.c:107. init.c:34:[value] entering loop for the first time init.c:39:[value] entering loop for the first time init.c:40:[value] entering loop for the first time [value] Recording results for InitFilesRanksBrd [value] Done for function InitFilesRanksBrd [value] Recording results for AllInit [value] Done for function AllInit [value] computing for function ParseFen <- main. Called from main.c:17. [value] computing for function ResetBoard <- ParseFen <- main. Called from board.c:134. board.c:230:[value] entering loop for the first time board.c:234:[value] entering loop for the first time board.c:235:[kernel] warning: accessing out of bounds index [0..120]. assert Sq64ToSq120[index] < 120; board.c:238:[value] entering loop for the first time board.c:245:[value] entering loop for the first time board.c:249:[value] entering loop for the first time [value] computing for function InitPvTable <- ResetBoard <- ParseFen <- main. Called from board.c:266. pvtable.c:50:[kernel] warning: accessing uninitialized left-value: assert \initialized(&table->pTable); pvtable.c:50:[kernel] warning: completely indeterminate value in board with offsets {402400}. [value] Recording results for InitPvTable [value] Done for function InitPvTable [value] Recording results for ResetBoard [value] Done for function ResetBoard [value] Recording results for ParseFen [value] Done for function ParseFen [value] Recording results for main [value] done for function main pvtable.c:50:[value] Assertion 'Value,initialisation' got final status invalid. [pdg] computing for function main [from] Computing for function AllInit [from] Computing for function InitSq120To64 <-AllInit [from] Done for function InitSq120To64 [from] Computing for function InitBitMasks <-AllInit [from] Done for function InitBitMasks [from] Computing for function InitHashKeys <-AllInit [from] Computing for function rand <-InitHashKeys <-AllInit [from] Done for function rand [from] Done for function InitHashKeys [from] Computing for function InitFilesRanksBrd <-AllInit [from] Done for function InitFilesRanksBrd [from] Done for function AllInit [from] Computing for function ParseFen [from] Computing for function ResetBoard <-ParseFen [from] Computing for function InitPvTable <-ResetBoard <-ParseFen [from] Non-terminating function InitPvTable (no dependencies) [from] Done for function InitPvTable [from] Non-terminating function ResetBoard (no dependencies) [from] Done for function ResetBoard [from] Non-terminating function ParseFen (no dependencies) [from] Done for function ParseFen main.c:54:[pdg] warning: no final state. Probably unreachable... [pdg] done for function main [pdg] computing for function AddBlackPawnCapMove [pdg] warning: unreachable entry point (sid:1869, function AddBlackPawnCapMove) [pdg] Bottom for function AddBlackPawnCapMove [pdg] computing for function AddBlackPawnMove [pdg] warning: unreachable entry point (sid:1908, function AddBlackPawnMove) [pdg] Bottom for function AddBlackPawnMove [pdg] computing for function AddCaptureMove [pdg] warning: unreachable entry point (sid:1791, function AddCaptureMove) [pdg] Bottom for function AddCaptureMove [pdg] computing for function AddEnPassantMove [pdg] warning: unreachable entry point (sid:1796, function AddEnPassantMove) [pdg] Bottom for function AddEnPassantMove [pdg] computing for function AddPiece [pdg] warning: unreachable entry point (sid:1328, function AddPiece) [pdg] Bottom for function AddPiece [pdg] computing for function AddQuietMove [pdg] warning: unreachable entry point (sid:1786, function AddQuietMove) [pdg] Bottom for function AddQuietMove [pdg] computing for function AddWhitePawnCapMove [pdg] warning: unreachable entry point (sid:1801, function AddWhitePawnCapMove) [pdg] Bottom for function AddWhitePawnCapMove [pdg] computing for function AddWhitePawnMove [pdg] warning: unreachable entry point (sid:1840, function AddWhitePawnMove) [pdg] Bottom for function AddWhitePawnMove [pdg] computing for function AllInit [pdg] done for function AllInit [pdg] computing for function CheckBoard [pdg] warning: unreachable entry point (sid:192, function CheckBoard) [pdg] Bottom for function CheckBoard [pdg] computing for function ClearPiece [pdg] warning: unreachable entry point (sid:1265, function ClearPiece) [pdg] Bottom for function ClearPiece [pdg] computing for function ClearPvTable [pdg] warning: unreachable entry point (sid:2386, function ClearPvTable) [pdg] Bottom for function ClearPvTable [pdg] computing for function CountBits [pdg] warning: unreachable entry point (sid:151, function CountBits) [pdg] Bottom for function CountBits [pdg] computing for function FD_CLR [from] Computing for function FD_CLR [from] Done for function FD_CLR [pdg] done for function FD_CLR [pdg] computing for function FD_ISSET [from] Computing for function FD_ISSET [from] Done for function FD_ISSET [pdg] done for function FD_ISSET [pdg] computing for function FD_SET [from] Computing for function FD_SET [from] Done for function FD_SET [pdg] done for function FD_SET [pdg] computing for function FD_ZERO [from] Computing for function FD_ZERO [from] Done for function FD_ZERO [pdg] done for function FD_ZERO [pdg] computing for function FileRankValid [pdg] warning: unreachable entry point (sid:2500, function FileRankValid) [pdg] Bottom for function FileRankValid [pdg] computing for function Frama_C_bzero [from] Computing for function Frama_C_bzero [from] Done for function Frama_C_bzero [pdg] done for function Frama_C_bzero [pdg] computing for function Frama_C_copy_block [from] Computing for function Frama_C_copy_block [from] Done for function Frama_C_copy_block [pdg] done for function Frama_C_copy_block [pdg] computing for function GenerateAllMoves [pdg] warning: unreachable entry point (sid:1937, function GenerateAllMoves) [pdg] Bottom for function GenerateAllMoves [pdg] computing for function GeneratePosKey [pdg] warning: unreachable entry point (sid:833, function GeneratePosKey) [pdg] Bottom for function GeneratePosKey [pdg] computing for function GetPvLine [pdg] warning: unreachable entry point (sid:2340, function GetPvLine) [pdg] Bottom for function GetPvLine [pdg] computing for function GetTimeMs [pdg] warning: unreachable entry point (sid:1762, function GetTimeMs) [pdg] Bottom for function GetTimeMs [pdg] computing for function InitBitMasks [pdg] done for function InitBitMasks [pdg] computing for function InitFilesRanksBrd [pdg] done for function InitFilesRanksBrd [pdg] computing for function InitHashKeys [pdg] done for function InitHashKeys [pdg] computing for function InitPvTable pvtable.c:56:[pdg] warning: no final state. Probably unreachable... [pdg] done for function InitPvTable [pdg] computing for function InitSq120To64 [pdg] done for function InitSq120To64 [pdg] computing for function IsRepetition [pdg] warning: unreachable entry point (sid:2454, function IsRepetition) [pdg] Bottom for function IsRepetition [pdg] computing for function MakeMove [pdg] warning: unreachable entry point (sid:1428, function MakeMove) [pdg] Bottom for function MakeMove [pdg] computing for function MoveExists [pdg] warning: unreachable entry point (sid:1766, function MoveExists) [pdg] Bottom for function MoveExists [pdg] computing for function MovePiece [pdg] warning: unreachable entry point (sid:1368, function MovePiece) [pdg] Bottom for function MovePiece [pdg] computing for function ParseFen board.c:223:[pdg] warning: no final state. Probably unreachable... [pdg] done for function ParseFen [pdg] computing for function ParseMove [pdg] warning: unreachable entry point (sid:1094, function ParseMove) [pdg] Bottom for function ParseMove [pdg] computing for function Perft [pdg] warning: unreachable entry point (sid:2262, function Perft) [pdg] Bottom for function Perft [pdg] computing for function PerftTest [pdg] warning: unreachable entry point (sid:2294, function PerftTest) [pdg] Bottom for function PerftTest [pdg] computing for function PieceValid [pdg] warning: unreachable entry point (sid:2518, function PieceValid) [pdg] Bottom for function PieceValid [pdg] computing for function PieceValidEmpty [pdg] warning: unreachable entry point (sid:2509, function PieceValidEmpty) [pdg] Bottom for function PieceValidEmpty [pdg] computing for function PopBit [pdg] warning: unreachable entry point (sid:144, function PopBit) [pdg] Bottom for function PopBit [pdg] computing for function PrMove [pdg] warning: unreachable entry point (sid:1063, function PrMove) [pdg] Bottom for function PrMove [pdg] computing for function PrSq [pdg] warning: unreachable entry point (sid:1056, function PrSq) [pdg] Bottom for function PrSq [pdg] computing for function PrintBitBoard [pdg] warning: unreachable entry point (sid:162, function PrintBitBoard) [pdg] Bottom for function PrintBitBoard [pdg] computing for function PrintBoard [pdg] warning: unreachable entry point (sid:776, function PrintBoard) [pdg] Bottom for function PrintBoard [pdg] computing for function PrintMoveList [pdg] warning: unreachable entry point (sid:1202, function PrintMoveList) [pdg] Bottom for function PrintMoveList [pdg] computing for function ProbePvTable [pdg] warning: unreachable entry point (sid:2432, function ProbePvTable) [pdg] Bottom for function ProbePvTable [pdg] computing for function ResetBoard board.c:268:[pdg] warning: no final state. Probably unreachable... [pdg] done for function ResetBoard [pdg] computing for function SearchPosition [pdg] warning: unreachable entry point (sid:2636, function SearchPosition) [pdg] Bottom for function SearchPosition [pdg] computing for function SideValid [pdg] warning: unreachable entry point (sid:2491, function SideValid) [pdg] Bottom for function SideValid [pdg] computing for function SqAttacked [pdg] warning: unreachable entry point (sid:1, function SqAttacked) [pdg] Bottom for function SqAttacked [pdg] computing for function SqOnBoard [pdg] warning: unreachable entry point (sid:2485, function SqOnBoard) [pdg] Bottom for function SqOnBoard [pdg] computing for function StorePvMove [pdg] warning: unreachable entry point (sid:2412, function StorePvMove) [pdg] Bottom for function StorePvMove [pdg] computing for function TakeMove [pdg] warning: unreachable entry point (sid:1621, function TakeMove) [pdg] Bottom for function TakeMove [pdg] computing for function UpdateListsMaterial [pdg] warning: unreachable entry point (sid:486, function UpdateListsMaterial) [pdg] Bottom for function UpdateListsMaterial [pdg] computing for function _Exit [from] Computing for function _Exit [from] Done for function _Exit [pdg] done for function _Exit [pdg] computing for function abort [from] Computing for function abort [from] Done for function abort [pdg] done for function abort [pdg] computing for function abs [from] Computing for function abs [from] Done for function abs [pdg] done for function abs [pdg] computing for function at_quick_exit [from] Computing for function at_quick_exit [from] Done for function at_quick_exit [pdg] done for function at_quick_exit [pdg] computing for function atexit [from] Computing for function atexit [from] Done for function atexit [pdg] done for function atexit [pdg] computing for function atof [from] Computing for function atof [from] Done for function atof [pdg] done for function atof [pdg] computing for function atoi [from] Computing for function atoi [from] Done for function atoi [pdg] done for function atoi [pdg] computing for function atol [from] Computing for function atol [from] Done for function atol [pdg] done for function atol [pdg] computing for function atoll [from] Computing for function atoll [from] Done for function atoll [pdg] done for function atoll [pdg] computing for function bsearch [from] Computing for function bsearch board.c:119:[from] Unable to extract assigns in bsearch [from] Done for function bsearch [pdg] done for function bsearch [pdg] computing for function clearerr [from] Computing for function clearerr [from] Done for function clearerr [pdg] done for function clearerr [pdg] computing for function clearerr_unlocked [from] Computing for function clearerr_unlocked [from] Done for function clearerr_unlocked [pdg] done for function clearerr_unlocked [pdg] computing for function div [from] Computing for function div [from] Done for function div [pdg] done for function div [pdg] computing for function exit [from] Computing for function exit [from] Done for function exit [pdg] done for function exit [pdg] computing for function fclose [from] Computing for function fclose [from] Done for function fclose [pdg] done for function fclose [pdg] computing for function fdopen [from] Computing for function fdopen [from] Done for function fdopen [pdg] done for function fdopen [pdg] computing for function feof [from] Computing for function feof [from] Done for function feof [pdg] done for function feof [pdg] computing for function feof_unlocked [from] Computing for function feof_unlocked [from] Done for function feof_unlocked [pdg] done for function feof_unlocked [pdg] computing for function ferror [from] Computing for function ferror [from] Done for function ferror [pdg] done for function ferror [pdg] computing for function ferror_unlocked [from] Computing for function ferror_unlocked [from] Done for function ferror_unlocked [pdg] done for function ferror_unlocked [pdg] computing for function fflush [from] Computing for function fflush [from] Done for function fflush [pdg] done for function fflush [pdg] computing for function fgetc [from] Computing for function fgetc [from] Done for function fgetc [pdg] done for function fgetc [pdg] computing for function fgetpos [from] Computing for function fgetpos [from] Done for function fgetpos [pdg] done for function fgetpos [pdg] computing for function fgets [from] Computing for function fgets [from] Done for function fgets [pdg] done for function fgets [pdg] computing for function fileno [from] Computing for function fileno [from] Done for function fileno [pdg] done for function fileno [pdg] computing for function fileno_unlocked [from] Computing for function fileno_unlocked [from] Done for function fileno_unlocked [pdg] done for function fileno_unlocked [pdg] computing for function flockfile [from] Computing for function flockfile [from] Done for function flockfile [pdg] done for function flockfile [pdg] computing for function foo [pdg] warning: unreachable entry point (sid:2258, function foo) [pdg] Bottom for function foo [pdg] computing for function fopen [from] Computing for function fopen [from] Done for function fopen [pdg] done for function fopen [pdg] computing for function fprintf [pdg] warning: not implemented by pdg yet: variadic function [pdg] Top for function fprintf [pdg] computing for function fputc [from] Computing for function fputc [from] Done for function fputc [pdg] done for function fputc [pdg] computing for function fputs [from] Computing for function fputs [from] Done for function fputs [pdg] done for function fputs [pdg] computing for function fread [from] Computing for function fread [from] Done for function fread [pdg] done for function fread [pdg] computing for function free [from] Computing for function free [from] Done for function free [pdg] done for function free [pdg] computing for function freopen [from] Computing for function freopen [from] Done for function freopen [pdg] done for function freopen [pdg] computing for function fscanf [pdg] warning: not implemented by pdg yet: variadic function [pdg] Top for function fscanf [pdg] computing for function fseek [from] Computing for function fseek [from] Done for function fseek [pdg] done for function fseek [pdg] computing for function fsetpos [from] Computing for function fsetpos [from] Done for function fsetpos [pdg] done for function fsetpos [pdg] computing for function ftell [from] Computing for function ftell [from] Done for function ftell [pdg] done for function ftell [pdg] computing for function ftrylockfile [from] Computing for function ftrylockfile [from] Done for function ftrylockfile [pdg] done for function ftrylockfile [pdg] computing for function funlockfile [from] Computing for function funlockfile [from] Done for function funlockfile [pdg] done for function funlockfile [pdg] computing for function fwrite [from] Computing for function fwrite [from] Done for function fwrite [pdg] done for function fwrite [pdg] computing for function getc [from] Computing for function getc [from] Done for function getc [pdg] done for function getc [pdg] computing for function getc_unlocked [from] Computing for function getc_unlocked [from] Done for function getc_unlocked [pdg] done for function getc_unlocked [pdg] computing for function getchar [from] Computing for function getchar [from] Done for function getchar [pdg] done for function getchar [pdg] computing for function getchar_unlocked [from] Computing for function getchar_unlocked [from] Done for function getchar_unlocked [pdg] done for function getchar_unlocked [pdg] computing for function getenv [from] Computing for function getenv [from] Done for function getenv [pdg] done for function getenv [pdg] computing for function gets [from] Computing for function gets [from] Done for function gets [pdg] done for function gets [pdg] computing for function gettimeofday [from] Computing for function gettimeofday new.c:14:[kernel] warning: No code nor explicit assigns clause for function gettimeofday, generating default assigns from the specification [from] Done for function gettimeofday [pdg] done for function gettimeofday [pdg] computing for function labs [from] Computing for function labs [from] Done for function labs [pdg] done for function labs [pdg] computing for function ldiv [from] Computing for function ldiv [from] Done for function ldiv [pdg] done for function ldiv [pdg] computing for function llabs [from] Computing for function llabs [from] Done for function llabs [pdg] done for function llabs [pdg] computing for function lldiv [from] Computing for function lldiv [from] Done for function lldiv [pdg] done for function lldiv [pdg] computing for function malloc [from] Computing for function malloc [from] Done for function malloc [pdg] done for function malloc [pdg] computing for function mblen [from] Computing for function mblen [from] Done for function mblen [pdg] done for function mblen [pdg] computing for function mbstowcs [from] Computing for function mbstowcs [from] Done for function mbstowcs [pdg] done for function mbstowcs [pdg] computing for function mbtowc [from] Computing for function mbtowc [from] Done for function mbtowc [pdg] done for function mbtowc [pdg] computing for function perror [from] Computing for function perror [from] Done for function perror [pdg] done for function perror [pdg] computing for function printf [pdg] warning: not implemented by pdg yet: variadic function [pdg] Top for function printf [pdg] computing for function putc [from] Computing for function putc [from] Done for function putc [pdg] done for function putc [pdg] computing for function putc_unlocked [from] Computing for function putc_unlocked [from] Done for function putc_unlocked [pdg] done for function putc_unlocked [pdg] computing for function putchar [from] Computing for function putchar [from] Done for function putchar [pdg] done for function putchar [pdg] computing for function putchar_unlocked [from] Computing for function putchar_unlocked [from] Done for function putchar_unlocked [pdg] done for function putchar_unlocked [pdg] computing for function puts [from] Computing for function puts [from] Done for function puts [pdg] done for function puts [pdg] computing for function qsort [from] Computing for function qsort [from] Done for function qsort [pdg] done for function qsort [pdg] computing for function quick_exit [from] Computing for function quick_exit [from] Done for function quick_exit [pdg] done for function quick_exit [pdg] computing for function rand [pdg] done for function rand [pdg] computing for function realloc [from] Computing for function realloc [from] Done for function realloc [pdg] done for function realloc [pdg] computing for function remove [from] Computing for function remove [from] Done for function remove [pdg] done for function remove [pdg] computing for function rename [from] Computing for function rename [from] Done for function rename [pdg] done for function rename [pdg] computing for function rewind [from] Computing for function rewind [from] Done for function rewind [pdg] done for function rewind [pdg] computing for function scanf [pdg] warning: not implemented by pdg yet: variadic function [pdg] Top for function scanf [pdg] computing for function setbuf [from] Computing for function setbuf [from] Done for function setbuf [pdg] done for function setbuf [pdg] computing for function settimeofday [from] Computing for function settimeofday [from] Done for function settimeofday [pdg] done for function settimeofday [pdg] computing for function setvbuf [from] Computing for function setvbuf [from] Done for function setvbuf [pdg] done for function setvbuf [pdg] computing for function snprintf [pdg] warning: not implemented by pdg yet: variadic function [pdg] Top for function snprintf [pdg] computing for function sprintf [pdg] warning: not implemented by pdg yet: variadic function [pdg] Top for function sprintf [pdg] computing for function srand [from] Computing for function srand [from] Done for function srand [pdg] done for function srand [pdg] computing for function strtod [from] Computing for function strtod [from] Done for function strtod [pdg] done for function strtod [pdg] computing for function strtof [from] Computing for function strtof [from] Done for function strtof [pdg] done for function strtof [pdg] computing for function strtol [from] Computing for function strtol [from] Done for function strtol [pdg] done for function strtol [pdg] computing for function strtold [from] Computing for function strtold [from] Done for function strtold [pdg] done for function strtold [pdg] computing for function strtoll [from] Computing for function strtoll [from] Done for function strtoll [pdg] done for function strtoll [pdg] computing for function strtoul [from] Computing for function strtoul [from] Done for function strtoul [pdg] done for function strtoul [pdg] computing for function strtoull [from] Computing for function strtoull [from] Done for function strtoull [pdg] done for function strtoull [pdg] computing for function system [from] Computing for function system [from] Done for function system [pdg] done for function system [pdg] computing for function tmpfile [from] Computing for function tmpfile [from] Done for function tmpfile [pdg] done for function tmpfile [pdg] computing for function tmpnam [from] Computing for function tmpnam [from] Done for function tmpnam [pdg] done for function tmpnam [pdg] computing for function ungetc [from] Computing for function ungetc [from] Done for function ungetc [pdg] done for function ungetc [pdg] computing for function utimes [from] Computing for function utimes [from] Done for function utimes [pdg] done for function utimes [pdg] computing for function vfprintf [from] Computing for function vfprintf [from] Done for function vfprintf [pdg] done for function vfprintf [pdg] computing for function vfscanf [from] Computing for function vfscanf [from] Done for function vfscanf [pdg] done for function vfscanf [pdg] computing for function vprintf [from] Computing for function vprintf [from] Done for function vprintf [pdg] done for function vprintf [pdg] computing for function vscanf [from] Computing for function vscanf [from] Done for function vscanf [pdg] done for function vscanf [pdg] computing for function vsnprintf [from] Computing for function vsnprintf [from] Done for function vsnprintf [pdg] done for function vsnprintf [pdg] computing for function vsprintf [from] Computing for function vsprintf [from] Done for function vsprintf [pdg] done for function vsprintf [pdg] computing for function wcstombs [from] Computing for function wcstombs [from] Done for function wcstombs [pdg] done for function wcstombs [pdg] computing for function wctomb [from] Computing for function wctomb [from] Done for function wctomb [pdg] done for function wctomb [sparecode] remove unused global declarations... [sparecode] result in new project 'default without sparecode'. /* Generated by Frama-C */ typedef unsigned int size_t; enum __anonenum_1 { EMPTY = 0, wP = 1, wN = 2, wB = 3, wR = 4, wQ = 5, wK = 6, bP = 7, bN = 8, bB = 9, bR = 10, bQ = 11, bK = 12 }; enum __anonenum_4 { WHITE = 0, BLACK = 1, BOTH = 2 }; enum __anonenum_5 { A1 = 21, B1 = 22, C1 = 23, D1 = 24, E1 = 25, F1 = 26, G1 = 27, H1 = 28, A2 = 31, B2 = 32, C2 = 33, D2 = 34, E2 = 35, F2 = 36, G2 = 37, H2 = 38, A3 = 41, B3 = 42, C3 = 43, D3 = 44, E3 = 45, F3 = 46, G3 = 47, H3 = 48, A4 = 51, B4 = 52, C4 = 53, D4 = 54, E4 = 55, F4 = 56, G4 = 57, H4 = 58, A5 = 61, B5 = 62, C5 = 63, D5 = 64, E5 = 65, F5 = 66, G5 = 67, H5 = 68, A6 = 71, B6 = 72, C6 = 73, D6 = 74, E6 = 75, F6 = 76, G6 = 77, H6 = 78, A7 = 81, B7 = 82, C7 = 83, D7 = 84, E7 = 85, F7 = 86, G7 = 87, H7 = 88, A8 = 91, B8 = 92, C8 = 93, D8 = 94, E8 = 95, F8 = 96, G8 = 97, H8 = 98, NO_SQ = 99, OFFBOARD = 100 }; enum __anonenum_6 { FALSE = 0, TRUE = 1 }; enum __anonenum_2 { FILE_A = 0, FILE_B = 1, FILE_C = 2, FILE_D = 3, FILE_E = 4, FILE_F = 5, FILE_G = 6, FILE_H = 7, FILE_NONE = 8 }; enum __anonenum_3 { RANK_1 = 0, RANK_2 = 1, RANK_3 = 2, RANK_4 = 3, RANK_5 = 4, RANK_6 = 5, RANK_7 = 6, RANK_8 = 7, RANK_NONE = 8 }; enum __anonenum_7 { WKCA = 1, WQCA = 2, BKCA = 4, BQCA = 8 }; /*@ ghost extern int __fc_heap_status __attribute__((__FRAMA_C_MODEL__)); */ /*@ axiomatic dynamic_allocation { predicate is_allocable{L}(size_t n) reads __fc_heap_status; } */ void main(void) { return; } firehose-0.5/examples/example-non-ascii.xml000066400000000000000000000056131311207242100210310ustar00rootroot00000000000000 符号付きと符号無しの整数式の間での比較です This note embeds the substring "文字化け" (aka "mojibake") Here are some Unicode "Box Drawing" characters: first ─> n0 ─> n1 ─> ... ─> nN ┐ A │ └────────────────────────────┘ firehose-0.5/examples/non-ascii-example.c000066400000000000000000000036601311207242100204530ustar00rootroot00000000000000/* -*- coding: utf-8 -*- */ /* Copyright 2013 David Malcolm Copyright 2013 Red Hat, Inc. This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA */ /* Example of a UTF-8-encoded source file containing non-ASCII characters U+2620 SKULL AND CROSSBONES: ☠ Test of a Japanese unicode string: 文字化け (I believe this reads "mojibake", using 3 characters from the CJK Unified Ideographs area, followed by U+3051 HIRAGANA LETTER KE) Test of a character outside the BMP: 𝄡 (this is U+1D121 MUSICAL SYMBOL C CLEF, which is encoded as: UTF-8: 0xF0 0x9D 0x84 0xA1 ) Test of Unicode "Box Drawing" characters: ─ : U+2500 BOX DRAWINGS LIGHT HORIZONTAL │ : U+2502 BOX DRAWINGS LIGHT VERTICAL ┐ : U+2510 BOX DRAWINGS LIGHT DOWN AND LEFT └ : U+2514 BOX DRAWINGS LIGHT UP AND RIGHT ┘ : U+2518 BOX DRAWINGS LIGHT UP AND LEFT first ─> n0 ─> n1 ─> ... ─> nN ┐ A │ └────────────────────────────┘ (the arrows are the greater than/less than and the letters A and V) */ int foo(int i, unsigned int j) { if (i < j) { return 1; } else { return 0; } } firehose-0.5/examples/python-src-example.c000066400000000000000000000023611311207242100206760ustar00rootroot00000000000000/* Copyright 2013 David Malcolm Copyright 2013 Red Hat, Inc. This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA */ #include PyObject * make_a_list_of_random_ints_badly(PyObject *self, PyObject *args) { PyObject *list, *item; long count, i; if (!PyArg_ParseTuple(args, "i", &count)) { return NULL; } list = PyList_New(0); for (i = 0; i < count; i++) { item = PyLong_FromLong(random()); PyList_Append(list, item); } return list; } firehose-0.5/examples/unconditional-file-leak.c000066400000000000000000000002541311207242100216330ustar00rootroot00000000000000#include void test (const char *filename) { int i; FILE *f; f = fopen (filename, "w"); for (i = 0; i < 10; i++) fprintf (f, "%i: %i", i, i * i); } firehose-0.5/firehose.rng000066400000000000000000000310121311207242100154640ustar00rootroot00000000000000 firehose-0.5/firehose/000077500000000000000000000000001311207242100147575ustar00rootroot00000000000000firehose-0.5/firehose/__init__.py000066400000000000000000000000001311207242100170560ustar00rootroot00000000000000firehose-0.5/firehose/model.py000066400000000000000000001271171311207242100164420ustar00rootroot00000000000000# Copyright 2013 David Malcolm # Copyright 2013 Red Hat, Inc. # # This library is free software; you can redistribute it and/or # modify it under the terms of the GNU Lesser General Public # License as published by the Free Software Foundation; either # version 2.1 of the License, or (at your option) any later version. # # This library is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # Lesser General Public License for more details. # # You should have received a copy of the GNU Lesser General Public # License along with this library; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 # USA # Python module for working with Firehose XML files, also, potentially, # a command-line tool from collections import OrderedDict, namedtuple from subprocess import Popen, PIPE import xml.etree.ElementTree as ET import hashlib import glob import sys import os from six import BytesIO, string_types, integer_types, iteritems _string_type = string_types[0] class Attribute(namedtuple('Attribute', ('name', 'type', 'nullable'))): """ Description of an attribute of a class. name : the name of the attribute type : one of: * a string containing the name of the type (so that we can make forward-references to types) * int, float, _string_type, meaning this attribute is of that type * a list containing one string, meaning this attribute is a list of that (named) type nullable: boolean: can this attribute be None? """ def __new__(self, name, type, nullable=False): return super(Attribute, self).__new__(self, name, type, nullable) def resolve_type(self): return globals()[self.type] def from_json(self, jsonobj): if jsonobj is None: return jsonobj if isinstance(self.type, list): # expect a 1-length string containing the internal type of the list innertypename = self.type[0] innertype = globals()[innertypename] return [innertype.from_json(jsonitem) for jsonitem in jsonobj] if self.type == _string_type: return jsonobj if self.type == int: return jsonobj if self.type == float: return jsonobj return self.resolve_type().from_json(jsonobj) def to_json(obj): if hasattr(obj, 'to_json'): return obj.to_json() if isinstance(obj, list): return [to_json(item) for item in obj] if isinstance(obj, (int, _string_type, float, type(None))): return obj raise TypeError("don't know how to convert %r to JSON" % obj) def from_json_using_attrs(cls, jsonobj): """ Given a class cls and a jsonobj, construct an instance of cls, using its attrs metadata. """ if jsonobj is None: return None kwargs = {} for attr in cls.attrs: attrjson = jsonobj[attr.name] kwargs[attr.name] = attr.from_json(attrjson) result = cls(**kwargs) return result class JsonMixin(object): def to_json(self): result = {} for attr in self.attrs: result[attr.name] = to_json(getattr(self, attr.name)) return result @classmethod def from_json(cls, jsonobj): return from_json_using_attrs(cls, jsonobj) def __eq__(self, other): for attr in self.attrs: try: if getattr(self, attr.name) != getattr(other, attr.name): return False except AttributeError: return False return True def __ne__(self, other): return not (self == other) class Analysis(JsonMixin): attrs = [Attribute('metadata', 'Metadata'), Attribute('results', ['Result']), Attribute('customfields', 'CustomFields', nullable=True)] def __init__(self, metadata, results, customfields=None): assert isinstance(metadata, Metadata) assert isinstance(results, list) if customfields is not None: assert isinstance(customfields, CustomFields) for result in results: assert isinstance(result, Result) self.metadata = metadata self.results = results self.customfields = customfields @classmethod def from_xml(cls, fileobj): tree = ET.parse(fileobj) root = tree.getroot() metadata = Metadata.from_xml(root.find('metadata')) results_node = root.find('results') results = [] for result_node in results_node: if result_node.tag == 'issue': results.append(Issue.from_xml(result_node)) elif result_node.tag == 'failure': results.append(Failure.from_xml(result_node)) elif result_node.tag == 'info': results.append(Info.from_xml(result_node)) customfields_node = root.find('custom-fields') if customfields_node is not None: customfields = CustomFields.from_xml(customfields_node) else: customfields = None return Analysis(metadata, results, customfields) def to_xml(self): tree = ET.ElementTree() node = ET.Element('analysis') tree._setroot(node) node.append(self.metadata.to_xml()) results_node = ET.Element('results') node.append(results_node) for result in self.results: results_node.append(result.to_xml()) if self.customfields is not None: node.append(self.customfields.to_xml()) return tree def to_xml_bytes(self): xml = self.to_xml() output = BytesIO() xml.write(output, encoding='utf-8') return output.getvalue() def __repr__(self): return ('Analysis(metadata=%r, results=%r, customfields=%r)' % (self.metadata, self.results, self.customfields)) def __hash__(self): # (self.results is a list and is thus not hashable) return hash(self.metadata) def accept(self, visitor): visitor.visit_analysis(self) self.metadata.accept(visitor) for result in self.results: result.accept(visitor) def fixup_files(self, relativedir=None, hashalg=None): """ Record the absolute path of each file, and record the digest of the file content """ class FixupFiles(Visitor): def __init__(self, relativedir, hashalg): self.relativedir = relativedir self.hashalg = hashalg def visit_file(self, file_): if self.relativedir is not None: file_.abspath = os.path.normpath(os.path.join(self.relativedir, file_.givenpath)) if hashalg is not None: bestpath = file_.abspath \ if file_.abspath else file_.givenpath with open(bestpath, 'rb') as f: h = hashlib.new(hashalg) h.update(f.read()) file_.hash_ = Hash(alg=hashalg, hexdigest=h.hexdigest()) visitor = FixupFiles(relativedir, hashalg) self.accept(visitor) def set_custom_field(self, name, value): if self.customfields is None: self.customfields = CustomFields() self.customfields[name] = value class Result(JsonMixin): @classmethod def from_json(cls, jsonobj): if jsonobj['type'] == 'Issue': return from_json_using_attrs(Issue, jsonobj) elif jsonobj['type'] == 'Failure': return from_json_using_attrs(Failure, jsonobj) elif jsonobj['type'] == 'Info': return from_json_using_attrs(Info, jsonobj) raise TypeError('unknown type: %r' % jsonobj['type']) class Issue(Result): attrs = [Attribute('cwe', int, nullable=True), Attribute('testid', _string_type, nullable=True), Attribute('location', 'Location'), Attribute('message', 'Message'), Attribute('notes', 'Notes', nullable=True), Attribute('trace', 'Trace', nullable=True), Attribute('severity', _string_type, nullable=True), Attribute('customfields', 'CustomFields', nullable=True)] def __init__(self, cwe, testid, location, message, notes, trace, severity=None, customfields=None): if cwe is not None: assert isinstance(cwe, int) if testid is not None: assert isinstance(testid, _string_type) assert isinstance(location, Location) assert isinstance(message, Message) if notes: assert isinstance(notes, Notes) if trace: assert isinstance(trace, Trace) if severity is not None: assert isinstance(severity, _string_type) if customfields is not None: assert isinstance(customfields, CustomFields) self.cwe = cwe self.testid = testid self.location = location self.message = message self.notes = notes self.trace = trace self.severity = severity self.customfields = customfields @classmethod def from_xml(cls, node): cwe = node.get('cwe') if cwe is not None: cwe = int(cwe) testid = node.get('test-id') location = Location.from_xml(node.find('location')) message = Message.from_xml(node.find('message')) notes_node = node.find('notes') if notes_node is not None: notes = Notes.from_xml(notes_node) else: notes = None trace_node = node.find('trace') if trace_node is not None: trace = Trace.from_xml(trace_node) else: trace = None severity = node.get('severity') customfields_node = node.find('custom-fields') if customfields_node is not None: customfields = CustomFields.from_xml(customfields_node) else: customfields = None return Issue(cwe, testid, location, message, notes, trace, severity, customfields) def to_xml(self): node = ET.Element('issue') if self.cwe is not None: node.set('cwe', str(self.cwe)) if self.testid is not None: node.set('test-id', str(self.testid)) node.append(self.message.to_xml()) if self.notes: node.append(self.notes.to_xml()) node.append(self.location.to_xml()) if self.trace: node.append(self.trace.to_xml()) if self.severity is not None: node.set('severity', str(self.severity)) if self.customfields is not None: node.append(self.customfields.to_xml()) return node def to_json(self): jsonobj = JsonMixin.to_json(self) jsonobj['type'] = 'Issue' return jsonobj def write_as_gcc_output(self, out): """ Write the report in the style of a GCC warning to the given file-like object """ def writeln(msg): out.write('%s\n' % msg) def diagnostic(filename, line, column, kind, msg): out.write('%s:%i:%i: %s: %s\n' % (filename, line, column, kind, msg)) if self.location.function is not None: writeln("%s: In function '%s':" % (self.location.file.givenpath, self.location.function.name)) if self.cwe: cwetext = ' [%s]' % self.get_cwe_str() else: cwetext = '' diagnostic(filename=self.location.file.givenpath, line=self.location.line, column=self.location.column, kind='warning', msg='%s%s' % (self.message.text, cwetext)) if self.notes: writeln(self.notes.text.rstrip()) if self.trace: for state in self.trace.states: notes = state.notes diagnostic(filename=state.location.file.givenpath, line=state.location.line, column=state.location.column, kind='note', msg=notes.text if notes else '') def __repr__(self): return ('Issue(cwe=%r, testid=%r, location=%r, message=%r,' ' notes=%r, trace=%r, severity=%r, customfields=%r)' % (self.cwe, self.testid, self.location, self.message, self.notes, self.trace, self.severity, self.customfields)) def __hash__(self): return (hash(self.cwe) ^ hash(self.testid) ^ hash(self.location) ^ hash(self.message) ^ hash(self.notes) ^ hash(self.trace) ^ hash(self.severity)) def accept(self, visitor): visitor.visit_warning(self) self.location.accept(visitor) self.message.accept(visitor) if self.notes: self.notes.accept(visitor) if self.trace: self.trace.accept(visitor) def get_cwe_str(self): if self.cwe is not None: return 'CWE-%i' % self.cwe def get_cwe_url(self): if self.cwe is not None: return 'http://cwe.mitre.org/data/definitions/%i.html' % self.cwe class Failure(Result): attrs = [Attribute('failureid', _string_type, nullable=True), Attribute('location', 'Location'), Attribute('message', 'Message'), Attribute('customfields', 'CustomFields', nullable=True)] def __init__(self, failureid, location, message, customfields): if failureid is not None: assert isinstance(failureid, _string_type) if location is not None: assert isinstance(location, Location) if message is not None: assert isinstance(message, Message) if customfields is not None: assert isinstance(customfields, CustomFields) self.failureid = failureid self.location = location self.message = message self.customfields = customfields @classmethod def from_xml(cls, node): failureid = node.get('failure-id') location_node = node.find('location') if location_node is not None: location = Location.from_xml(location_node) else: location = None message_node = node.find('message') if message_node is not None: message = Message.from_xml(message_node) else: message = None customfields_node = node.find('custom-fields') if customfields_node is not None: customfields = CustomFields.from_xml(customfields_node) else: customfields = None return Failure(failureid, location, message, customfields) def to_xml(self): node = ET.Element('failure') if self.failureid is not None: node.set('failure-id', self.failureid) if self.location is not None: node.append(self.location.to_xml()) if self.message is not None: node.append(self.message.to_xml()) if self.customfields is not None: node.append(self.customfields.to_xml()) return node def to_json(self): jsonobj = JsonMixin.to_json(self) jsonobj['type'] = 'Failure' return jsonobj def __repr__(self): return ('Failure(failureid=%r, location=%r, message=%r, customfields=%r)' % (self.failureid, self.location, self.message, self.customfields)) def __hash__(self): return (hash(self.failureid) ^ hash(self.location) ^ hash(self.message) ^ hash(self.customfields)) def accept(self, visitor): visitor.visit_failure(self) if self.location: self.location.accept(visitor) if self.message: self.message.accept(visitor) class Info(Result): attrs = [Attribute('infoid', _string_type, nullable=True), Attribute('location', 'Location', nullable=True), Attribute('message', 'Message', nullable=True), Attribute('customfields', 'CustomFields', nullable=True)] def __init__(self, infoid, location, message, customfields): if infoid is not None: assert isinstance(infoid, _string_type) if location is not None: assert isinstance(location, Location) if message is not None: assert isinstance(message, Message) if customfields is not None: assert isinstance(customfields, CustomFields) self.infoid = infoid self.location = location self.message = message self.customfields = customfields @classmethod def from_xml(cls, node): infoid = node.get('info-id') location_node = node.find('location') if location_node is not None: location = Location.from_xml(location_node) else: location = None message_node = node.find('message') if message_node is not None: message = Message.from_xml(message_node) else: message = None customfields_node = node.find('custom-fields') if customfields_node is not None: customfields = CustomFields.from_xml(customfields_node) else: customfields = None return Info(infoid, location, message, customfields) def to_xml(self): node = ET.Element('info') if self.infoid is not None: node.set('info-id', self.infoid) if self.location is not None: node.append(self.location.to_xml()) if self.message is not None: node.append(self.message.to_xml()) if self.customfields is not None: node.append(self.customfields.to_xml()) return node def to_json(self): jsonobj = JsonMixin.to_json(self) jsonobj['type'] = 'Info' return jsonobj def __repr__(self): return ('Info(infoid=%r, location=%r, message=%r, customfields=%r)' % (self.infoid, self.location, self.message, self.customfields)) def __hash__(self): return (hash(self.infoid) ^ hash(self.location) ^ hash(self.message) ^ hash(self.customfields)) def accept(self, visitor): visitor.visit_info(self) if self.location: self.location.accept(visitor) if self.message: self.message.accept(visitor) class Metadata(JsonMixin): attrs = [Attribute('generator', 'Generator'), Attribute('sut', 'Sut', nullable=True), Attribute('file_', 'File', nullable=True), Attribute('stats', 'Stats', nullable=True)] def __init__(self, generator, sut, file_, stats): assert isinstance(generator, Generator) if sut is not None: assert isinstance(sut, Sut) if file_ is not None: assert isinstance(file_, File) if stats is not None: assert isinstance(stats, Stats) self.generator = generator self.sut = sut self.file_ = file_ self.stats = stats @classmethod def from_xml(cls, node): generator = Generator.from_xml(node.find('generator')) sut_node = node.find('sut') if sut_node is not None: sut = Sut.from_xml(sut_node) else: sut = None file_node = node.find('file') if file_node is not None: file_ = File.from_xml(file_node) else: file_ = None stats_node = node.find('stats') if stats_node is not None: stats = Stats.from_xml(stats_node) else: stats = None result = Metadata(generator, sut, file_, stats) return result def to_xml(self): node = ET.Element('metadata') node.append(self.generator.to_xml()) if self.sut is not None: node.append(self.sut.to_xml()) if self.file_ is not None: node.append(self.file_.to_xml()) if self.stats is not None: node.append(self.stats.to_xml()) return node def __repr__(self): return ('Metadata(generator=%r, sut=%r, file_=%r, stats=%r)' % (self.generator, self.sut, self.file_, self.stats)) def __hash__(self): return (hash(self.generator) ^ hash(self.sut) ^ hash(self.file_) ^ hash(self.stats)) def accept(self, visitor): visitor.visit_metadata(self) self.generator.accept(visitor) if self.sut: self.sut.accept(visitor) if self.file_: self.file_.accept(visitor) if self.stats: self.stats.accept(visitor) class Generator(JsonMixin): attrs = [Attribute('name', _string_type), Attribute('version', _string_type, nullable=True), ] def __init__(self, name, version=None): assert isinstance(name, _string_type) if version is not None: assert isinstance(version, _string_type) self.name = name self.version = version @classmethod def from_xml(cls, node): result = Generator(name=node.get('name'), version=node.get('version')) # optional return result def to_xml(self): node = ET.Element('generator') node.set('name', self.name) if self.version is not None: node.set('version', self.version) return node def __repr__(self): return ('Generator(name=%r, version=%r)' % (self.name, self.version)) def __hash__(self): return hash(self.name) ^ hash(self.version) def accept(self, visitor): visitor.visit_generator(self) class Sut(JsonMixin): # FIXME: this part of the schema needs more thought/work @classmethod def from_xml(cls, node): srpm_node = node.find('source-rpm') if srpm_node is not None: return SourceRpm.from_xml(srpm_node) dsc_node = node.find('debian-source') if dsc_node is not None: return DebianSource.from_xml(dsc_node) deb_node = node.find('debian-binary') if deb_node is not None: return DebianBinary.from_xml(deb_node) raise ValueError('unknown sut kind') def to_xml(self): innernode = self._to_xml_inner_node() node = ET.Element('sut') node.append(innernode) return node def _to_xml_inner_node(self): raise NotImplementedError @classmethod def from_json(cls, jsonobj): subclsname = jsonobj['type'] subcls = globals()[subclsname] return from_json_using_attrs(subcls, jsonobj) def accept(self, visitor): visitor.visit_sut(self) class SourceRpm(Sut): attrs = [Attribute('name', _string_type), Attribute('version', _string_type), Attribute('release', _string_type), Attribute('buildarch', _string_type), ] def __init__(self, name, version, release, buildarch): assert isinstance(name, _string_type) assert isinstance(version, _string_type) assert isinstance(release, _string_type) assert isinstance(buildarch, _string_type) self.name = name self.version = version self.release = release self.buildarch = buildarch @classmethod def from_xml(cls, node): result = SourceRpm(name=node.get('name'), version=node.get('version'), release=node.get('release'), buildarch=node.get('build-arch')) return result def _to_xml_inner_node(self): node = ET.Element('source-rpm') node.set('name', self.name) node.set('version', self.version) node.set('release', self.release) node.set('build-arch', self.buildarch) return node def to_json(self): result = JsonMixin.to_json(self) result['type']= 'SourceRpm' return result def __repr__(self): return ('SourceRpm(name=%r, version=%r, release=%r, buildarch=%r)' % (self.name, self.version, self.release, self.buildarch)) def __hash__(self): return (hash(self.name) ^ hash(self.version) ^ hash(self.release) ^ hash(self.buildarch)) class DebianBinary(Sut): """ Internal Firehose represntation of a Debian binary package. This Object is extremely similar to a SourceRpm. """ attrs = [Attribute('name', _string_type), Attribute('version', _string_type), Attribute('release', _string_type, nullable=True), Attribute('buildarch', _string_type)] def __init__(self, name, version, release, buildarch): """ Simple constructor. Name should be the *binary* package name, version should match Upstream's version number, and release (if given) should be the Debian package local version. This should only be ommited if the package is a Debian Native package. buildarch is the Debian binary arch (like amd64, armhf, hurd-i386) """ assert isinstance(name, _string_type) assert isinstance(version, _string_type) assert (isinstance(release, _string_type) or release is None) assert isinstance(buildarch, _string_type) if release is None and "-" in version: # XXX: Do we have a better Exception for here? raise Exception("Native package with dash in the version string") self.name = name self.version = version self.release = release self.buildarch = buildarch @classmethod def from_xml(cls, node): """ Construct a DebianSource object from an XML payload. """ result = DebianBinary(name=node.get('name'), version=node.get('version'), release=node.get('release'), buildarch=node.get('build-arch')) return result def _to_xml_inner_node(self): """ (internal use only) Produce a DebianSource XML ET for searlizing the data back down to XML again. """ node = ET.Element('debian-binary') node.set('name', self.name) node.set('version', self.version) if not self.release is None: node.set('release', self.release) node.set('build-arch', self.buildarch) return node def to_json(self): result = JsonMixin.to_json(self) result['type']= 'DebianBinary' return result def __repr__(self): return ('DebianBinary(name=%r, version=%r, release=%r, arch=%r)' % (self.name, self.version, self.release, self.buildarch)) def __hash__(self): return (hash(self.name) ^ hash(self.version) ^ hash(self.release) ^ hash(self.buildarch)) class DebianSource(Sut): """ Internal Firehose represntation of a Debian source package. This Object is extremely similar to a SourceRpm, but does not include the `buildarch` attribute. """ attrs = [Attribute('name', _string_type), Attribute('version', _string_type), Attribute('release', _string_type, nullable=True)] def __init__(self, name, version, release): """ Simple constructor. Name should be the *source* package name, version should match Upstream's version number, and release (if given) should be the Debian package local version. This should only be ommited if the package is a Debian Native package. """ assert isinstance(name, _string_type) assert isinstance(version, _string_type) assert (isinstance(release, _string_type) or release is None) if release is None and "-" in version: # XXX: Do we have a better Exception for here? raise Exception("Native package with dash in the version string") self.name = name self.version = version self.release = release @classmethod def from_xml(cls, node): """ Construct a DebianSource object from an XML payload. """ result = DebianSource(name=node.get('name'), version=node.get('version'), release=node.get('release')) return result def _to_xml_inner_node(self): """ (internal use only) Produce a DebianSource XML ET for searlizing the data back down to XML again. """ node = ET.Element('debian-source') node.set('name', self.name) node.set('version', self.version) if not self.release is None: node.set('release', self.release) return node def to_json(self): result = JsonMixin.to_json(self) result['type']= 'DebianSource' return result def __repr__(self): return ('DebianSource(name=%r, version=%r, release=%r)' % (self.name, self.version, self.release)) def __hash__(self): return (hash(self.name) ^ hash(self.version) ^ hash(self.release)) class Stats(JsonMixin): attrs = [Attribute('wallclocktime', float)] def __init__(self, wallclocktime): assert isinstance(wallclocktime, float) self.wallclocktime = wallclocktime @classmethod def from_xml(cls, node): wallclocktime = float(node.get('wall-clock-time')) result = Stats(wallclocktime) return result def to_xml(self): node = ET.Element('stats') node.set('wall-clock-time', str(self.wallclocktime)) return node def __repr__(self): return 'Stats(wallclocktime=%r)' % (self.wallclocktime, ) def __hash__(self): return hash(self.wallclocktime) def accept(self, visitor): visitor.visit_stats(self) class Message(JsonMixin): attrs = [Attribute('text', _string_type)] def __init__(self, text): assert isinstance(text, _string_type) self.text = text @classmethod def from_xml(cls, node): result = Message(node.text) return result def to_xml(self): node = ET.Element('message') node.text = self.text return node def __repr__(self): return 'Message(text=%r)' % (self.text, ) def __hash__(self): return hash(self.text) def accept(self, visitor): visitor.visit_message(self) class Notes(JsonMixin): attrs = [Attribute('text', _string_type)] def __init__(self, text): assert isinstance(text, _string_type) self.text = text @classmethod def from_xml(cls, node): text = node.text result = Notes(text) return result def to_xml(self): node = ET.Element('notes') node.text = self.text return node def __repr__(self): return 'Notes(text=%r)' % (self.text, ) def __hash__(self): return hash(self.text) def accept(self, visitor): visitor.visit_notes(self) class Trace(JsonMixin): attrs = [Attribute('states', ['State'])] def __init__(self, states): assert isinstance(states, list) self.states = states def add_state(self, state): self.states.append(state) @classmethod def from_xml(cls, node): states = [] for state_node in node.findall('state'): states.append(State.from_xml(state_node)) result = Trace(states) return result def to_xml(self): node = ET.Element('trace') for state in self.states: node.append(state.to_xml()) return node def __repr__(self): return 'Trace(states=%r)' % (self.states, ) def __hash__(self): result = 0 for state in self.states: result ^= hash(state) return result def accept(self, visitor): visitor.visit_notes(self) for state in self.states: state.accept(visitor) class State(JsonMixin): attrs = [Attribute('location', 'Location'), Attribute('notes', 'Notes', nullable=True)] def __init__(self, location, notes): assert isinstance(location, Location) if notes is not None: assert isinstance(notes, Notes) self.location = location self.notes = notes @classmethod def from_xml(cls, node): location = Location.from_xml(node.find('location')) notes_node = node.find('notes') if notes_node is not None: notes = Notes.from_xml(notes_node) else: notes = None return State(location, notes) def to_xml(self): node = ET.Element('state') node.append(self.location.to_xml()) if self.notes: node.append(self.notes.to_xml()) return node def __repr__(self): return 'State(location=%r, notes=%r)' % (self.location, self.notes) def __hash__(self): return hash(self.location) ^ hash(self.notes) def accept(self, visitor): visitor.visit_state(self) self.location.accept(visitor) if self.notes: self.notes.accept(visitor) class Location(JsonMixin): attrs = [Attribute('file', 'File'), Attribute('function', 'Function', nullable=True), Attribute('point', 'Point', nullable=True), Attribute('range_', 'Range', nullable=True)] def __init__(self, file, function, point=None, range_=None): assert isinstance(file, File) if function is not None: assert isinstance(function, Function) if point is not None: assert isinstance(point, Point) if range_ is not None: assert isinstance(range_, Range) self.file = file self.function = function self.point = point self.range_ = range_ @classmethod def from_xml(cls, node): file = File.from_xml(node.find('file')) function_node = node.find('function') if function_node is not None: function = Function.from_xml(function_node) else: function = None point_node = node.find('point') if point_node is not None: point = Point.from_xml(point_node) else: point = None range_node = node.find('range') if range_node is not None: range_ = Range.from_xml(range_node) else: range_ = None return Location(file, function, point, range_) def to_xml(self): node = ET.Element('location') node.append(self.file.to_xml()) if self.function is not None: node.append(self.function.to_xml()) if self.point is not None: node.append(self.point.to_xml()) if self.range_ is not None: node.append(self.range_.to_xml()) return node def __repr__(self): return ('Location(file=%r, function=%r, point=%r, range_=%r)' % (self.file, self.function, self.point, self.range_)) def __hash__(self): return (hash(self.file) ^ hash(self.function) ^ hash(self.point) ^ hash(self.range_)) def accept(self, visitor): visitor.visit_location(self) self.file.accept(visitor) if self.function: self.function.accept(visitor) if self.point: self.point.accept(visitor) if self.range_: self.range_.accept(visitor) @property def line(self): if self.point is not None: return self.point.line if self.range_ is not None: return self.range_.start.line @property def column(self): if self.point is not None: return self.point.column if self.range_ is not None: return self.range_.start.column class File(JsonMixin): attrs = [Attribute('givenpath', _string_type), Attribute('abspath', _string_type, nullable=True), Attribute('hash_', 'Hash', nullable=True)] def __init__(self, givenpath, abspath, hash_=None): assert isinstance(givenpath, _string_type) if abspath is not None: assert isinstance(abspath, _string_type) if hash_ is not None: assert isinstance(hash_, Hash) self.givenpath = givenpath self.abspath = abspath self.hash_ = hash_ @classmethod def from_xml(cls, node): givenpath = node.get('given-path') abspath = node.get('absolute-path') hash_node = node.find('hash') if hash_node is not None: hash_ = Hash.from_xml(hash_node) else: hash_ = None result = File(givenpath, abspath, hash_) return result def to_xml(self): node = ET.Element('file') node.set('given-path', self.givenpath) if self.abspath: node.set('absolute-path', self.abspath) if self.hash_: node.append(self.hash_.to_xml()) return node def __repr__(self): return ('File(givenpath=%r, abspath=%r, hash_=%r)' % (self.givenpath, self.abspath, self.hash_)) def __hash__(self): return hash(self.givenpath) ^ hash(self.abspath) ^ hash(self.hash_) def accept(self, visitor): visitor.visit_file(self) class Hash(JsonMixin): attrs = [Attribute('alg', _string_type), Attribute('hexdigest', _string_type)] def __init__(self, alg, hexdigest): assert isinstance(alg, _string_type) assert isinstance(hexdigest, _string_type) self.alg = alg self.hexdigest = hexdigest @classmethod def from_xml(cls, node): alg = node.get('alg') hexdigest = node.get('hexdigest') result = Hash(alg, hexdigest) return result def to_xml(self): node = ET.Element('hash') node.set('alg', self.alg) node.set('hexdigest', self.hexdigest) return node def __repr__(self): return ('Hash(alg=%r, hexdigest=%r)' % (self.alg, self.hexdigest)) def __hash__(self): return hash(self.alg) ^ hash(self.hexdigest) class Function(JsonMixin): attrs = [Attribute('name', _string_type)] def __init__(self, name): self.name = name @classmethod def from_xml(cls, node): name = node.get('name') result = Function(name) return result def to_xml(self): node = ET.Element('function') node.set('name', self.name) return node def __repr__(self): return 'Function(name=%r)' % self.name def __hash__(self): return hash(self.name) def accept(self, visitor): visitor.visit_function(self) class Point(JsonMixin): attrs = [Attribute('line', int), Attribute('column', int)] def __init__(self, line, column): assert isinstance(line, int) assert isinstance(column, int) self.line = line self.column = column @classmethod def from_xml(cls, node): line = int(node.get('line')) column = int(node.get('column')) result = Point(line, column) return result def to_xml(self): node = ET.Element('point') node.set('line', str(self.line)) node.set('column', str(self.column)) return node def __repr__(self): return ('Point(line=%r, column=%r)' % (self.line, self.column)) def __hash__(self): return hash(self.line) ^ hash(self.column) def accept(self, visitor): visitor.visit_point(self) class Range(JsonMixin): attrs = [Attribute('start', 'Point'), Attribute('end', 'Point')] def __init__(self, start, end): assert isinstance(start, Point) assert isinstance(end, Point) self.start = start self.end = end @classmethod def from_xml(cls, node): children = list(node) start = Point.from_xml(children[0]) end = Point.from_xml(children[1]) result = Range(start, end) return result def to_xml(self): node = ET.Element('range') node.append(self.start.to_xml()) node.append(self.end.to_xml()) return node def __repr__(self): return ('Range(start=%r, end=%r)' % (self.start, self.end)) def __hash__(self): return hash(self.start) ^ hash(self.end) def accept(self, visitor): visitor.visit_range(self) self.start.accept(visitor) self.end.accept(visitor) class CustomFields(OrderedDict): @classmethod def from_xml(cls, node): kvs = [] for child_node in node: if child_node.tag == 'str-field': value = child_node.text if value is None: value = '' elif child_node.tag == 'int-field': value = int(child_node.text) else: raise ValueError('unrecognized element within' ' : %s' % child_node.tag) key = child_node.get('name') if key is None: raise ValueError('missing "name" attribute within' ' <%s>' % child_node.tag) kvs.append( (key, value) ) result = cls(kvs) return result def to_xml(self): node = ET.Element('custom-fields') for key, value in iteritems(self): if isinstance(value, _string_type): tag = 'str-field' text = value elif isinstance(value, integer_types): tag = 'int-field' text = str(value) else: raise TypeError('unhandled type within CustomFields instance') field_node = ET.Element(tag) field_node.set('name', key) field_node.text = text node.append(field_node) return node @classmethod def from_json(cls, jsonobj): if jsonobj is None: return None return cls(jsonobj) def to_json(self): return OrderedDict(self) def __hash__(self): # dicts are usually mutable, but it would be useful to hash # CustomFields instances (and assume they don't change from under # us) result = 0 for key, value in self.iteritems(): result ^= hash(key) ^ hash(value) return result # # Traversal of the report structure # class Visitor: def visit_analysis(self, analysis): pass def visit_warning(self, warning): pass def visit_failure(self, failure): pass def visit_info(self, info): pass def visit_metadata(self, metadata): pass def visit_generator(self, generator): pass def visit_sut(self, sut): pass def visit_stats(self, stats): pass def visit_message(self, message): pass def visit_notes(self, notes): pass def visit_state(self, state): pass def visit_location(self, location): pass def visit_file(self, file_): pass def visit_function(self, function): pass def visit_point(self, point): pass def visit_range(self, range_): pass def main(): for filename in sorted(glob.glob('examples/example-*.xml')): print('%s as gcc output:' % filename) with open(filename) as f: r = Analysis.from_xml(f) for w in r.results: if isinstance(w, Issue): w.write_as_gcc_output(sys.stderr) sys.stderr.write(str(r.to_xml())) if __name__ == '__main__': main() firehose-0.5/firehose/parsers/000077500000000000000000000000001311207242100164365ustar00rootroot00000000000000firehose-0.5/firehose/parsers/__init__.py000066400000000000000000000000001311207242100205350ustar00rootroot00000000000000firehose-0.5/firehose/parsers/clanganalyzer.py000066400000000000000000000170241311207242100216460ustar00rootroot00000000000000# Copyright 2013, 2017 David Malcolm # Copyright 2013, 2017 Red Hat, Inc. # # This library is free software; you can redistribute it and/or # modify it under the terms of the GNU Lesser General Public # License as published by the Free Software Foundation; either # version 2.1 of the License, or (at your option) any later version. # # This library is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # Lesser General Public License for more details. # # You should have received a copy of the GNU Lesser General Public # License along with this library; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 # USA # Parser for the .plist files emitted by the clang-static-analyzer, # when "-plist" is passed as an option to "scan-build" or "clang" # Originally developed against output from clang-3.0-14.fc17; # updated against output from clang-3.4-12.fc20.x86_64 import glob import os import plistlib from pprint import pprint import sys from firehose.model import Message, Function, Point, Range, \ File, Location, Generator, Metadata, Analysis, Issue, Sut, Trace, \ State, Notes, CustomFields def parse_scandir(resultdir, analyzerversion=None, sut=None): """ Given a path to a directory of scan-build output, parse it and yield Analysis instances """ for filename in glob.glob(os.path.join(resultdir, 'report-*.plist')): yield parse_plist(filename, analyzerversion, sut) def parse_plist(pathOrFile, analyzerversion=None, sut=None, file_=None, stats=None): """ Given a .plist file emitted by clang-static-analyzer (e.g. via scan-build), parse it and return an Analysis instance """ plist = plistlib.readPlist(pathOrFile) # We now have the .plist file as a hierarchy of dicts, lists, etc # Handy debug dump: if 0: pprint(plist) # A list of filenames, apparently referenced by index within # diagnostics: files = plist['files'] generator = Generator(name='clang-analyzer', version=analyzerversion) metadata = Metadata(generator, sut, file_, stats) analysis = Analysis(metadata, []) if 'clang_version' in plist: generator.version = plist['clang_version'] for diagnostic in plist['diagnostics']: if 0: pprint(diagnostic) cwe = None customfields = CustomFields() for key in ['category', 'issue_context', 'issue_context_kind']: if key in diagnostic: customfields[key] = diagnostic[key] message = Message(text=diagnostic['description']) loc = diagnostic['location'] location = Location(file=File(givenpath=files[loc['file']], abspath=None), # FIXME: doesn't tell us function name # TODO: can we patch this upstream? function=None, point=Point(int(loc['line']), int(loc['col']))) notes = None trace = make_trace(files, diagnostic['path']) issue = Issue(cwe, # Use the 'type' field for the testid: diagnostic['type'], location, message, notes, trace, customfields=customfields) analysis.results.append(issue) return analysis def make_point_from_plist_point(loc): # point: # e.g. {'col': 2, 'file': 0, 'line': 130} return Point(int(loc['line']), int(loc['col'])) def make_location_from_point(files, loc): # loc: # e.g. {'col': 2, 'file': 0, 'line': 130} location = Location(file=File(givenpath=files[loc['file']], abspath=None), # FIXME: doesn't tell us function name # TODO: can we patch this upstream? function=Function(''), point=make_point_from_plist_point(loc)) return location def make_location_from_range(files, range_): # range_: # e.g.: # [{'col': 18, 'file': 0, 'line': 165}, # {'col': 21, 'file': 0, 'line': 165}] assert len(range_) == 2 start = range_[0] end = range_[1] assert start['file'] == end['file'] if start == end: point = make_point_from_plist_point(start) range_ = None else: point = None range_ = Range(start=make_point_from_plist_point(start), end=make_point_from_plist_point(end)) location = Location(file=File(givenpath=files[start['file']], abspath=None), # FIXME: doesn't tell us function name # TODO: can we patch this upstream? function=Function(''), point=point, range_=range_) return location def make_trace(files, path): """ Construct a Trace instance from the .plist's 'path' list """ trace = Trace([]) lastlocation = None for node in path: if 0: pprint(node) kind = node['kind'] if kind == 'event': # e.g.: # {'extended_message': "Value stored to 'ret' is never read", # 'kind': 'event', # 'location': {'col': 2, 'file': 0, 'line': 130}, # 'message': "Value stored to 'ret' is never read", # 'ranges': [[{'col': 8, 'file': 0, 'line': 130}, # {'col': 29, 'file': 0, 'line': 130}]]} # TODO: we're not yet handling the following: # node['extended_message'] # node['ranges'] loc = node['location'] location = make_location_from_point(files, loc) notes = Notes(node['message']) trace.add_state(State(location, notes)) lastlocation = location elif kind == 'control': # e.g.: # {'edges': [{'end': [{'col': 9, 'file': 0, 'line': 161}, # {'col': 9, 'file': 0, 'line': 161}], # 'start': [{'col': 2, 'file': 0, 'line': 161}, # {'col': 2, 'file': 0, 'line': 161}]}], # 'kind': 'control'} edges = node['edges'] for edge in edges: edge_start = edge['start'] edge_end = edge['end'] startloc = make_location_from_range(files, edge_start) endloc = make_location_from_range(files, edge_end) if startloc != lastlocation: trace.add_state(State(startloc, None)) trace.add_state(State(endloc, None)) lastlocation = endloc else: raise ValueError('unknown kind: %r' % kind) return trace if __name__ == '__main__': if len(sys.argv) != 2: print("provide either the path to scan-build results directory, or to that of a .plist file as the only argument") else: path = sys.argv[1] if path.endswith('.plist'): analysis = parse_plist(path) sys.stdout.write(str(analysis.to_xml())) sys.stdout.write('\n') else: for analysis in parse_scandir(path): sys.stdout.write(str(analysis.to_xml())) sys.stdout.write('\n') firehose-0.5/firehose/parsers/cppcheck.py000077500000000000000000000075061311207242100206030ustar00rootroot00000000000000#!/usr/bin/env python # Copyright 2013 David Malcolm # Copyright 2013 Red Hat, Inc. # # This library is free software; you can redistribute it and/or # modify it under the terms of the GNU Lesser General Public # License as published by the Free Software Foundation; either # version 2.1 of the License, or (at your option) any later version. # # This library is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # Lesser General Public License for more details. # # You should have received a copy of the GNU Lesser General Public # License along with this library; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 # USA import sys import xml.etree.ElementTree as ET from firehose.model import Message, Function, Point, \ File, Location, Generator, Metadata, Analysis, Issue, Notes, Failure, \ CustomFields # Parser for output from cppcheck: # http://sourceforge.net/apps/mediawiki/cppcheck/index.php?title=Main_Page # specifically, version 2 of its XML format as generated by: # cppcheck PATH_TO_SOURCES --xml --xml-version=2 def parse_file(fileobj, sut=None, file_=None, stats=None): tree = ET.parse(fileobj) root = tree.getroot() node_cppcheck = root.find('cppcheck') version = node_cppcheck.get('version') node_errors = root.find('errors') generator = Generator(name='cppcheck', version=node_cppcheck.get('version')) metadata = Metadata(generator, sut, file_, stats) analysis = Analysis(metadata, []) for node_error in node_errors.findall('error'): # e.g.: # # # # testid = node_error.get('id') str_msg = node_error.get('msg') str_verbose = node_error.get('verbose') message = Message(text=str_msg) if str_verbose != str_msg: notes = Notes(str_verbose) else: notes = None location_nodes = list(node_error.findall('location')) for node_location in location_nodes: location=Location(file=File(node_location.get('file'), None), # FIXME: doesn't tell us function name # TODO: can we patch this upstream? function=None, # doesn't emit column point=Point(int(node_location.get('line')), 0)) # FIXME: bogus column issue = Issue(None, testid, location, message, notes, None, severity=node_error.get('severity')) analysis.results.append(issue) if not location_nodes: customfields=CustomFields() if str_verbose != str_msg: customfields['verbose'] = str_verbose failure = Failure(failureid=testid, location=None, message=message, customfields=customfields) analysis.results.append(failure) return analysis if __name__ == '__main__': if len(sys.argv) != 2: print("provide a build log file path as the only argument") else: with open(sys.argv[1]) as data_file: analysis = parse_file(data_file) sys.stdout.write(str(analysis.to_xml())) sys.stdout.write("\n") firehose-0.5/firehose/parsers/findbugs.py000066400000000000000000000062331311207242100206150ustar00rootroot00000000000000#!/usr/bin/env python # Copyright 2013 Shuxiong Ye # # This library is free software; you can redistribute it and/or # modify it under the terms of the GNU Lesser General Public # License as published by the Free Software Foundation; either # version 2.1 of the License, or (at your option) any later version. # # This library is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # Lesser General Public License for more details. # # You should have received a copy of the GNU Lesser General Public # License along with this library; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA # 02110-1301 USA import re import sys import xml.etree.ElementTree as ET from firehose.model import Message, Function, Point, \ File, Location, Metadata, Generator, Issue, Analysis DEBUG=False # Parser for xml output from findbugs def parse_file(data_file_obj, findbugs_version=None, sut=None, file_=None, stats=None): """ :param data_file_obj: file object containing findbugs scan result in xml format, it can be generated using command: fb analyze -xml:withMessages [jar_file] :type data_file_obj: file object :param findbugs_version: version of findbugs :type findbugs_version: str :return: Analysis instance """ generator = Generator(name = "findbugs", version = findbugs_version) metadata = Metadata(generator, sut, file_, stats) analysis = Analysis(metadata, []) def parse_BugInstance(bugInstance): message = Message(bugInstance.find("LongMessage").text) # findbugs has no column information sourceLine = bugInstance.find("SourceLine") point = Point(int(sourceLine.get("start")), 0) path = sourceLine.get("sourcepath") path = File(path, None) method = bugInstance.find("Method") if method: function = method.find("Message").text tmpIndex = function.rfind("In method ") + len("In method ") - 1 function = Function(function[tmpIndex+1:]) else: function = None location = Location(path, function, point) if DEBUG: print(str(location)+" "+str(message)) return Issue(None, None, location, message, None, None) tree = ET.parse(data_file_obj) root = tree.getroot() for bugInstance in root.findall("BugInstance"): issue=parse_BugInstance(bugInstance) if issue: analysis.results.append(issue) else: sys.stderr.write("fail to pass bugInstance=[%s]\n" % str(bugInstance)) return analysis if __name__ == '__main__': if len(sys.argv) != 2: sys.stdout.write("Usage: %s [findbugs result files]\n" % sys.argv[0]) else: analysis = parse_file(open(sys.argv[1],"r")) sys.stdout.write(str(analysis.to_xml())) sys.stdout.write('\n') firehose-0.5/firehose/parsers/flawfinder.py000066400000000000000000000104701311207242100211330ustar00rootroot00000000000000#!/usr/bin/env python # # Copyright 2017 David Carlos # This library is free software; you can redistribute it and/or # modify it under the terms of the GNU Lesser General Public # License as published by the Free Software Foundation; either # version 2.1 of the License, or (at your option) any later version. # # This library is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # Lesser General Public License for more details. # # You should have received a copy of the GNU Lesser General Public # License along with this library; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 # USA import sys import re from subprocess import check_output from firehose.model import Message, Point, \ File, Location, Generator, Metadata, Analysis, Issue def main(): """ Main entry to flawfinder parser """ try: arg_file = sys.argv[1] report = open(arg_file, 'r') except IOError as e: raise e except IndexError: print("Missing input file") analysis = parse_file(report) sys.stdout.write(str(analysis.to_xml())) sys.stdout.write('\n') def parse_file(infile): """ Parser flawfinder output :infile: file-like object :returns: Firehose Analysis object, representing the final XML. Flawfinder can generate multiple cwes for a single issue. Firehose's models does not supports multiple CWEs. For now, when multiple CWEs ocurrs, we get only the first one. A issue was created to track this bug: https://github.com/fedora-static-analysis/firehose/issues/35 """ line = infile.readline() generator = Generator(name='flawfinder', version=get_flawfinder_version(line)) metadata = Metadata(generator, None, None, None) analysis = Analysis(metadata, []) # A regex for "filename:linenum:" ISSUE_LINE_PATTERN = r"(\S.*)\:([0-9]+)\:" # A regex for the reported severity, e.g. "[2]" ISSUE_SEVERITY_PATTERN = r"\[([0-9]+)\]" # A regex for the reported testid, e.g. "(buffer)" ISSUE_TESTID_PATTERN = r"\(([a-z]+)\)" WHITESPACE = "\s+" FIRST_LINE_PATTERN = (ISSUE_LINE_PATTERN + WHITESPACE + ISSUE_SEVERITY_PATTERN + WHITESPACE + ISSUE_TESTID_PATTERN) prog = re.compile(FIRST_LINE_PATTERN) while line: m = prog.match(line) if m: issue_path = m.group(1) issue_line = m.group(2) issue_severity = m.group(3) testid = m.group(4) location = Location(file=File(issue_path, None), function=None, point=Point(int(issue_line), 0)) message_line = infile.readline() issue_message = "" while not prog.search(message_line) and message_line != "\n": # Build up issue_message as one line, stripping out # extraneous whitespace. if issue_message: issue_message += " " + message_line.strip() else: issue_message = message_line.strip() message_line = infile.readline() line = message_line cwes = [int(cwe) for cwe in re.findall("CWE-([0-9]+)", issue_message)] if cwes: first_cwe = int(cwes[0]) else: first_cwe = None issue = Issue(first_cwe, testid, location, Message(text=issue_message), notes=None, trace=None, severity=issue_severity, customfields=None) analysis.results.append(issue) else: line = infile.readline() return analysis def get_flawfinder_version(first_line): """Retrieve flawfinder version from report. :first_line: first line of the flawfinder report. :returns: flawfinder version. """ pattern = "version\s([0-9]?.[0-9]*)" prog = re.compile(pattern) try: return prog.search(first_line).groups()[0] except IndexError: return None if __name__ == '__main__': main() firehose-0.5/firehose/parsers/frama_c.py000066400000000000000000000074231311207242100204060ustar00rootroot00000000000000#!/usr/bin/env python import re import sys from firehose.model import Message, Point, \ File, Location, Metadata, Generator, Issue, Analysis # Parser for warnings emitted by frama-c # Frama-c allows for multiple analysis, including the following: # # Aorai verification of behavioral properties (experimental) # (-aorai-h) # Callgraph automatically compute the callgraph of the program. Using # Value might improve the precision of this plug-in (-cg-h) # Dominators Compute postdominators of statements (-dominators-h) # From analysis functional dependencies (-from-h) # Inout operational, imperative and all kinds of inputs/outputs # (-inout-h) # Metrics syntactic metrics (-metrics-h) # Obfuscator objuscator for confidential code (-obfuscator-h) # Occurrence automatically computes where variables are used # (-occurrence-h) # Pdg Program Dependence Graph (-pdg-h) # Postdominators computing postdominators of statements # (-postdominators-h) # Report Properties Status Report (experimental) (-report-h) # Rtegen generates annotations for runtime error checking and # preconditions at call sites (-rte-h) # Scope data dependencies higher level functions (-scope-h) # Security-slicing security slicing (experimental, undocumented) # (-security-slicing-h) # Semantic constant folding propagates constants semantically (-scf-h) # Slicing code slicer (-slicing-h) # Sparecode code cleaner (-sparecode-h) # Users function callees (-users-h) # Value analysis automatically computes variation domains for the # variables of the program (-value-h) # WP Weakest Precondition Calculus # WP 0.9 for Magnesium-20151002 (-wp-h) # # The example log provided in tests/parsers/example-input/sparecode.log is # from the sparecode analysis run on a trivial C chess engine program SPARECODE_WARNING = ("^(?P\S.*?):(?P\d+):(?P\S.*?) (?Pwarning|note): (?P.*?)$") FRAMA_C_SPARECODE_PATTERN = re.compile(SPARECODE_WARNING) def parse_file(data_file, sut=None, file_=None, stats=None): """ for each line, the regex for SPARECODE_WARNING is matched :param data_file: file object containing build log :type data_file: file :return: Analysis instance """ generator = Generator(name='frama-c') metadata = Metadata(generator, sut, file_, stats) analysis = Analysis(metadata, []) for line in data_file.readlines(): match_warning = FRAMA_C_SPARECODE_PATTERN.match(line) if match_warning: issue = parse_warning(match_warning) analysis.results.append(issue) return analysis def parse_warning(match_warning): """ :param match_warning: the matched object :type match_warning: SRE_Match :param sut: metadata about the software-under-test :type sut: Sut :return: Issue """ message = Message(match_warning.group('message')) point = Point(int(match_warning.group('line')), 0) path = File(match_warning.group('path'), None) location = Location(file=path, function=None, point=point) return Issue( cwe=None, testid=None, location=location, message=message, notes=None, trace=None) if __name__ == '__main__': if len(sys.argv) != 2: print("Provide a build log file path as the only argument") else: with open(sys.argv[1]) as data_file: analysis = parse_file(data_file) sys.stdout.write(str(analysis.to_xml())) sys.stdout.write('\n') firehose-0.5/firehose/parsers/gcc.py000077500000000000000000000120331311207242100175460ustar00rootroot00000000000000#!/usr/bin/env python # Copyright 2013 Red Hat, Inc. # # This library is free software; you can redistribute it and/or # modify it under the terms of the GNU Lesser General Public # License as published by the Free Software Foundation; either # version 2.1 of the License, or (at your option) any later version. # # This library is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # Lesser General Public License for more details. # # You should have received a copy of the GNU Lesser General Public # License along with this library; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 # USA import re import sys from firehose.model import Message, Function, Point, \ File, Location, Metadata, Generator, Issue, Analysis # Parser for warnings emitted by GCC # The code that generates these warnings can be seen within gcc's own # sources within: # gcc/diagnostic.c # gcc/langhooks.c: lhd_print_error_function # (as of gcc-4.7.2) # See e.g.: # http://gcc.gnu.org/viewcvs/trunk/gcc/diagnostic.c?revision=195098&view=markup # http://gcc.gnu.org/viewcvs/trunk/gcc/langhooks.c?revision=195098&view=markup # This parser is only intended to be run with the C locale # column is optional # switch is optional GCC_PATTERN = re.compile("^(?P\S.*?):(?P\d+):(?P\d*):? (?Pwarning|note): (?P.*?)(?P \[\-W.+\])?$") SWITCH_SUB_PATTERN = re.compile("^ \[\-W(?P.*)\]$") # single quotes may not match locales that are not C FUNCTION_PATTERN = re.compile(".*: In (?:member )?function '(?P.*)':") # match when gcc issues a warning for a location it thinks is in global scope GLOBAL_PATTERN = re.compile(".*: At global scope:$") # When gcc issues a warning at spot it thinks is in global scope, use this # as the function name GLOBAL_FUNC_NAME = '::' def parse_file(data_file, gccversion=None, sut=None, file_=None, stats=None): """ looks for groups of lines that start with a line identifying a function name, followed by one or more lines with a warning or note :param data_file: file object containing build log :type data_file: file :param gccversion: version of GCC that generated this report :type gccversion: str :return: Analysis instance """ # has a value only when in a block of lines where the first line identifies # a function and is followed by 0 or more warning lines generator = Generator(name='gcc', version=gccversion) metadata = Metadata(generator, sut, file_, stats) analysis = Analysis(metadata, []) current_func_name = None for line in data_file.readlines(): match_func = FUNCTION_PATTERN.match(line) match_global = GLOBAL_PATTERN.match(line) # if we found a line that describes a function name if match_func: current_func_name = match_func.group('func') elif match_global: current_func_name = GLOBAL_FUNC_NAME # if we think the next line might describe a warning elif current_func_name is not None: issue = parse_warning(line, current_func_name) if issue: analysis.results.append(issue) else: # reset this when we run out of warnings associated with it current_func_name = None return analysis def parse_warning(line, func_name): """ :param line: current line read from file :type line: basestring :param func_name: name of the current function :type func_name: basestring :param gccversion: version of GCC that generated this report :type gccversion: str :param sut: metadata about the software-under-test :type sut: Sut :return: Issue if match, else None """ match = GCC_PATTERN.match(line) if match: message = Message(match.group('message')) func = Function(func_name) try: column = int(match.group('column')) except ValueError: if match.group('column') == '': column = 0 else: raise except TypeError: column = None switch_match = SWITCH_SUB_PATTERN.match(match.group('switch') or '') if switch_match: switch = switch_match.group('name') else: switch = None point = Point(int(match.group('line')), column) path = File(match.group('path'), None) location = Location(path, func, point) return Issue(None, switch, location, message, None, None) if __name__ == '__main__': if len(sys.argv) != 2: print("provide a build log file path as the only argument") else: with open(sys.argv[1]) as data_file: analysis = parse_file(data_file) sys.stdout.write(str(analysis.to_xml())) sys.stdout.write('\n') firehose-0.5/firehose/parsers/splint.py000066400000000000000000000072151311207242100203260ustar00rootroot00000000000000# Copyright 2017 David Malcolm # Copyright 2017 Red Hat, Inc. # # This library is free software; you can redistribute it and/or # modify it under the terms of the GNU Lesser General Public # License as published by the Free Software Foundation; either # version 2.1 of the License, or (at your option) any later version. # # This library is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # Lesser General Public License for more details. # # You should have received a copy of the GNU Lesser General Public # License along with this library; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 # USA # Parser for .csv files emitted by "splint" # http://splint.org/ from collections import namedtuple import csv import os import re from firehose.model import Message, Function, Point, Range, \ File, Location, Generator, Metadata, Analysis, Issue, Sut, Trace, \ State, Notes, CustomFields FIELDS = ['warning', 'flag_code', 'flag_name', 'priority', 'file', 'line', 'column', 'warning_text', 'additional_text'] WARNING_TEXT_IDX = FIELDS.index('warning_text') class Row(namedtuple('Row', FIELDS)): def to_issue(self): """ Generate an Issue from this csv row. """ location = Location(file=File(givenpath=self.file, abspath=None), function=None, # FIXME point=Point(int(self.line), int(self.column))) return Issue(cwe=None, testid=self.flag_name, location=location, message=Message(self.warning_text), notes=Notes(self.additional_text), trace=None, severity=self.priority, customfields=None) def parse_row(row): """ Convert a list generated by csv.reader into a Row """ # splint doesn't escape quotes that occur within the messages, which # can lead to extra fields: # https://github.com/ravenexp/splint/issues/6 # Workaround this by assuming that such quotes occurred in the # "Warning Text" field. # This fires for warnings 4 and 6 # # This fixes the issue, but there is still some minor information loss # e.g. some quote characters in the text disappear, and we sometimes # gain a trailing quote character if len(row) > len(FIELDS): joined_text = ','.join(row[WARNING_TEXT_IDX:-1]) row = row[:WARNING_TEXT_IDX] + [joined_text, row[-1]] return Row(*row) def parse_splint_csv(path): """ Parse a .csv file written by splint's "-csv FILENAME" option. Generate a list of Result instances. """ generator = Generator(name='splint') metadata = Metadata(generator, None, None, None) analysis = Analysis(metadata, []) with open(path, 'r') as f: reader = csv.reader(f) for raw_row in reader: # Skip the initial title row if raw_row[0] == 'Warning': continue rowobj = parse_row(raw_row) analysis.results.append(rowobj.to_issue()) return analysis def parse_splint_stderr(stderr): """ Parse the stderr from splint (as a string). Return a version string, or None. """ lines = stderr.splitlines() if not lines: return None m = re.match("Splint\s+(.*)\s+---.*", lines[0]) if m: return m.group(1) firehose-0.5/lgpl-2.1.txt000066400000000000000000000636421311207242100151630ustar00rootroot00000000000000 GNU LESSER GENERAL PUBLIC LICENSE Version 2.1, February 1999 Copyright (C) 1991, 1999 Free Software Foundation, Inc. 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. [This is the first released version of the Lesser GPL. It also counts as the successor of the GNU Library Public License, version 2, hence the version number 2.1.] Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public Licenses are intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This license, the Lesser General Public License, applies to some specially designated software packages--typically libraries--of the Free Software Foundation and other authors who decide to use it. You can use it too, but we suggest you first think carefully about whether this license or the ordinary General Public License is the better strategy to use in any particular case, based on the explanations below. When we speak of free software, we are referring to freedom of use, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish); that you receive source code or can get it if you want it; that you can change the software and use pieces of it in new free programs; and that you are informed that you can do these things. To protect your rights, we need to make restrictions that forbid distributors to deny you these rights or to ask you to surrender these rights. These restrictions translate to certain responsibilities for you if you distribute copies of the library or if you modify it. For example, if you distribute copies of the library, whether gratis or for a fee, you must give the recipients all the rights that we gave you. You must make sure that they, too, receive or can get the source code. If you link other code with the library, you must provide complete object files to the recipients, so that they can relink them with the library after making changes to the library and recompiling it. And you must show them these terms so they know their rights. We protect your rights with a two-step method: (1) we copyright the library, and (2) we offer you this license, which gives you legal permission to copy, distribute and/or modify the library. To protect each distributor, we want to make it very clear that there is no warranty for the free library. Also, if the library is modified by someone else and passed on, the recipients should know that what they have is not the original version, so that the original author's reputation will not be affected by problems that might be introduced by others. Finally, software patents pose a constant threat to the existence of any free program. We wish to make sure that a company cannot effectively restrict the users of a free program by obtaining a restrictive license from a patent holder. Therefore, we insist that any patent license obtained for a version of the library must be consistent with the full freedom of use specified in this license. Most GNU software, including some libraries, is covered by the ordinary GNU General Public License. This license, the GNU Lesser General Public License, applies to certain designated libraries, and is quite different from the ordinary General Public License. We use this license for certain libraries in order to permit linking those libraries into non-free programs. When a program is linked with a library, whether statically or using a shared library, the combination of the two is legally speaking a combined work, a derivative of the original library. The ordinary General Public License therefore permits such linking only if the entire combination fits its criteria of freedom. The Lesser General Public License permits more lax criteria for linking other code with the library. We call this license the "Lesser" General Public License because it does Less to protect the user's freedom than the ordinary General Public License. It also provides other free software developers Less of an advantage over competing non-free programs. These disadvantages are the reason we use the ordinary General Public License for many libraries. However, the Lesser license provides advantages in certain special circumstances. For example, on rare occasions, there may be a special need to encourage the widest possible use of a certain library, so that it becomes a de-facto standard. To achieve this, non-free programs must be allowed to use the library. A more frequent case is that a free library does the same job as widely used non-free libraries. In this case, there is little to gain by limiting the free library to free software only, so we use the Lesser General Public License. In other cases, permission to use a particular library in non-free programs enables a greater number of people to use a large body of free software. For example, permission to use the GNU C Library in non-free programs enables many more people to use the whole GNU operating system, as well as its variant, the GNU/Linux operating system. Although the Lesser General Public License is Less protective of the users' freedom, it does ensure that the user of a program that is linked with the Library has the freedom and the wherewithal to run that program using a modified version of the Library. The precise terms and conditions for copying, distribution and modification follow. Pay close attention to the difference between a "work based on the library" and a "work that uses the library". The former contains code derived from the library, whereas the latter must be combined with the library in order to run. GNU LESSER GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License Agreement applies to any software library or other program which contains a notice placed by the copyright holder or other authorized party saying it may be distributed under the terms of this Lesser General Public License (also called "this License"). Each licensee is addressed as "you". A "library" means a collection of software functions and/or data prepared so as to be conveniently linked with application programs (which use some of those functions and data) to form executables. The "Library", below, refers to any such software library or work which has been distributed under these terms. A "work based on the Library" means either the Library or any derivative work under copyright law: that is to say, a work containing the Library or a portion of it, either verbatim or with modifications and/or translated straightforwardly into another language. (Hereinafter, translation is included without limitation in the term "modification".) "Source code" for a work means the preferred form of the work for making modifications to it. For a library, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the library. Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running a program using the Library is not restricted, and output from such a program is covered only if its contents constitute a work based on the Library (independent of the use of the Library in a tool for writing it). Whether that is true depends on what the Library does and what the program that uses the Library does. 1. You may copy and distribute verbatim copies of the Library's complete source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and distribute a copy of this License along with the Library. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Library or any portion of it, thus forming a work based on the Library, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) The modified work must itself be a software library. b) You must cause the files modified to carry prominent notices stating that you changed the files and the date of any change. c) You must cause the whole of the work to be licensed at no charge to all third parties under the terms of this License. d) If a facility in the modified Library refers to a function or a table of data to be supplied by an application program that uses the facility, other than as an argument passed when the facility is invoked, then you must make a good faith effort to ensure that, in the event an application does not supply such function or table, the facility still operates, and performs whatever part of its purpose remains meaningful. (For example, a function in a library to compute square roots has a purpose that is entirely well-defined independent of the application. Therefore, Subsection 2d requires that any application-supplied function or table used by this function must be optional: if the application does not supply it, the square root function must still compute square roots.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Library, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Library, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Library. In addition, mere aggregation of another work not based on the Library with the Library (or with a work based on the Library) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may opt to apply the terms of the ordinary GNU General Public License instead of this License to a given copy of the Library. To do this, you must alter all the notices that refer to this License, so that they refer to the ordinary GNU General Public License, version 2, instead of to this License. (If a newer version than version 2 of the ordinary GNU General Public License has appeared, then you can specify that version instead if you wish.) Do not make any other change in these notices. Once this change is made in a given copy, it is irreversible for that copy, so the ordinary GNU General Public License applies to all subsequent copies and derivative works made from that copy. This option is useful when you wish to copy part of the code of the Library into a program that is not a library. 4. You may copy and distribute the Library (or a portion or derivative of it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange. If distribution of object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place satisfies the requirement to distribute the source code, even though third parties are not compelled to copy the source along with the object code. 5. A program that contains no derivative of any portion of the Library, but is designed to work with the Library by being compiled or linked with it, is called a "work that uses the Library". Such a work, in isolation, is not a derivative work of the Library, and therefore falls outside the scope of this License. However, linking a "work that uses the Library" with the Library creates an executable that is a derivative of the Library (because it contains portions of the Library), rather than a "work that uses the library". The executable is therefore covered by this License. Section 6 states terms for distribution of such executables. When a "work that uses the Library" uses material from a header file that is part of the Library, the object code for the work may be a derivative work of the Library even though the source code is not. Whether this is true is especially significant if the work can be linked without the Library, or if the work is itself a library. The threshold for this to be true is not precisely defined by law. If such an object file uses only numerical parameters, data structure layouts and accessors, and small macros and small inline functions (ten lines or less in length), then the use of the object file is unrestricted, regardless of whether it is legally a derivative work. (Executables containing this object code plus portions of the Library will still fall under Section 6.) Otherwise, if the work is a derivative of the Library, you may distribute the object code for the work under the terms of Section 6. Any executables containing that work also fall under Section 6, whether or not they are linked directly with the Library itself. 6. As an exception to the Sections above, you may also combine or link a "work that uses the Library" with the Library to produce a work containing portions of the Library, and distribute that work under terms of your choice, provided that the terms permit modification of the work for the customer's own use and reverse engineering for debugging such modifications. You must give prominent notice with each copy of the work that the Library is used in it and that the Library and its use are covered by this License. You must supply a copy of this License. If the work during execution displays copyright notices, you must include the copyright notice for the Library among them, as well as a reference directing the user to the copy of this License. Also, you must do one of these things: a) Accompany the work with the complete corresponding machine-readable source code for the Library including whatever changes were used in the work (which must be distributed under Sections 1 and 2 above); and, if the work is an executable linked with the Library, with the complete machine-readable "work that uses the Library", as object code and/or source code, so that the user can modify the Library and then relink to produce a modified executable containing the modified Library. (It is understood that the user who changes the contents of definitions files in the Library will not necessarily be able to recompile the application to use the modified definitions.) b) Use a suitable shared library mechanism for linking with the Library. A suitable mechanism is one that (1) uses at run time a copy of the library already present on the user's computer system, rather than copying library functions into the executable, and (2) will operate properly with a modified version of the library, if the user installs one, as long as the modified version is interface-compatible with the version that the work was made with. c) Accompany the work with a written offer, valid for at least three years, to give the same user the materials specified in Subsection 6a, above, for a charge no more than the cost of performing this distribution. d) If distribution of the work is made by offering access to copy from a designated place, offer equivalent access to copy the above specified materials from the same place. e) Verify that the user has already received a copy of these materials or that you have already sent this user a copy. For an executable, the required form of the "work that uses the Library" must include any data and utility programs needed for reproducing the executable from it. However, as a special exception, the materials to be distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. It may happen that this requirement contradicts the license restrictions of other proprietary libraries that do not normally accompany the operating system. Such a contradiction means you cannot use both them and the Library together in an executable that you distribute. 7. You may place library facilities that are a work based on the Library side-by-side in a single library together with other library facilities not covered by this License, and distribute such a combined library, provided that the separate distribution of the work based on the Library and of the other library facilities is otherwise permitted, and provided that you do these two things: a) Accompany the combined library with a copy of the same work based on the Library, uncombined with any other library facilities. This must be distributed under the terms of the Sections above. b) Give prominent notice with the combined library of the fact that part of it is a work based on the Library, and explaining where to find the accompanying uncombined form of the same work. 8. You may not copy, modify, sublicense, link with, or distribute the Library except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense, link with, or distribute the Library is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 9. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Library or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Library (or any work based on the Library), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Library or works based on it. 10. Each time you redistribute the Library (or any work based on the Library), the recipient automatically receives a license from the original licensor to copy, distribute, link with or modify the Library subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties with this License. 11. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Library at all. For example, if a patent license would not permit royalty-free redistribution of the Library by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Library. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply, and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 12. If the distribution and/or use of the Library is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Library under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 13. The Free Software Foundation may publish revised and/or new versions of the Lesser General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Library specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Library does not specify a license version number, you may choose any version ever published by the Free Software Foundation. 14. If you wish to incorporate parts of the Library into other free programs whose distribution conditions are incompatible with these, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Libraries If you develop a new library, and you want it to be of the greatest possible use to the public, we recommend making it free software that everyone can redistribute and change. You can do so by permitting redistribution under these terms (or, alternatively, under the terms of the ordinary General Public License). To apply these terms, attach the following notices to the library. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. Copyright (C) This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Also add information on how to contact you by electronic and paper mail. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the library, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the library `Frob' (a library for tweaking knobs) written by James Random Hacker. , 1 April 1990 Ty Coon, President of Vice That's all there is to it! firehose-0.5/requirements-dev.txt000066400000000000000000000000411311207242100172060ustar00rootroot00000000000000nose mock # libxml2-utils sphinx firehose-0.5/requirements.txt000066400000000000000000000000401311207242100164310ustar00rootroot00000000000000six # for python 2 / 3 interop firehose-0.5/setup.py000066400000000000000000000027131311207242100146700ustar00rootroot00000000000000#!/usr/bin/env python # Copyright 2013 David Malcolm # Copyright 2013 Red Hat, Inc. # # This library is free software; you can redistribute it and/or # modify it under the terms of the GNU Lesser General Public # License as published by the Free Software Foundation; either # version 2.1 of the License, or (at your option) any later version. # # This library is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # Lesser General Public License for more details. # # You should have received a copy of the GNU Lesser General Public # License along with this library; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 # USA from distutils.core import setup setup(name='firehose', version='0.5', description='Library for working with output from static code analyzers', packages=['firehose', 'firehose.parsers'], license='LGPL2.1 or later', author='David Malcolm ', url='https://github.com/fedora-static-analysis/firehose', classifiers=( 'Intended Audience :: Developers', 'Programming Language :: Python', 'Programming Language :: Python :: 2', 'Programming Language :: Python :: 3', 'Topic :: Software Development :: Libraries', ) ) firehose-0.5/tests/000077500000000000000000000000001311207242100143155ustar00rootroot00000000000000firehose-0.5/tests/__init__.py000066400000000000000000000000001311207242100164140ustar00rootroot00000000000000firehose-0.5/tests/parsers/000077500000000000000000000000001311207242100157745ustar00rootroot00000000000000firehose-0.5/tests/parsers/__init__.py000066400000000000000000000000001311207242100200730ustar00rootroot00000000000000firehose-0.5/tests/parsers/example-output/000077500000000000000000000000001311207242100207655ustar00rootroot00000000000000firehose-0.5/tests/parsers/example-output/clanganalyzer/000077500000000000000000000000001311207242100236175ustar00rootroot00000000000000firehose-0.5/tests/parsers/example-output/clanganalyzer/report-001.plist000066400000000000000000000054231311207242100265110ustar00rootroot00000000000000 files python-ethtool/ethtool.c diagnostics path kindevent location line130 col2 file0 ranges line130 col8 file0 line130 col29 file0 extended_message Value stored to 'ret' is never read message Value stored to 'ret' is never read descriptionValue stored to 'ret' is never read categoryDead store typeDead assignment location line130 col2 file0 path kindevent location line130 col32 file0 ranges line130 col38 file0 line130 col59 file0 extended_message Value stored to 'ret' is never read message Value stored to 'ret' is never read descriptionValue stored to 'ret' is never read categoryDead store typeDead assignment location line130 col32 file0 firehose-0.5/tests/parsers/example-output/clanganalyzer/report-002.plist000066400000000000000000001162431311207242100265150ustar00rootroot00000000000000 files search.c diagnostics path kindevent location line454 col3 file0 ranges line454 col11 file0 line454 col15 file0 extended_message Value stored to 'error' is never read message Value stored to 'error' is never read descriptionValue stored to 'error' is never read categoryDead store typeDead assignment location line454 col3 file0 path kindevent location line824 col2 file0 ranges line824 col13 file0 line824 col43 file0 extended_message Value stored to 'pol_opt' is never read message Value stored to 'pol_opt' is never read descriptionValue stored to 'pol_opt' is never read categoryDead store typeDead increment location line824 col2 file0 path kindcontrol edges start line161 col2 file0 line161 col2 file0 end line161 col9 file0 line161 col9 file0 kindcontrol edges start line161 col9 file0 line161 col9 file0 end line165 col18 file0 line165 col21 file0 kindevent location line165 col18 file0 ranges line165 col18 file0 line165 col21 file0 extended_message Variable 'dict' initialized to a null pointer value message Variable 'dict' initialized to a null pointer value kindcontrol edges start line165 col18 file0 line165 col21 file0 end line171 col2 file0 line171 col2 file0 kindcontrol edges start line171 col2 file0 line171 col2 file0 end line171 col6 file0 line171 col12 file0 kindevent location line171 col6 file0 ranges line171 col6 file0 line171 col12 file0 extended_message Assuming 'policy' is null message Assuming 'policy' is null kindcontrol edges start line171 col6 file0 line171 col12 file0 end line173 col3 file0 line173 col3 file0 kindcontrol edges start line173 col3 file0 line173 col3 file0 end line213 col2 file0 line213 col2 file0 kindcontrol edges start line213 col2 file0 line213 col2 file0 end line215 col2 file0 line215 col10 file0 kindevent location line215 col2 file0 ranges line215 col2 file0 line215 col10 file0 extended_message Access to field 'ob_refcnt' results in a dereference of a null pointer (loaded from variable 'dict') message Access to field 'ob_refcnt' results in a dereference of a null pointer (loaded from variable 'dict') descriptionAccess to field 'ob_refcnt' results in a dereference of a null pointer (loaded from variable 'dict') categoryLogic error typeDereference of null pointer location line215 col2 file0 path kindcontrol edges start line798 col2 file0 line798 col2 file0 end line810 col2 file0 line810 col2 file0 kindcontrol edges start line810 col2 file0 line810 col2 file0 end line810 col6 file0 line810 col13 file0 kindevent location line810 col6 file0 ranges line810 col6 file0 line810 col13 file0 extended_message Assuming 'src_name' is null message Assuming 'src_name' is null kindcontrol edges start line810 col6 file0 line810 col13 file0 end line812 col2 file0 line812 col2 file0 kindcontrol edges start line812 col2 file0 line812 col2 file0 end line812 col6 file0 line812 col13 file0 kindevent location line812 col6 file0 ranges line812 col6 file0 line812 col13 file0 extended_message Assuming 'tgt_name' is null message Assuming 'tgt_name' is null kindcontrol edges start line812 col6 file0 line812 col13 file0 end line814 col2 file0 line814 col2 file0 kindcontrol edges start line814 col2 file0 line814 col2 file0 end line814 col6 file0 line814 col15 file0 kindevent location line814 col6 file0 ranges line814 col6 file0 line814 col15 file0 extended_message Assuming 'class_name' is null message Assuming 'class_name' is null kindcontrol edges start line814 col6 file0 line814 col15 file0 end line816 col2 file0 line816 col2 file0 kindcontrol edges start line816 col2 file0 line816 col2 file0 end line816 col6 file0 line816 col13 file0 kindevent location line816 col6 file0 ranges line816 col6 file0 line816 col13 file0 extended_message Assuming 'permlist' is null message Assuming 'permlist' is null kindcontrol edges start line816 col6 file0 line816 col13 file0 end line820 col2 file0 line820 col2 file0 kindcontrol edges start line820 col2 file0 line820 col2 file0 end line821 col2 file0 line821 col2 file0 kindcontrol edges start line821 col2 file0 line821 col2 file0 end line821 col8 file0 line821 col8 file0 kindcontrol edges start line821 col8 file0 line821 col8 file0 end line824 col2 file0 line824 col2 file0 kindcontrol edges start line824 col2 file0 line824 col2 file0 end line827 col2 file0 line827 col2 file0 kindcontrol edges start line827 col2 file0 line827 col2 file0 end line827 col6 file0 line827 col6 file0 kindcontrol edges start line827 col6 file0 line827 col6 file0 end line858 col2 file0 line858 col2 file0 kindcontrol edges start line858 col2 file0 line858 col2 file0 end line858 col6 file0 line858 col6 file0 kindcontrol edges start line858 col6 file0 line858 col6 file0 end line858 col28 file0 line858 col28 file0 kindcontrol edges start line858 col28 file0 line858 col28 file0 end line859 col3 file0 line859 col3 file0 kindcontrol edges start line859 col3 file0 line859 col3 file0 end line860 col4 file0 line860 col4 file0 kindcontrol edges start line860 col4 file0 line860 col4 file0 end line862 col4 file0 line862 col4 file0 kindcontrol edges start line862 col4 file0 line862 col4 file0 end line919 col2 file0 line919 col2 file0 kindcontrol edges start line919 col2 file0 line919 col2 file0 end line929 col2 file0 line929 col2 file0 kindcontrol edges start line929 col2 file0 line929 col2 file0 end line929 col6 file0 line929 col20 file0 kindevent location line929 col6 file0 ranges line929 col6 file0 line929 col20 file0 extended_message Access to field 'ob_size' results in a dereference of a null pointer (loaded from variable 'output') message Access to field 'ob_size' results in a dereference of a null pointer (loaded from variable 'output') descriptionAccess to field 'ob_size' results in a dereference of a null pointer (loaded from variable 'output') categoryLogic error typeDereference of null pointer location line929 col6 file0 firehose-0.5/tests/parsers/example-output/clanganalyzer/report-003.plist000066400000000000000000000054421311207242100265140ustar00rootroot00000000000000 clang_version clang version 3.4.2 (tags/RELEASE_34/dot2-final) files ../../src/test-sources/out-of-bounds.c diagnostics path kindcontrol edges start line3 col3 file0 line3 col5 file0 end line5 col3 file0 line5 col8 file0 kindevent location line5 col3 file0 ranges line5 col10 file0 line5 col16 file0 depth0 extended_message Undefined or garbage value returned to caller message Undefined or garbage value returned to caller descriptionUndefined or garbage value returned to caller categoryLogic error typeGarbage return value issue_context_kindfunction issue_contextout_of_bounds issue_hash3 location line5 col3 file0 firehose-0.5/tests/parsers/example-output/cppcheck-xml-v2/000077500000000000000000000000001311207242100236705ustar00rootroot00000000000000firehose-0.5/tests/parsers/example-output/cppcheck-xml-v2/example-001.xml000066400000000000000000000042761311207242100263540ustar00rootroot00000000000000 Checking python-ethtool/etherinfo.c... 1/6 files checked 13% done Checking python-ethtool/etherinfo_ipv6_obj.c... 2/6 files checked 21% done Checking python-ethtool/etherinfo_obj.c... 3/6 files checked 35% done Checking python-ethtool/ethtool.c... 4/6 files checked 65% done Checking python-ethtool/netlink-address.c... 5/6 files checked 70% done Checking python-ethtool/not-ethtool.c... 6/6 files checked 100% done firehose-0.5/tests/parsers/example-output/cppcheck-xml-v2/example-002.xml000066400000000000000000000012631311207242100263460ustar00rootroot00000000000000 firehose-0.5/tests/parsers/example-output/findbugs/000077500000000000000000000000001311207242100225665ustar00rootroot00000000000000firehose-0.5/tests/parsers/example-output/findbugs/findbugs_Example.xml000066400000000000000000000516631311207242100265770ustar00rootroot00000000000000 /home/yesx/source/Sample/bin Null pointer dereference Null pointer dereference of o in O0.<static initializer for O0>() At O0.java:[lines 3-24] In class O0 In method O0.<static initializer for O0>() Value loaded from o Dereferenced at O0.java:[line 8] Null pointer dereference Null pointer dereference of o in new O0() At O0.java:[lines 3-24] In class O0 In method new O0() Value loaded from o Dereferenced at O0.java:[line 13] Null pointer dereference Null pointer dereference of o in O0.bugs() At O0.java:[lines 3-24] In class O0 In method O0.bugs() Value loaded from o Dereferenced at O0.java:[line 18] Null pointer dereference Null pointer dereference of o in O0.main(String[]) At O0.java:[lines 3-24] In class O0 In method O0.main(String[]) Value loaded from o Dereferenced at O0.java:[line 23] Null pointer dereference Null pointer dereference of o in l1.O1.<static initializer for O1>() At O1.java:[lines 4-25] In class l1.O1 In method l1.O1.<static initializer for O1>() Value loaded from o Dereferenced at O1.java:[line 9] Null pointer dereference Null pointer dereference of o in new l1.O1() At O1.java:[lines 4-25] In class l1.O1 In method new l1.O1() Value loaded from o Dereferenced at O1.java:[line 14] Null pointer dereference Null pointer dereference of o in l1.O1.bugs() At O1.java:[lines 4-25] In class l1.O1 In method l1.O1.bugs() Value loaded from o Dereferenced at O1.java:[line 19] Null pointer dereference Null pointer dereference of o in l1.O1.main(String[]) At O1.java:[lines 4-25] In class l1.O1 In method l1.O1.main(String[]) Value loaded from o Dereferenced at O1.java:[line 24] Null pointer dereference Null pointer dereference of o in l1.l2.O2.<static initializer for O2>() At O2.java:[lines 4-25] In class l1.l2.O2 In method l1.l2.O2.<static initializer for O2>() Value loaded from o Dereferenced at O2.java:[line 9] Null pointer dereference Null pointer dereference of o in new l1.l2.O2() At O2.java:[lines 4-25] In class l1.l2.O2 In method new l1.l2.O2() Value loaded from o Dereferenced at O2.java:[line 14] Null pointer dereference Null pointer dereference of o in l1.l2.O2.bugs() At O2.java:[lines 4-25] In class l1.l2.O2 In method l1.l2.O2.bugs() Value loaded from o Dereferenced at O2.java:[line 19] Null pointer dereference Null pointer dereference of o in l1.l2.O2.main(String[]) At O2.java:[lines 4-25] In class l1.l2.O2 In method l1.l2.O2.main(String[]) Value loaded from o Dereferenced at O2.java:[line 24] Correctness Null pointer dereference
A null pointer is dereferenced here.  This will lead to a NullPointerException when the code is executed.

]]>
 Null pointer dereference firehose-0.5/tests/parsers/example-output/findbugs/findbugs_jformatstring.xml000066400000000000000000001617641311207242100301010ustar00rootroot00000000000000 /usr/share/java/jFormatString.jar Dead store to local variable Dead store to c in edu.umd.cs.findbugs.formatStringChecker.FormatterCompileTimeTest.testBug1874856FalsePositive() At FormatterCompileTimeTest.java:[lines 13-102] In class edu.umd.cs.findbugs.formatStringChecker.FormatterCompileTimeTest In method edu.umd.cs.findbugs.formatStringChecker.FormatterCompileTimeTest.testBug1874856FalsePositive() Local variable named c At FormatterCompileTimeTest.java:[line 66] Dead store to local variable Dead store to c in edu.umd.cs.findbugs.formatStringChecker.FormatterCompileTimeTest.testBug1874856TruePositive() At FormatterCompileTimeTest.java:[lines 13-102] In class edu.umd.cs.findbugs.formatStringChecker.FormatterCompileTimeTest In method edu.umd.cs.findbugs.formatStringChecker.FormatterCompileTimeTest.testBug1874856TruePositive() Local variable named c At FormatterCompileTimeTest.java:[line 89] Method ignores return value return value of String.format(String, Object[]) ignored in edu.umd.cs.findbugs.formatStringChecker.FormatterRuntimeTest.testShouldWork() At FormatterRuntimeTest.java:[lines 16-92] In class edu.umd.cs.findbugs.formatStringChecker.FormatterRuntimeTest In method edu.umd.cs.findbugs.formatStringChecker.FormatterRuntimeTest.testShouldWork() Called method String.format(String, Object[]) At FormatterRuntimeTest.java:[line 19] Another occurrence at FormatterRuntimeTest.java:[line 21] Another occurrence at FormatterRuntimeTest.java:[line 22] Method ignores return value return value of String.format(String, Object[]) ignored in edu.umd.cs.findbugs.formatStringChecker.FormatterRuntimeTest.testFormatDateWithY() At FormatterRuntimeTest.java:[lines 16-92] In class edu.umd.cs.findbugs.formatStringChecker.FormatterRuntimeTest In method edu.umd.cs.findbugs.formatStringChecker.FormatterRuntimeTest.testFormatDateWithY() Called method String.format(String, Object[]) At FormatterRuntimeTest.java:[line 52] Method ignores return value return value of String.format(String, Object[]) ignored in edu.umd.cs.findbugs.formatStringChecker.FormatterRuntimeTest.testNotEnoughParameters() At FormatterRuntimeTest.java:[lines 16-92] In class edu.umd.cs.findbugs.formatStringChecker.FormatterRuntimeTest In method edu.umd.cs.findbugs.formatStringChecker.FormatterRuntimeTest.testNotEnoughParameters() Called method String.format(String, Object[]) At FormatterRuntimeTest.java:[line 36] Method ignores return value return value of String.format(String, Object[]) ignored in edu.umd.cs.findbugs.formatStringChecker.FormatterRuntimeTest.testStringWhereIntegerExpected() At FormatterRuntimeTest.java:[lines 16-92] In class edu.umd.cs.findbugs.formatStringChecker.FormatterRuntimeTest In method edu.umd.cs.findbugs.formatStringChecker.FormatterRuntimeTest.testStringWhereIntegerExpected() Called method String.format(String, Object[]) At FormatterRuntimeTest.java:[line 28] The type of a supplied argument doesn't match format specifier Argument of type String can't be handled by format specifier %tY in edu.umd.cs.findbugs.formatStringChecker.FormatterRuntimeTest.testDateMismatch() At FormatterRuntimeTest.java:[lines 16-92] In class edu.umd.cs.findbugs.formatStringChecker.FormatterRuntimeTest In method edu.umd.cs.findbugs.formatStringChecker.FormatterRuntimeTest.testDateMismatch() Called method java.io.PrintStream.printf(String, Object[]) At String.java:[lines 109-2985] Actual type String Format specifier "%tY" Format string "%tY\n" String constant "2008" At FormatterRuntimeTest.java:[line 88] The type of a supplied argument doesn't match format specifier Argument of type String can't be handled by format specifier %d in edu.umd.cs.findbugs.formatStringChecker.FormatterRuntimeTest.testStringWhereIntegerExpected() At FormatterRuntimeTest.java:[lines 16-92] In class edu.umd.cs.findbugs.formatStringChecker.FormatterRuntimeTest In method edu.umd.cs.findbugs.formatStringChecker.FormatterRuntimeTest.testStringWhereIntegerExpected() Called method String.format(String, Object[]) At String.java:[lines 109-2985] Actual type String Format specifier "%d" Format string "%d" String constant "test" At FormatterRuntimeTest.java:[line 28] Array formatted in useless way using format string Argument of type int[] formatted in useless way in edu.umd.cs.findbugs.formatStringChecker.FormatterRuntimeTest.testPassingAnArray() At FormatterRuntimeTest.java:[lines 16-92] In class edu.umd.cs.findbugs.formatStringChecker.FormatterRuntimeTest In method edu.umd.cs.findbugs.formatStringChecker.FormatterRuntimeTest.testPassingAnArray() Called method java.io.PrintStream.printf(String, Object[]) Actual type int[] Format specifier "%s" Format string "%s" At FormatterRuntimeTest.java:[line 43] Non-Boolean argument formatted using %b format specifier Non-Boolean argument formatted using %b format specifier in edu.umd.cs.findbugs.formatStringChecker.FormatterRuntimeTest.testPassingAnIntToABoolean() At FormatterRuntimeTest.java:[lines 16-92] In class edu.umd.cs.findbugs.formatStringChecker.FormatterRuntimeTest In method edu.umd.cs.findbugs.formatStringChecker.FormatterRuntimeTest.testPassingAnIntToABoolean() Called method java.io.PrintStream.printf(String, Object[]) At Integer.java:[lines 50-1177] Actual type Integer Format specifier "%b" Format string "%b" Return value of Integer.valueOf(int) At FormatterRuntimeTest.java:[line 47] Illegal format string Illegal format string "%Y" in edu.umd.cs.findbugs.formatStringChecker.FormatterRuntimeTest.testFormatDateWithY() At FormatterRuntimeTest.java:[lines 16-92] In class edu.umd.cs.findbugs.formatStringChecker.FormatterRuntimeTest In method edu.umd.cs.findbugs.formatStringChecker.FormatterRuntimeTest.testFormatDateWithY() Called method String.format(String, Object[]) Format string "%Y" At FormatterRuntimeTest.java:[line 52] Format string references missing argument format string "%s" needs argument 2 but only 1 are provided in edu.umd.cs.findbugs.formatStringChecker.FormatterRuntimeTest.testNotEnoughParameters() At FormatterRuntimeTest.java:[lines 16-92] In class edu.umd.cs.findbugs.formatStringChecker.FormatterRuntimeTest In method edu.umd.cs.findbugs.formatStringChecker.FormatterRuntimeTest.testNotEnoughParameters() Called method String.format(String, Object[]) Format specifier "%s" Format string "%s%s" Expected 2 arguments Found 1 arguments At FormatterRuntimeTest.java:[line 36] No previous argument for format string No previous argument for format string argument to String.format(String, Object[]) in edu.umd.cs.findbugs.formatStringChecker.FormatterRuntimeTest.testBug1874856TruePositive() At FormatterRuntimeTest.java:[lines 16-92] In class edu.umd.cs.findbugs.formatStringChecker.FormatterRuntimeTest In method edu.umd.cs.findbugs.formatStringChecker.FormatterRuntimeTest.testBug1874856TruePositive() Called method String.format(String, Object[]) Format specifier "%<te" Format string "s5 Duke's Birthday: %<te, %te %<tY %te %12$tm " At FormatterRuntimeTest.java:[line 78] Format string should use %n rather than \n Format string should use %n rather than \n in edu.umd.cs.findbugs.formatStringChecker.FormatterRuntimeTest.testDateMismatch() At FormatterRuntimeTest.java:[lines 16-92] In class edu.umd.cs.findbugs.formatStringChecker.FormatterRuntimeTest In method edu.umd.cs.findbugs.formatStringChecker.FormatterRuntimeTest.testDateMismatch() Called method java.io.PrintStream.printf(String, Object[]) Format string "%tY\n" At FormatterRuntimeTest.java:[line 88] Format string should use %n rather than \n Format string should use %n rather than \n in edu.umd.cs.findbugs.formatStringChecker.FormatterRuntimeTest.testShouldWork() At FormatterRuntimeTest.java:[lines 16-92] In class edu.umd.cs.findbugs.formatStringChecker.FormatterRuntimeTest In method edu.umd.cs.findbugs.formatStringChecker.FormatterRuntimeTest.testShouldWork() Called method String.format(String, Object[]) Format string "%d\n" At FormatterRuntimeTest.java:[line 21] Format string should use %n rather than \n Format string should use %n rather than \n in edu.umd.cs.findbugs.formatStringChecker.FormatterRuntimeTest.testShouldWork() At FormatterRuntimeTest.java:[lines 16-92] In class edu.umd.cs.findbugs.formatStringChecker.FormatterRuntimeTest In method edu.umd.cs.findbugs.formatStringChecker.FormatterRuntimeTest.testShouldWork() Called method String.format(String, Object[]) Format string "%f\n" At FormatterRuntimeTest.java:[line 22] Dodgy code Bad practice Correctness No previous argument for format string
The format string specifies a relative index to request that the argument for the previous format specifier be reused. However, there is no previous argument. For example,

formatter.format("%<s %s", "a", "b")

would throw a MissingFormatArgumentException when executed.

]]>
 Array formatted in useless way using format string
One of the arguments being formatted with a format string is an array. This will be formatted using a fairly useless format, such as [I@304282, which doesn't actually show the contents of the array. Consider wrapping the array using Arrays.asList(...) before handling it off to a formatted.

]]>
 Non-Boolean argument formatted using %b format specifier
An argument not of type Boolean is being formatted with a %b format specifier. This won't throw an exception; instead, it will print true for any nonnull value, and false for null. This feature of format strings is strange, and may not be what you intended.

]]>
 The type of a supplied argument doesn't match format specifier
One of the arguments is uncompatible with the corresponding format string specifier. As a result, this will generate a runtime exception when executed. For example, String.format("%d", "1") will generate an exception, since the String "1" is incompatible with the format specifier %d.

]]>
 Format string should use %n rather than \n
This format string include a newline character (\n). In format strings, it is generally preferable better to use %n, which will produce the platform-specific line separator.

]]>
 Format string references missing argument
Not enough arguments are passed to satisfy a placeholder in the format string. A runtime exception will occur when this statement is executed.

]]>
 Illegal format string
The format string is syntactically invalid, and a runtime exception will occur when this statement is executed.

]]>
 Method ignores return value
The return value of this method should be checked. One common cause of this warning is to invoke a method on an immutable object, thinking that it updates the object. For example, in the following code fragment,

String dateString = getHeaderField(name);
dateString.trim();

the programmer seems to be thinking that the trim() method will update the String referenced by dateString. But since Strings are immutable, the trim() function returns a new String value, which is being ignored here. The code should be corrected to: 

String dateString = getHeaderField(name);
dateString = dateString.trim();
]]>
 Dead store to local variable
This instruction assigns a value to a local variable, but the value is not read or used in any subsequent instruction. Often, this indicates an error, because the value computed is never used.

Note that Sun's javac compiler often generates dead stores for final local variables. Because FindBugs is a bytecode-based tool, there is no easy way to eliminate these false positives.

]]>
 Format string problem Bad use of return value from method Useless/non-informative string generated Dead local store junit.framework.Assert junit.framework.TestCase firehose-0.5/tests/parsers/example-output/findbugs/findbugs_no_method.xml000066400000000000000000000033521311207242100271500ustar00rootroot00000000000000 Unread public/protected field Unread public/protected field: com.clearspring.ircbot.trac.TracRpc$TicketGet.method At TracRpc.java:[lines 77-88] In class com.clearspring.ircbot.trac.TracRpc$TicketGet In TracRpc.java Field com.clearspring.ircbot.trac.TracRpc$TicketGet.method At TracRpc.java:[line 77] firehose-0.5/tests/parsers/example-output/flawfinder/000077500000000000000000000000001311207242100231065ustar00rootroot00000000000000firehose-0.5/tests/parsers/example-output/flawfinder/flawfinder-report-1000066400000000000000000014745321311207242100266410ustar00rootroot00000000000000Flawfinder version 1.31, (C) 2001-2014 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 169 ./docs/examples/asiohiper.cpp:78: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. ./docs/examples/asiohiper.cpp:97: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. ./docs/examples/asiohiper.cpp:199: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. ./docs/examples/asiohiper.cpp:359: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. ./docs/examples/cookie_interface.c:92: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./docs/examples/cookie_interface.c:92: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./docs/examples/evhiperfifo.c:76: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ./docs/examples/htmltidy.c:56: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ./docs/examples/rtsp.c:170: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a differen input function. ./docs/examples/synctime.c:155: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. ./lib/curl_ntlm_core.c:717: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./lib/curl_ntlm_wb.c:180: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. ./lib/curl_ntlm_wb.c:225: [4] (shell) execl: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. ./lib/curl_ntlm_wb.c:232: [4] (shell) execl: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. ./lib/curl_printf.h:32: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ./lib/curl_printf.h:33: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ./lib/curl_printf.h:34: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./lib/curl_printf.h:35: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ./lib/curl_printf.h:36: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ./lib/curl_printf.h:37: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./lib/curl_printf.h:40: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ./lib/curl_printf.h:41: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ./lib/curl_printf.h:42: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./lib/curl_printf.h:43: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ./lib/curl_printf.h:44: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ./lib/curl_printf.h:45: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./lib/curl_printf.h:51: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. ./lib/curl_printf.h:52: [4] (buffer) vsprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. ./lib/curl_printf.h:53: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. ./lib/curl_printf.h:54: [4] (buffer) vsprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. ./lib/curlx.h:91: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ./lib/curlx.h:92: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ./lib/curlx.h:93: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. ./lib/curlx.h:94: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./lib/curlx.h:95: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ./lib/curlx.h:96: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ./lib/curlx.h:97: [4] (buffer) vsprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. ./lib/curlx.h:98: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./lib/curlx.h:102: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ./lib/curlx.h:103: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ./lib/curlx.h:104: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. ./lib/curlx.h:105: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./lib/curlx.h:106: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ./lib/curlx.h:107: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ./lib/curlx.h:108: [4] (buffer) vsprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. ./lib/curlx.h:109: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./lib/ftp.c:1056: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). ./lib/ftp.c:1066: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). ./lib/inet_ntop.c:69: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). ./lib/inet_ntop.c:166: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). ./lib/ldap.c:698: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ./lib/memdebug.c:476: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./lib/mprintf.c:957: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. ./lib/progress.c:43: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./lib/progress.c:71: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./lib/security.c:123: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./lib/security.c:406: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). ./lib/sendf.c:230: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./lib/sendf.c:247: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./lib/smb.c:121: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). ./lib/smb.c:126: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). ./lib/smb.c:527: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). ./lib/smb.h:167: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. ./lib/socks.c:238: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). ./lib/socks_gssapi.c:68: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). ./lib/socks_gssapi.c:89: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). ./lib/ssh.c:829: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. ./lib/ssh.c:834: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. ./lib/ssh.c:842: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. ./lib/ssh.c:845: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. ./lib/system_win32.c:310: [4] (buffer) _tcscpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using a function version that stops copying at the end of the buffer. ./lib/system_win32.c:311: [4] (buffer) _tcscpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using a function version that stops copying at the end of the buffer. ./lib/tftp.c:411: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). ./lib/tftp.c:502: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./lib/vauth/krb5_sspi.c:411: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). ./lib/vauth/ntlm.c:402: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./lib/vauth/ntlm.c:674: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./lib/version.c:88: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). ./lib/vtls/cyassl.c:368: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). ./lib/vtls/cyassl.c:373: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). ./lib/vtls/gskit.c:359: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). ./lib/vtls/gskit.c:409: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). ./lib/vtls/openssl.c:3238: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./packages/OS400/os400sys.c:1129: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). ./packages/OS400/os400sys.c:1161: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). ./packages/OS400/os400sys.c:1193: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). ./src/tool_cb_prg.c:94: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ./src/tool_dirhie.c:138: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). ./src/tool_dirhie.c:142: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. ./src/tool_getparam.c:1251: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). ./src/tool_help.c:338: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ./src/tool_main.c:103: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). ./src/tool_msgs.c:47: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./src/tool_msgs.c:112: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ./src/tool_paramhlp.c:82: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). ./src/tool_parsecfg.c:351: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). ./src/tool_setopt.c:553: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./src/tool_writeout.c:315: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ./tests/libtest/first.c:97: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). ./tests/libtest/lib1900.c:66: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. ./tests/libtest/lib1900.c:73: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. ./tests/libtest/lib518.c:137: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./tests/libtest/lib518.c:145: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./tests/libtest/lib518.c:203: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./tests/libtest/lib518.c:211: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./tests/libtest/lib518.c:238: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./tests/libtest/lib518.c:239: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./tests/libtest/lib518.c:262: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./tests/libtest/lib518.c:290: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./tests/libtest/lib518.c:301: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./tests/libtest/lib518.c:321: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./tests/libtest/lib518.c:349: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./tests/libtest/lib518.c:353: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./tests/libtest/lib518.c:360: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./tests/libtest/lib518.c:361: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./tests/libtest/lib518.c:380: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./tests/libtest/lib518.c:437: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./tests/libtest/lib537.c:138: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./tests/libtest/lib537.c:146: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./tests/libtest/lib537.c:198: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./tests/libtest/lib537.c:206: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./tests/libtest/lib537.c:236: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./tests/libtest/lib537.c:279: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./tests/libtest/lib537.c:291: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./tests/libtest/lib537.c:315: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./tests/libtest/lib537.c:343: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./tests/libtest/lib537.c:347: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./tests/libtest/lib537.c:355: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./tests/libtest/lib537.c:367: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./tests/libtest/lib537.c:384: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./tests/libtest/lib537.c:441: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./tests/libtest/lib547.c:57: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). ./tests/libtest/lib555.c:56: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). ./tests/server/fake_ntlm.c:101: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./tests/server/getpart.c:47: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ./tests/server/getpart.c:404: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). ./tests/server/getpart.c:410: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). ./tests/server/getpart.c:416: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). ./tests/server/util.c:119: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./tests/server/util.c:189: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ./docs/examples/curlx.c:331: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. ./include/curl/curl.h:2050: [3] (buffer) curl_getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. ./lib/config-dos.h:152: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. ./lib/curl_gethostname.c:67: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. ./lib/curl_ntlm_core.c:699: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. ./lib/curl_ntlm_wb.c:143: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. ./lib/curl_ntlm_wb.c:145: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. ./lib/curl_ntlm_wb.c:147: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. ./lib/curl_ntlm_wb.c:173: [3] (buffer) curl_getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. ./lib/curl_setup.h:652: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. ./lib/curl_threads.h:42: [3] (misc) InitializeCriticalSection: Exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. ./lib/curl_threads.h:46: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. ./lib/curlx.h:75: [3] (buffer) curl_getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. ./lib/getenv.c:39: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. ./lib/getenv.c:45: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. ./lib/getenv.c:51: [3] (buffer) curl_getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. ./lib/ldap.c:691: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. ./lib/netrc.c:72: [3] (buffer) curl_getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. ./lib/rand.c:45: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. ./lib/setup-vms.h:37: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. ./lib/setup-vms.h:50: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. ./lib/setup-vms.h:52: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. ./lib/ssh.c:818: [3] (buffer) curl_getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. ./lib/system_win32.c:291: [3] (misc) LoadLibrary: Ensure that the full path to the library is specified, or current directory may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to find library path, if you aren't already. ./lib/system_win32.c:317: [3] (misc) LoadLibrary: Ensure that the full path to the library is specified, or current directory may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to find library path, if you aren't already. ./lib/url.c:4819: [3] (buffer) curl_getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. ./lib/url.c:4821: [3] (buffer) curl_getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. ./lib/url.c:4837: [3] (buffer) curl_getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. ./lib/url.c:4854: [3] (buffer) curl_getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. ./lib/url.c:4860: [3] (buffer) curl_getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. ./lib/url.c:4862: [3] (buffer) curl_getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. ./lib/vtls/nss.c:1235: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. ./src/tool_homedir.c:57: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. ./src/tool_main.c:264: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. ./src/tool_vms.c:56: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. ./tests/libtest/first.c:91: [3] (buffer) curl_getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. ./tests/libtest/first.c:105: [3] (buffer) curl_getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. ./tests/libtest/sethostname.c:32: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. ./tests/server/fake_ntlm.c:165: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. ./tests/server/fake_ntlm.c:180: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. ./CMake/CurlTests.c:116: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./CMake/CurlTests.c:512: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./CMake/CurlTests.c:526: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./docs/examples/anyauthput.c:137: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./docs/examples/asiohiper.cpp:75: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./docs/examples/asiohiper.cpp:360: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./docs/examples/cookie_interface.c:71: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./docs/examples/curlgtk.c:55: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./docs/examples/curlx.c:157: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./docs/examples/evhiperfifo.c:99: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./docs/examples/evhiperfifo.c:373: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./docs/examples/evhiperfifo.c:410: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./docs/examples/fileupload.c:39: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./docs/examples/fopen.c:121: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./docs/examples/fopen.c:246: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./docs/examples/fopen.c:358: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./docs/examples/fopen.c:406: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./docs/examples/fopen.c:462: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./docs/examples/fopen.c:471: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./docs/examples/fopen.c:495: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./docs/examples/fopen.c:519: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./docs/examples/ftp-wildcard.c:122: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./docs/examples/ftpget.c:41: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./docs/examples/ftpgetresp.c:49: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./docs/examples/ftpgetresp.c:52: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./docs/examples/ftpsget.c:43: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./docs/examples/ftpupload.c:88: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./docs/examples/ftpuploadresume.c:88: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./docs/examples/getinmemory.c:52: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./docs/examples/ghiper.c:82: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./docs/examples/ghiper.c:393: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./docs/examples/hiperfifo.c:95: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./docs/examples/hiperfifo.c:353: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./docs/examples/hiperfifo.c:392: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./docs/examples/href_extractor.c:42: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./docs/examples/href_extractor.c:55: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./docs/examples/htmltidy.c:78: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./docs/examples/htmltitle.cpp:65: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./docs/examples/http2-download.c:150: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./docs/examples/http2-download.c:154: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./docs/examples/http2-download.c:193: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ./docs/examples/http2-serverpush.c:130: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./docs/examples/http2-serverpush.c:166: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./docs/examples/http2-serverpush.c:175: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./docs/examples/http2-upload.c:114: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./docs/examples/http2-upload.c:185: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./docs/examples/http2-upload.c:186: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./docs/examples/http2-upload.c:191: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./docs/examples/http2-upload.c:199: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./docs/examples/http2-upload.c:250: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ./docs/examples/httpput.c:81: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./docs/examples/imap-append.c:75: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./docs/examples/multi-uv.c:76: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./docs/examples/multi-uv.c:82: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./docs/examples/multithread.c:42: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./docs/examples/postinmemory.c:49: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./docs/examples/rtsp.c:92: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./docs/examples/rtsp.c:150: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). Risk is low because the source is a constant string. ./docs/examples/rtsp.c:166: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./docs/examples/sendrecv.c:130: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./docs/examples/sepheaders.c:61: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./docs/examples/sepheaders.c:68: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./docs/examples/sftpget.c:52: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./docs/examples/simplessl.c:74: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./docs/examples/smooth-gtk-thread.c:89: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./docs/examples/smtp-mail.c:76: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./docs/examples/smtp-multi.c:77: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./docs/examples/smtp-ssl.c:77: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./docs/examples/smtp-tls.c:77: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./docs/examples/synctime.c:103: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./docs/examples/synctime.c:104: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./docs/examples/synctime.c:105: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./docs/examples/synctime.c:108: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./docs/examples/synctime.c:139: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./docs/examples/synctime.c:210: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./docs/examples/synctime.c:264: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./docs/examples/synctime.c:265: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./docs/examples/url2file.c:67: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./docs/examples/xmlstream.c:80: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./include/curl/curlrules.h:141: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./include/curl/curlrules.h:151: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./include/curl/curlrules.h:161: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./include/curl/curlrules.h:171: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./include/curl/curlrules.h:181: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/asyn-ares.c:670: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/asyn-thread.c:270: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/asyn-thread.c:600: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/base64.c:177: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/base64.c:178: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/connect.c:270: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/connect.c:394: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ./lib/connect.c:602: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/connect.c:603: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/connect.c:701: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/connect.c:828: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/connect.c:995: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/connect.c:1350: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/content_encoding.c:357: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/content_encoding.c:380: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/cookie.c:378: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/cookie.c:636: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/cookie.c:979: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./lib/cookie.c:1347: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./lib/curl_addrinfo.c:173: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/curl_addrinfo.c:338: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/curl_addrinfo.c:347: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/curl_addrinfo.c:374: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/curl_addrinfo.c:421: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/curl_addrinfo.c:427: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/curl_addrinfo.c:515: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/curl_fnmatch.c:74: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/curl_fnmatch.c:316: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/curl_gssapi.c:120: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/curl_multibyte.c:45: [2] (buffer) MultiByteToWideChar: Requires maximum length in CHARACTERS, not bytes (CWE-120). ./lib/curl_multibyte.c:50: [2] (buffer) MultiByteToWideChar: Requires maximum length in CHARACTERS, not bytes (CWE-120). ./lib/curl_ntlm_core.c:164: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/curl_ntlm_core.c:184: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/curl_ntlm_core.c:202: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/curl_ntlm_core.c:228: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/curl_ntlm_core.c:286: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/curl_ntlm_core.c:309: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/curl_ntlm_core.c:338: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/curl_ntlm_core.c:367: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/curl_ntlm_core.c:444: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/curl_ntlm_core.c:569: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/curl_ntlm_core.c:688: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/curl_ntlm_core.c:723: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/curl_ntlm_core.c:724: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/curl_ntlm_core.c:727: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/curl_ntlm_core.c:736: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/curl_ntlm_core.c:764: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/curl_ntlm_core.c:765: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/curl_ntlm_core.c:768: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/curl_ntlm_core.c:769: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/curl_ntlm_core.c:776: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/curl_ntlm_core.c:777: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/curl_ntlm_wb.c:124: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/dotdot.c:174: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/escape.c:168: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/file.c:75: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./lib/file.c:77: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./lib/file.c:341: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./lib/formdata.c:768: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/formdata.c:773: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./lib/formdata.c:856: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/formdata.c:978: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/formdata.c:1310: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./lib/formdata.c:1332: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/formdata.c:1419: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./lib/formdata.c:1441: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./lib/formdata.c:1444: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./lib/formdata.c:1521: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/formdata.c:1529: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/ftp.c:985: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/ftp.c:990: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/ftp.c:996: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/ftp.c:1179: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/ftp.c:1892: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/ftp.c:2355: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/ftp.c:3503: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/ftp.c:4037: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/ftp.c:4049: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). Risk is low because the source is a constant string. ./lib/getenv.c:38: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/hash.c:109: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/hostip.c:780: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/hostip.c:781: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/hostip4.c:140: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/hostip6.c:137: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/hostip6.c:168: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/hostip6.c:171: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/http.c:267: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/http.c:1006: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/http.c:1026: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/http.c:1121: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/http.c:1277: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/http.c:1736: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/http.c:2044: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/http.c:2046: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/http.c:2048: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/http.c:2864: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/http.c:3269: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/http2.c:543: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/http2.c:626: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/http2.c:951: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/http2.c:1287: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/http2.c:1389: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/http2.c:1425: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/http2.c:1749: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/http2.c:1771: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/http2.c:1784: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/http2.c:1789: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/http2.c:1820: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/http2.c:1831: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/http2.c:2077: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/http_chunks.h:83: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/idn_win32.c:77: [2] (buffer) wchar_t: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/idn_win32.c:97: [2] (buffer) wchar_t: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/if2ip.c:138: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/if2ip.c:139: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/if2ip.c:200: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/if2ip.c:231: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/if2ip.c:243: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/if2ip.h:53: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/imap.c:1057: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/imap.h:77: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/inet_ntop.c:52: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/inet_ntop.c:86: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/inet_pton.c:97: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/inet_pton.c:132: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/inet_pton.c:155: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/inet_pton.c:231: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/krb5.c:91: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). Risk is low because the source is a constant string. ./lib/krb5.c:95: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/krb5.c:139: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/md4.c:57: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/md4.c:227: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/md4.c:231: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/md4.c:242: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/md5.c:54: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/md5.c:80: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/md5.c:82: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/md5.c:122: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/md5.c:154: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/md5.c:224: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/md5.c:416: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/md5.c:420: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/md5.c:431: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/memdebug.c:117: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./lib/memdebug.c:235: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/memdebug.c:260: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/memdebug.c:421: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./lib/memdebug.h:146: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./lib/memdebug.h:147: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./lib/mprintf.c:583: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/mprintf.c:586: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/mprintf.c:891: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/multi.c:2444: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/multi.c:2523: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/multi.c:2884: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/netrc.c:79: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/netrc.c:110: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./lib/netrc.c:117: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/non-ascii.c:66: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/openldap.c:193: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/openldap.c:198: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). Risk is low because the source is a constant string. ./lib/parsedate.c:97: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/parsedate.c:354: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/parsedate.h:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/parsedate.h:26: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/pingpong.c:300: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/pingpong.c:432: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/pop3.c:461: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/pop3.c:462: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/pop3.c:684: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/progress.c:36: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). Risk is low because the source is a constant string. ./lib/progress.c:342: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/progress.c:353: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/progress.c:354: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/progress.c:355: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/rand.c:51: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/rand.c:73: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./lib/rtsp.c:623: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/rtsp.c:697: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/rtsp.c:812: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/security.c:120: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/security.c:226: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/sendf.c:190: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/sendf.c:228: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/sendf.c:481: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/sendf.c:533: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/sendf.c:699: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/sendf.c:723: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/sendf.c:737: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/sendf.c:741: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/sendf.c:753: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/sendf.c:809: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/smb.c:351: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/smb.c:413: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/smb.c:431: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/smb.c:432: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/smb.c:433: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/smb.c:434: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/smb.c:461: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/smb.c:463: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/smb.c:681: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/smb.h:37: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/smb.h:98: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/smb.h:104: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/smb.h:128: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/smb.h:148: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/smb.h:157: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/smb.h:180: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/smtp.c:1538: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/smtp.c:1618: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/smtp.c:1636: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/smtp.c:1648: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/sockaddr.h:37: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/socks.c:117: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/socks.c:176: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/socks.c:216: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/socks.c:377: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/socks.c:518: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/socks.c:522: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/socks.c:585: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/socks.c:611: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/socks_gssapi.c:55: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/socks_gssapi.c:77: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). Risk is low because the source is a constant string. ./lib/socks_gssapi.c:123: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/socks_gssapi.c:142: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/socks_gssapi.c:199: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/socks_gssapi.c:264: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/socks_gssapi.c:323: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/socks_gssapi.c:379: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/socks_gssapi.c:388: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/socks_gssapi.c:404: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/socks_gssapi.c:416: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/socks_gssapi.c:458: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/socks_gssapi.c:499: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/socks_gssapi.c:511: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/socks_sspi.c:86: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/socks_sspi.c:202: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/socks_sspi.c:286: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/socks_sspi.c:380: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/socks_sspi.c:409: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/socks_sspi.c:443: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/socks_sspi.c:445: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/socks_sspi.c:447: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/socks_sspi.c:463: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/socks_sspi.c:476: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/socks_sspi.c:520: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/socks_sspi.c:530: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/socks_sspi.c:574: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/socks_sspi.c:586: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/ssh.c:435: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/ssh.c:437: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/ssh.c:449: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/ssh.c:453: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/ssh.c:463: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/ssh.c:662: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/ssh.c:1140: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/ssh.c:2059: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/ssh.c:3379: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/strdup.c:51: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/strdup.c:74: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/strerror.c:646: [2] (buffer) wchar_t: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/strerror.c:684: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/strerror.c:697: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/strerror.c:735: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/strerror.c:736: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/strerror.c:1018: [2] (buffer) wchar_t: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/telnet.c:160: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/telnet.c:161: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/telnet.c:167: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/telnet.c:346: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/telnet.c:822: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/telnet.c:823: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/telnet.c:890: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ./lib/telnet.c:927: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/telnet.c:932: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/telnet.c:933: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/telnet.c:1227: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/tftp.c:453: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/tftp.c:1110: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/transfer.c:164: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/transfer.c:190: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/transfer.c:193: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/transfer.c:330: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/transfer.c:335: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/transfer.c:1463: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/transfer.c:1610: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/url.c:1051: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/url.c:4265: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/url.c:4344: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/url.c:4451: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/url.c:4516: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/url.c:4519: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/url.c:4564: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/url.c:4817: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/url.c:4834: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). Risk is low because the source is a constant string. ./lib/url.c:5081: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/url.c:5082: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/url.c:5319: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/url.c:5327: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/url.c:5335: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/url.c:5405: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/urldata.h:297: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/urldata.h:470: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/urldata.h:924: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/urldata.h:953: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/urldata.h:960: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/urldata.h:1083: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/urldata.h:1171: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/urldata.h:1174: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/urldata.h:1306: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/urldata.h:1307: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/urldata.h:1714: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vauth/cleartext.c:92: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/vauth/cleartext.c:94: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/vauth/cleartext.c:96: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/vauth/cram.c:100: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vauth/digest.c:353: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vauth/digest.c:354: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vauth/digest.c:355: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vauth/digest.c:356: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vauth/digest.c:357: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vauth/digest.c:358: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vauth/digest.c:359: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vauth/digest.c:360: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vauth/digest.c:362: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vauth/digest.c:532: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vauth/digest.c:533: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vauth/digest.c:671: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vauth/digest.c:672: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vauth/digest.c:674: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vauth/digest.c:675: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vauth/digest.c:676: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vauth/digest_sspi.c:271: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vauth/digest_sspi.c:272: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vauth/digest_sspi.c:515: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/vauth/krb5_gssapi.c:298: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/vauth/krb5_gssapi.c:336: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/vauth/krb5_gssapi.c:337: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/vauth/krb5_sspi.c:231: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/vauth/krb5_sspi.c:360: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/vauth/krb5_sspi.c:410: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/vauth/krb5_sspi.c:461: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/vauth/krb5_sspi.c:463: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/vauth/krb5_sspi.c:465: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/vauth/ntlm.c:194: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/vauth/ntlm.c:309: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/vauth/ntlm.c:383: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vauth/ntlm.c:509: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vauth/ntlm.c:511: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vauth/ntlm.c:515: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vauth/ntlm.c:520: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vauth/ntlm.c:557: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vauth/ntlm.c:559: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vauth/ntlm.c:596: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vauth/ntlm.c:597: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vauth/ntlm.c:598: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vauth/ntlm.c:607: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/vauth/ntlm.c:613: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/vauth/ntlm.c:614: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/vauth/ntlm.c:634: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vauth/ntlm.c:636: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vauth/ntlm.c:762: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/vauth/ntlm.c:774: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/vauth/ntlm.c:805: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/vauth/ntlm.c:813: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/vauth/ntlm.c:821: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/version.c:80: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/version.c:154: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/version.c:346: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/version.c:349: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/axtls.c:631: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/vtls/cyassl.c:136: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/cyassl.c:360: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/cyassl.c:443: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/cyassl.c:642: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/cyassl.c:687: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/darwinssl.c:805: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ./lib/vtls/darwinssl.c:806: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ./lib/vtls/darwinssl.c:1281: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/darwinssl.c:1661: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/darwinssl.c:1663: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./lib/vtls/darwinssl.c:1694: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/vtls/darwinssl.c:1755: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/darwinssl.c:2044: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/darwinssl.c:2325: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/gskit.c:614: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/gskit.c:1232: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/gtls.c:245: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./lib/vtls/gtls.c:872: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/gtls.c:935: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/gtls.c:1132: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/gtls.c:1133: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/gtls.c:1493: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/gtls.c:1657: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/vtls/gtls.c:1676: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/vtls/mbedtls.c:175: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/mbedtls.c:463: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/mbedtls.c:533: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/nss.c:726: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/nss.c:835: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/nss.c:1258: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/vtls/nss.c:1877: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/nss.c:1882: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/vtls/nss.c:1888: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/vtls/openssl.c:171: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/vtls/openssl.c:244: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/openssl.c:444: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./lib/vtls/openssl.c:658: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/vtls/openssl.c:841: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/openssl.c:935: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/openssl.c:1229: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/vtls/openssl.c:1507: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/openssl.c:1508: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/openssl.c:1979: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/openssl.c:1985: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/vtls/openssl.c:1993: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/vtls/openssl.c:2234: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/openssl.c:2266: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). Risk is low because the source is a constant string. ./lib/vtls/openssl.c:2370: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/openssl.c:2407: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/openssl.c:2409: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/openssl.c:2821: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./lib/vtls/openssl.c:3132: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/openssl.c:3167: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/openssl.c:3193: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/openssl.c:3240: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/polarssl.c:155: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/polarssl.c:364: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/polarssl.c:399: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/polarssl.c:405: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/polarssl.c:469: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/schannel.c:116: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/schannel.c:300: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/vtls/schannel.c:307: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/vtls/schannel.c:517: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/vtls/schannel.c:943: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/vtls/schannel.c:1198: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/vtls/schannel.c:1323: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/vtls/schannel.c:1606: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./lib/vtls/vtls.c:672: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/vtls/vtls.c:824: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./lib/vtls/vtls.c:861: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./lib/x509asn1.c:300: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./packages/OS400/ccsidcurl.c:58: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./packages/OS400/ccsidcurl.c:84: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./packages/OS400/ccsidcurl.c:85: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./packages/OS400/ccsidcurl.c:133: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./packages/OS400/ccsidcurl.c:470: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./packages/OS400/ccsidcurl.c:476: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./packages/OS400/ccsidcurl.c:728: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./packages/OS400/os400sys.c:769: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./packages/OS400/os400sys.c:789: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./packages/OS400/os400sys.c:1219: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./packages/OS400/os400sys.c:1333: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./packages/vms/curl_crtl_init.c:180: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_cb_dbg.c:53: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_cb_dbg.c:82: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./src/tool_cb_hdr.c:153: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./src/tool_cb_hdr.c:226: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_cb_prg.c:47: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_cb_prg.c:48: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_cb_wrt.c:47: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./src/tool_cb_wrt.c:57: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./src/tool_doswin.c:338: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_doswin.c:434: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./src/tool_doswin.c:490: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_easysrc.c:181: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./src/tool_formparse.c:151: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_formparse.c:153: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_formparse.c:154: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_getparam.c:720: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./src/tool_getparam.c:1206: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./src/tool_getparam.c:1272: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./src/tool_getparam.c:1328: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./src/tool_getparam.c:1331: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./src/tool_getparam.c:1774: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_getparam.c:1910: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./src/tool_getpass.c:230: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./src/tool_homedir.c:36: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_main.c:100: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_metalink.c:135: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_metalink.c:153: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_metalink.c:171: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_metalink.c:191: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_metalink.c:193: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./src/tool_metalink.c:210: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_metalink.c:212: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./src/tool_metalink.c:229: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_metalink.c:231: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./src/tool_metalink.c:283: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_metalink.c:300: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_metalink.c:317: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_metalink.c:337: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_metalink.c:355: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_metalink.c:373: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_metalink.c:410: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_metalink.c:431: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_metalink.c:452: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_metalink.c:565: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_metalink.c:602: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./src/tool_metalink.c:623: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_msgs.c:45: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_operate.c:149: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_operate.c:155: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./src/tool_operate.c:194: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_operate.c:325: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./src/tool_operate.c:604: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./src/tool_operate.c:608: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./src/tool_operate.c:660: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./src/tool_operate.c:663: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./src/tool_operate.c:669: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./src/tool_operhlp.c:178: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_paramhlp.c:61: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_paramhlp.c:418: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_paramhlp.c:419: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_paramhlp.c:454: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./src/tool_parsecfg.c:51: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_parsecfg.c:72: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./src/tool_parsecfg.c:118: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./src/tool_parsecfg.c:330: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_setopt.c:225: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). Risk is low because the source is a constant string. ./src/tool_setopt.c:229: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). Risk is low because the source is a constant string. ./src/tool_setopt.c:233: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). Risk is low because the source is a constant string. ./src/tool_setopt.c:237: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). Risk is low because the source is a constant string. ./src/tool_setopt.c:241: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). Risk is low because the source is a constant string. ./src/tool_setopt.c:302: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_setopt.c:345: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_setopt.c:494: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_strdup.c:42: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./src/tool_urlglob.c:56: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./src/tool_urlglob.c:367: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./src/tool_urlglob.c:456: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_urlglob.c:598: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./src/tool_urlglob.c:685: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./src/tool_writeenv.c:76: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/libtest/chkhostname.c:30: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/libtest/first.c:94: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/libtest/first.c:121: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/libtest/lib1502.c:49: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/libtest/lib1506.c:39: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/libtest/lib1506.c:40: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/libtest/lib1510.c:37: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/libtest/lib1510.c:38: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/libtest/lib1512.c:41: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/libtest/lib1512.c:44: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/libtest/lib1515.c:121: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/libtest/lib1515.c:134: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/libtest/lib1517.c:48: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./tests/libtest/lib1520.c:63: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./tests/libtest/lib1525.c:42: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./tests/libtest/lib1526.c:41: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./tests/libtest/lib1527.c:41: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./tests/libtest/lib1529.c:31: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/libtest/lib1900.c:33: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/libtest/lib1900.c:35: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/libtest/lib1900.c:36: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/libtest/lib1900.c:55: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/libtest/lib1900.c:61: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/libtest/lib1900.c:114: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/libtest/lib500.c:97: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/libtest/lib505.c:56: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/libtest/lib510.c:51: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./tests/libtest/lib518.c:55: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/libtest/lib518.c:87: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/libtest/lib518.c:108: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/libtest/lib518.c:109: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/libtest/lib518.c:110: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/libtest/lib518.c:134: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). Risk is low because the source is a constant string. ./tests/libtest/lib518.c:142: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). Risk is low because the source is a constant string. ./tests/libtest/lib518.c:200: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). Risk is low because the source is a constant string. ./tests/libtest/lib518.c:208: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). Risk is low because the source is a constant string. ./tests/libtest/lib518.c:326: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/libtest/lib525.c:56: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/libtest/lib530.c:39: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/libtest/lib537.c:56: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/libtest/lib537.c:88: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/libtest/lib537.c:110: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/libtest/lib537.c:111: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/libtest/lib537.c:135: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). Risk is low because the source is a constant string. ./tests/libtest/lib537.c:143: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). Risk is low because the source is a constant string. ./tests/libtest/lib537.c:195: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). Risk is low because the source is a constant string. ./tests/libtest/lib537.c:203: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). Risk is low because the source is a constant string. ./tests/libtest/lib537.c:320: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/libtest/lib540.c:191: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/libtest/lib541.c:48: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/libtest/lib544.c:70: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). Risk is low because the source is a constant string. ./tests/libtest/lib552.c:124: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/libtest/lib552.c:134: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./tests/libtest/lib553.c:36: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/libtest/lib553.c:48: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./tests/libtest/lib553.c:56: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/libtest/lib556.c:74: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/libtest/lib557.c:61: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/libtest/lib557.c:68: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/libtest/lib557.c:75: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/libtest/lib557.c:82: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/libtest/lib557.c:89: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/libtest/lib557.c:96: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/libtest/lib557.c:103: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/libtest/lib557.c:1409: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/libtest/lib557.c:1442: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/libtest/lib557.c:1546: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/libtest/lib566.c:54: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/libtest/lib568.c:79: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/libtest/lib568.c:83: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/libtest/lib569.c:44: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/libtest/lib571.c:109: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/libtest/lib572.c:98: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/libtest/lib572.c:102: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/libtest/lib578.c:34: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/libtest/lib579.c:56: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/libtest/lib579.c:80: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./tests/libtest/lib582.c:245: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/libtest/lib591.c:51: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/libtest/lib599.c:83: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/libtest/libntlmconnect.c:56: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./tests/libtest/testtrace.c:92: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/server/fake_ntlm.c:113: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/server/fake_ntlm.c:186: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/server/fake_ntlm.c:204: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/server/fake_ntlm.c:224: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/server/fake_ntlm.c:246: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/server/getpart.c:183: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./tests/server/getpart.c:218: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./tests/server/getpart.c:253: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/server/getpart.c:254: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/server/getpart.c:255: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/server/getpart.c:256: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/server/getpart.c:257: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/server/getpart.c:317: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./tests/server/getpart.c:379: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./tests/server/getpart.c:399: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./tests/server/rtspd.c:95: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/server/rtspd.c:100: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/server/rtspd.c:337: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/server/rtspd.c:338: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/server/rtspd.c:339: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/server/rtspd.c:340: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/server/rtspd.c:424: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/server/rtspd.c:504: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./tests/server/rtspd.c:515: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./tests/server/rtspd.c:688: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/server/rtspd.c:744: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/server/rtspd.c:910: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/server/rtspd.c:912: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/server/rtspd.c:942: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/server/rtspd.c:991: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/server/rtspd.c:1015: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/server/rtspd.c:1056: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/server/rtspd.c:1140: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/server/rtspd.c:1422: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/server/rtspd.c:1427: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/server/rtspd.c:1430: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/server/sockfilt.c:476: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/server/sockfilt.c:930: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/server/sockfilt.c:931: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/server/sws.c:95: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/server/sws.c:102: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/server/sws.c:362: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/server/sws.c:461: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/server/sws.c:462: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/server/sws.c:463: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/server/sws.c:795: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/server/sws.c:861: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/server/sws.c:1050: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/server/sws.c:1078: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/server/sws.c:1108: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/server/sws.c:1122: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/server/sws.c:1145: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/server/sws.c:1185: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/server/sws.c:1254: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/server/sws.c:1416: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/server/sws.c:1417: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/server/sws.c:1917: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/server/sws.c:1942: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/server/sws.c:1969: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/server/sws.c:2314: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/server/tftp.h:45: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/server/tftpd.c:128: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/server/tftpd.c:498: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./tests/server/tftpd.c:571: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/server/tftpd.c:574: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/server/tftpd.c:576: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/server/tftpd.c:638: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/server/tftpd.c:967: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/server/tftpd.c:1077: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/server/tftpd.c:1143: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/server/tftpd.c:1148: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/server/tftpd.c:1195: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/server/tftpd.c:1430: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./tests/server/util.c:68: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/server/util.c:92: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/server/util.c:98: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/server/util.c:122: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/server/util.c:140: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/server/util.c:188: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/server/util.c:256: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/server/util.c:274: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ./tests/unit/unit1304.c:28: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/unit/unit1304.c:52: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ./tests/unit/unit1307.c:34: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/unit/unit1307.c:35: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/unit/unit1395.c:71: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/unit/unit1398.c:32: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/unit/unit1398.c:35: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/unit/unit1600.c:44: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./tests/unit/unit1601.c:39: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ./docs/examples/anyauthput.c:110: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ./docs/examples/asiohiper.cpp:319: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers (CWE-120). ./docs/examples/cookie_interface.c:95: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./docs/examples/cookie_interface.c:112: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./docs/examples/curlx.c:449: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./docs/examples/curlx.c:451: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./docs/examples/curlx.c:492: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./docs/examples/curlx.c:493: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./docs/examples/curlx.c:493: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./docs/examples/evhiperfifo.c:380: [1] (buffer) fscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. ./docs/examples/fopen.c:486: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./docs/examples/hiperfifo.c:362: [1] (buffer) fscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. ./docs/examples/http2-download.c:152: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./docs/examples/http2-serverpush.c:172: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./docs/examples/http2-upload.c:133: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./docs/examples/http2-upload.c:190: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./docs/examples/http2-upload.c:193: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./docs/examples/imap-append.c:74: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./docs/examples/imap-append.c:114: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./docs/examples/multi-uv.c:80: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./docs/examples/post-callback.c:63: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./docs/examples/postinmemory.c:86: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./docs/examples/rtsp.c:53: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ./docs/examples/rtsp.c:154: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./docs/examples/rtsp.c:217: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./docs/examples/rtsp.c:218: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./docs/examples/rtsp.c:219: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./docs/examples/rtsp.c:221: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./docs/examples/rtsp.c:242: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./docs/examples/rtsp.c:242: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./docs/examples/rtsp.c:252: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./docs/examples/rtsp.c:252: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./docs/examples/rtsp.c:256: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./docs/examples/rtsp.c:256: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./docs/examples/sendrecv.c:65: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./docs/examples/simplepost.c:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./docs/examples/smtp-mail.c:75: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./docs/examples/smtp-multi.c:76: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./docs/examples/smtp-ssl.c:76: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./docs/examples/smtp-tls.c:76: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./docs/examples/synctime.c:151: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./docs/examples/synctime.c:187: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./docs/examples/synctime.c:190: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./docs/examples/synctime.c:277: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./docs/examples/synctime.c:286: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./docs/examples/synctime.c:289: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./docs/examples/synctime.c:301: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./docs/examples/synctime.c:319: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./docs/examples/synctime.c:321: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./docs/examples/synctime.c:326: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./docs/examples/synctime.c:340: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./docs/examples/synctime.c:356: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/asyn-thread.c:273: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/asyn-thread.c:647: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/base64.c:114: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/base64.c:191: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/base64.c:237: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/base64.c:243: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/base64.c:250: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/base64.c:269: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/conncache.c:156: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/conncache.c:168: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/connect.c:269: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/connect.c:277: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/connect.c:278: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/connect.c:281: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/connect.c:282: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/connect.c:322: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/connect.c:647: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/cookie.c:122: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/cookie.c:123: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/cookie.c:158: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/cookie.c:172: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/cookie.c:188: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/cookie.c:231: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/cookie.c:428: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/cookie.c:429: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/cookie.c:915: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/cookie.c:1034: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/cookie.c:1035: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/cookie.c:1041: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/cookie.c:1042: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/curl_addrinfo.c:502: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/curl_gethostname.c:69: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers (CWE-120). ./lib/curl_gssapi.c:95: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/curl_ntlm_core.c:448: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/curl_ntlm_core.c:537: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/curl_ntlm_wb.c:262: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/curl_sasl.c:385: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/curl_setup_once.h:131: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ./lib/curl_sspi.c:179: [1] (buffer) _tcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/curl_sspi.c:188: [1] (buffer) _tcsncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers (CWE-120). ./lib/curl_sspi.c:206: [1] (buffer) _tcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/dotdot.c:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/dotdot.c:173: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/escape.c:94: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/escape.c:128: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/escape.c:153: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/file.c:479: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/file.c:496: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/file.c:569: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ./lib/formdata.c:94: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/formdata.c:204: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/formdata.c:204: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/formdata.c:206: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/formdata.c:206: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/formdata.c:655: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/formdata.c:669: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/formdata.c:842: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/formdata.c:1120: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ftp.c:1016: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ftp.c:1019: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ftp.c:1020: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ftp.c:1022: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ftp.c:1023: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ftp.c:1040: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers (CWE-120). ./lib/ftp.c:1062: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers (CWE-120). ./lib/ftp.c:1324: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/ftp.c:1524: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ftp.c:2110: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/ftp.c:2134: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/ftp.c:2321: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/ftp.c:3244: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ftp.c:3245: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ftp.c:4045: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ftp.c:4207: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ftp.c:4355: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ftp.c:4356: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/gopher.c:89: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/gopher.c:91: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/gopher.c:102: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/hostcheck.c:74: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/hostcheck.c:77: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/hostip.c:304: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/hostip.c:390: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/hostip.c:804: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/hostip.c:824: [1] (buffer) sscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. ./lib/hostip.c:845: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/hostip4.c:147: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/hostip6.c:214: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/http.c:181: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/http.c:205: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/http.c:300: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/http.c:303: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/http.c:416: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/http.c:840: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/http.c:1221: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/http.c:1305: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/http.c:1333: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/http.c:1694: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/http.c:1969: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/http.c:2035: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/http.c:2036: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/http.c:2037: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/http.c:2081: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/http.c:2084: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/http.c:2250: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/http.c:2549: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/http.c:2761: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/http.c:2799: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/http.c:3275: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers (CWE-120). ./lib/http.c:3444: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/http.c:3675: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/http2.c:225: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/http2.c:333: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/http2.c:1749: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/http2.c:1771: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/http2.c:1784: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/http2.c:1789: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/http2.c:1820: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/http_digest.c:63: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/http_negotiate.c:78: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/http_negotiate.c:82: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/http_ntlm.c:73: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/http_proxy.c:522: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/idn_win32.c:96: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/if2ip.c:170: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/if2ip.c:178: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/if2ip.c:222: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/imap.c:252: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/imap.c:293: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/imap.c:403: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/imap.c:1029: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/imap.c:1438: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). Risk is low because the source is a constant character. ./lib/imap.c:1768: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/imap.c:1838: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/inet_ntop.c:58: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/inet_ntop.c:64: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/inet_ntop.c:148: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/inet_ntop.c:151: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/krb5.c:197: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/ldap.c:454: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ldap.c:514: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/md5.c:516: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/memdebug.c:231: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/memdebug.c:255: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/mprintf.c:835: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/mprintf.c:893: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/mprintf.c:959: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/openldap.c:202: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/openldap.c:267: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/parsedate.c:358: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/pingpong.c:191: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/pipeline.c:273: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/pop3.c:303: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/pop3.c:478: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/pop3.c:481: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/pop3.c:488: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/pop3.c:657: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/pop3.c:708: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/progress.c:52: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/progress.c:55: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/progress.c:74: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/progress.c:78: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/progress.c:86: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/progress.c:90: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/progress.c:96: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/progress.c:100: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/progress.c:104: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/progress.c:112: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/rand.c:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/rand.c:76: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ./lib/rtsp.c:517: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/rtsp.c:790: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/security.c:243: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ./lib/sendf.c:232: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/sendf.c:250: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/sendf.c:254: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/sendf.c:283: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/sendf.c:617: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/sendf.c:830: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/sendf.c:832: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/smb.c:122: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/smb.c:127: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/smb.c:437: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/smb.c:437: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/smb.c:438: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/smb.c:438: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/smb.c:482: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/smb.c:482: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/smb.c:483: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/smb.c:509: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/smb.c:515: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/smtp.c:291: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/smtp.c:715: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/smtp.c:859: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/socks.c:210: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/socks.c:227: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/socks.c:236: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/socks.c:253: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/socks.c:387: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/socks.c:499: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/socks.c:500: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/socks_gssapi.c:126: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/socks_gssapi.c:149: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/socks_gssapi.c:152: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/socks_gssapi.c:153: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/socks_sspi.c:89: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/socks_sspi.c:107: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/socks_sspi.c:110: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/socks_sspi.c:111: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ssh.c:113: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ssh.c:234: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ssh.c:441: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ssh.c:671: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/ssh.c:678: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ssh.c:776: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ssh.c:900: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ssh.c:936: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ssh.c:938: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ssh.c:1075: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ssh.c:1248: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ssh.c:1253: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ssh.c:1440: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ssh.c:1511: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ssh.c:1533: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ssh.c:1535: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ssh.c:1556: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ssh.c:1575: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ssh.c:1577: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ssh.c:1600: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ssh.c:1618: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ssh.c:1639: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ssh.c:1675: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ssh.c:1703: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ssh.c:1720: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ssh.c:1741: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ssh.c:1772: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ssh.c:1801: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ssh.c:1906: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ssh.c:1932: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ssh.c:1972: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ssh.c:2048: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ssh.c:2073: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/ssh.c:2106: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ssh.c:2129: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/ssh.c:2140: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/ssh.c:2186: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ssh.c:2213: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ssh.c:3335: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/ssh.c:3344: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/strcase.h:46: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/strdup.c:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/strerror.c:612: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers (CWE-120). ./lib/strerror.c:656: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers (CWE-120). ./lib/strerror.c:661: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/strerror.c:675: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/strerror.c:687: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers (CWE-120). ./lib/strerror.c:689: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/strerror.c:699: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers (CWE-120). ./lib/strerror.c:701: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/strerror.c:707: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers (CWE-120). ./lib/strerror.c:709: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/strerror.c:1004: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers (CWE-120). ./lib/strerror.c:1006: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/strerror.c:1013: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/strerror.c:1049: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/strerror.c:1051: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers (CWE-120). ./lib/strerror.c:1064: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers (CWE-120). ./lib/system_win32.c:306: [1] (buffer) _tcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/system_win32.c:310: [1] (buffer) _tcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/system_win32.c:311: [1] (buffer) _tcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/telnet.c:832: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/telnet.c:844: [1] (buffer) sscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. ./lib/telnet.c:849: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers (CWE-120). ./lib/telnet.c:857: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers (CWE-120). ./lib/telnet.c:940: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/telnet.c:941: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/telnet.c:952: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/telnet.c:953: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/telnet.c:964: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/telnet.c:970: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/telnet.c:973: [1] (buffer) sscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. ./lib/telnet.c:974: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/telnet.c:981: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/telnet.c:1627: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ./lib/tftp.c:328: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/tftp.c:409: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/tftp.c:412: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/tftp.c:493: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/tftp.c:496: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/tftp.c:496: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/tftp.c:505: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). Risk is low because the source is a constant character. ./lib/tftp.c:513: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/tftp.c:521: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/transfer.c:182: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/transfer.c:195: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/transfer.c:206: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/transfer.c:218: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/transfer.c:1437: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/transfer.c:1599: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/url.c:317: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/url.c:2767: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/url.c:2773: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/url.c:4002: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/url.c:4298: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/url.c:4337: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/url.c:4406: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/url.c:4443: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/url.c:4444: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/url.c:4460: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). Risk is low because the source is a constant character. ./lib/url.c:4472: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/url.c:4502: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/url.c:4504: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/url.c:4506: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/url.c:4509: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/url.c:4509: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/url.c:4558: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/url.c:4567: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers (CWE-120). ./lib/url.c:4581: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/url.c:4584: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/url.c:4740: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/url.c:4745: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/url.c:5043: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/url.c:5086: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers (CWE-120). ./lib/url.c:5091: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers (CWE-120). ./lib/url.c:5408: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/url.c:5698: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/url.c:6067: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vauth/cleartext.c:73: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vauth/cleartext.c:74: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vauth/cleartext.c:125: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vauth/cram.c:61: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vauth/cram.c:104: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vauth/cram.c:109: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vauth/digest.c:63: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vauth/digest.c:144: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/vauth/digest.c:195: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vauth/digest.c:265: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vauth/digest.c:289: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily misused). Risk is low because the source is a constant character. ./lib/vauth/digest.c:396: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/vauth/digest.c:405: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vauth/digest.c:408: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vauth/digest.c:411: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vauth/digest.c:421: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vauth/digest.c:424: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vauth/digest.c:429: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/vauth/digest.c:445: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vauth/digest.c:448: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vauth/digest.c:452: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/vauth/digest.c:465: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vauth/digest.c:469: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vauth/digest.c:472: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vauth/digest.c:475: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vauth/digest.c:482: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/vauth/digest.c:691: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/vauth/digest.c:694: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vauth/digest.c:870: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vauth/digest_sspi.c:113: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vauth/digest_sspi.c:295: [1] (buffer) _tcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vauth/digest_sspi.c:336: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vauth/digest_sspi.c:460: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vauth/krb5_gssapi.c:113: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vauth/krb5_gssapi.c:232: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vauth/krb5_sspi.c:296: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vauth/krb5_sspi.c:395: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vauth/ntlm.c:285: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vauth/ntlm.c:543: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vauth/ntlm.c:552: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vauth/ntlm_sspi.c:199: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vauth/oauth2.c:81: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vauth/spnego_gssapi.c:112: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vauth/vauth.c:136: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/version.c:89: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/version.c:104: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/version.c:110: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/version.c:116: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/version.c:122: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/version.c:127: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/version.c:133: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/version.c:137: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/version.c:143: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/version.c:162: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/version.c:391: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/vtls/axtls.c:680: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/vtls/cyassl.c:305: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vtls/cyassl.c:368: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vtls/cyassl.c:373: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vtls/cyassl.c:377: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vtls/cyassl.c:724: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/vtls/cyassl.c:726: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/vtls/cyassl.c:728: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/vtls/darwinssl.c:139: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ./lib/vtls/darwinssl.c:861: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vtls/darwinssl.c:977: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vtls/darwinssl.c:1262: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vtls/darwinssl.c:1407: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vtls/darwinssl.c:1568: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vtls/darwinssl.c:1674: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ./lib/vtls/darwinssl.c:2355: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ./lib/vtls/darwinssl.c:2384: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/vtls/gskit.c:324: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vtls/gskit.c:360: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vtls/gskit.c:661: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ./lib/vtls/gskit.c:1262: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ./lib/vtls/gskit.c:1281: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers (CWE-120). Risk is low because the source is a constant string. ./lib/vtls/gskit.c:1282: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vtls/gtls.c:224: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/vtls/gtls.c:544: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vtls/gtls.c:1600: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/vtls/mbedtls.c:728: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/vtls/nss.c:404: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vtls/nss.c:2130: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/vtls/openssl.c:169: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vtls/openssl.c:1156: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vtls/openssl.c:1237: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vtls/openssl.c:1250: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vtls/openssl.c:1551: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/vtls/openssl.c:1573: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/vtls/openssl.c:2259: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/vtls/openssl.c:2372: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/vtls/openssl.c:2433: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/vtls/openssl.c:3265: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/vtls/polarssl.c:661: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/vtls/schannel.c:1514: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/vtls/vtls.c:661: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vtls/vtls.c:669: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/vtls/vtls.c:697: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vtls/vtls.c:818: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/vtls/vtls.c:837: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/warnless.c:483: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ./lib/warnless.h:78: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ./lib/warnless.h:79: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ./lib/x509asn1.c:213: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./lib/x509asn1.c:1129: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./lib/x509asn1.c:1183: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./packages/OS400/ccsidcurl.c:129: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./packages/OS400/ccsidcurl.c:174: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./packages/OS400/ccsidcurl.c:246: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./packages/OS400/ccsidcurl.c:318: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./packages/OS400/ccsidcurl.c:428: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./packages/OS400/ccsidcurl.c:434: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./packages/OS400/ccsidcurl.c:437: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./packages/OS400/ccsidcurl.c:440: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./packages/OS400/ccsidcurl.c:443: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./packages/OS400/ccsidcurl.c:446: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./packages/OS400/ccsidcurl.c:449: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./packages/OS400/ccsidcurl.c:452: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./packages/OS400/ccsidcurl.c:524: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./packages/OS400/ccsidcurl.c:549: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./packages/OS400/ccsidcurl.c:574: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./packages/OS400/ccsidcurl.c:749: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./packages/OS400/os400sys.c:249: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./packages/OS400/os400sys.c:292: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./packages/OS400/os400sys.c:298: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./packages/OS400/os400sys.c:324: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./packages/OS400/os400sys.c:334: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./packages/OS400/os400sys.c:522: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./packages/OS400/os400sys.c:933: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./packages/OS400/os400sys.c:958: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./packages/OS400/os400sys.c:968: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./packages/OS400/os400sys.c:1004: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./packages/OS400/os400sys.c:1015: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./packages/OS400/os400sys.c:1033: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./packages/OS400/os400sys.c:1074: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./packages/OS400/os400sys.c:1117: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./packages/OS400/os400sys.c:1149: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./packages/OS400/os400sys.c:1181: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./packages/vms/curl_crtl_init.c:103: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./packages/vms/curl_crtl_init.c:132: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./packages/vms/curl_crtl_init.c:137: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./packages/vms/curl_crtl_init.c:141: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./packages/vms/report_openssl_version.c:84: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./packages/vms/report_openssl_version.c:89: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_cb_dbg.c:68: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./src/tool_cb_hdr.c:205: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_cb_hdr.c:227: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./src/tool_cb_prg.c:93: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./src/tool_cb_prg.c:130: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_cb_rea.c:42: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ./src/tool_dirhie.c:111: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_dirhie.c:132: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_dirhie.c:134: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./src/tool_dirhie.c:140: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./src/tool_doswin.c:166: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_doswin.c:179: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers (CWE-120). ./src/tool_doswin.c:233: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_doswin.c:247: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_doswin.c:292: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_doswin.c:357: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_doswin.c:507: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_doswin.c:511: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers (CWE-120). ./src/tool_doswin.c:516: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_doswin.c:521: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers (CWE-120). ./src/tool_doswin.c:564: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_doswin.c:567: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_doswin.c:591: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_doswin.c:593: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_formparse.c:179: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_formparse.c:217: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_formparse.c:217: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_formparse.c:335: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_getparam.c:313: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_getparam.c:342: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers (CWE-120). ./src/tool_getparam.c:394: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_getparam.c:443: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_getparam.c:591: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_getparam.c:1223: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_getparam.c:1240: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_getparam.c:1247: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./src/tool_getparam.c:1284: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_getparam.c:1303: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_getparam.c:1309: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_getparam.c:1406: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_getparam.c:1780: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./src/tool_getpass.c:87: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_getpass.c:100: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ./src/tool_getpass.c:237: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ./src/tool_main.c:101: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_main.c:115: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_metalink.c:624: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ./src/tool_metalink.c:675: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_metalink.c:898: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_msgs.c:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_operate.c:1728: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_operhlp.c:83: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_operhlp.c:179: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./src/tool_panykey.c:41: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ./src/tool_paramhlp.c:75: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_paramhlp.c:146: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_paramhlp.c:168: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_paramhlp.c:210: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_paramhlp.c:393: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_paramhlp.c:421: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_paramhlp.c:440: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_parsecfg.c:64: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_parsecfg.c:64: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_parsecfg.c:65: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./src/tool_parsecfg.c:90: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_parsecfg.c:91: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_parsecfg.c:92: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./src/tool_parsecfg.c:176: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_parsecfg.c:344: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_parsecfg.c:345: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_setopt.c:217: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_setopt.c:245: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./src/tool_setopt.c:305: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./src/tool_setopt.c:316: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./src/tool_setopt.c:316: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_setopt.c:348: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./src/tool_setopt.c:359: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./src/tool_setopt.c:359: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_setopt.c:516: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./src/tool_strdup.c:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_urlglob.c:438: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_urlglob.c:448: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_urlglob.c:459: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./src/tool_urlglob.c:559: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./src/tool_urlglob.c:561: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_urlglob.c:574: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./src/tool_urlglob.c:577: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_urlglob.c:609: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_urlglob.c:639: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_urlglob.c:649: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./src/tool_urlglob.c:653: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_xattr.c:66: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_xattr.c:68: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./src/tool_xattr.c:71: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/libtest/first.c:95: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/libtest/first.c:109: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/libtest/first.c:127: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/libtest/lib1502.c:54: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/libtest/lib1506.c:49: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/libtest/lib1506.c:73: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/libtest/lib1510.c:47: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/libtest/lib1510.c:77: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/libtest/lib1512.c:52: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/libtest/lib1512.c:62: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/libtest/lib1515.c:125: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/libtest/lib1515.c:135: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/libtest/lib1517.c:62: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/libtest/lib1520.c:62: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/libtest/lib1525.c:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/libtest/lib1525.c:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/libtest/lib1525.c:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/libtest/lib1525.c:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/libtest/lib1525.c:85: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/libtest/lib1526.c:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/libtest/lib1526.c:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/libtest/lib1526.c:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/libtest/lib1526.c:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/libtest/lib1526.c:88: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/libtest/lib1527.c:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/libtest/lib1527.c:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/libtest/lib1527.c:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/libtest/lib1527.c:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/libtest/lib1527.c:86: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/libtest/lib1529.c:32: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/libtest/lib1900.c:116: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/libtest/lib508.c:58: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/libtest/lib510.c:50: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/libtest/lib518.c:60: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/libtest/lib518.c:62: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/libtest/lib518.c:240: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/libtest/lib518.c:291: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/libtest/lib518.c:328: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/libtest/lib518.c:350: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/libtest/lib518.c:354: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/libtest/lib518.c:362: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/libtest/lib518.c:400: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/libtest/lib518.c:415: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/libtest/lib518.c:438: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/libtest/lib518.c:442: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/libtest/lib530.c:56: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/libtest/lib537.c:61: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/libtest/lib537.c:63: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/libtest/lib537.c:280: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/libtest/lib537.c:322: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/libtest/lib537.c:344: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/libtest/lib537.c:348: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/libtest/lib537.c:356: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/libtest/lib537.c:404: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/libtest/lib537.c:419: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/libtest/lib537.c:442: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/libtest/lib537.c:445: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/libtest/lib540.c:203: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/libtest/lib547.c:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/libtest/lib547.c:58: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/libtest/lib547.c:114: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/libtest/lib553.c:78: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/libtest/lib554.c:79: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/libtest/lib554.c:109: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/libtest/lib555.c:54: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/libtest/lib555.c:57: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/libtest/lib555.c:101: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/libtest/lib556.c:76: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/libtest/lib557.c:206: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/libtest/lib557.c:376: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/libtest/lib557.c:526: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/libtest/lib557.c:754: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/libtest/lib557.c:903: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/libtest/lib557.c:1131: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/libtest/lib557.c:1360: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/libtest/lib557.c:1390: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/libtest/lib579.c:79: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/libtest/lib582.c:41: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ./tests/libtest/lib582.c:114: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ./tests/libtest/lib582.c:120: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ./tests/libtest/lib582.c:310: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ./tests/libtest/lib582.c:326: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ./tests/libtest/lib582.c:355: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ./tests/libtest/libauthretry.c:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/libtest/libauthretry.c:41: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/libtest/libntlmconnect.c:106: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/libtest/libntlmconnect.c:149: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/libtest/libntlmconnect.c:153: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/libtest/sethostname.c:34: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers (CWE-120). ./tests/libtest/testtrace.c:109: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/server/fake_ntlm.c:65: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/fake_ntlm.c:79: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/server/fake_ntlm.c:169: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/fake_ntlm.c:245: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/getpart.c:106: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/getpart.c:156: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/rtspd.c:352: [1] (buffer) sscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. ./tests/server/rtspd.c:383: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/rtspd.c:383: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/rtspd.c:384: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/server/rtspd.c:387: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/server/rtspd.c:418: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/server/rtspd.c:457: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/rtspd.c:461: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/rtspd.c:466: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/rtspd.c:542: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/server/rtspd.c:582: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/rtspd.c:626: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/rtspd.c:691: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/rtspd.c:692: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/rtspd.c:693: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/rtspd.c:696: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/rtspd.c:708: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/rtspd.c:720: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/rtspd.c:922: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/rtspd.c:952: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/server/rtspd.c:954: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/rtspd.c:955: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/server/rtspd.c:983: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/rtspd.c:989: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/server/rtspd.c:1145: [1] (buffer) sscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. ./tests/server/rtspd.c:1242: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/sockfilt.c:293: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ./tests/server/sockfilt.c:309: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ./tests/server/sockfilt.c:310: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ./tests/server/sockfilt.c:362: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ./tests/server/sockfilt.c:486: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/server/sockfilt.c:492: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/server/sockfilt.c:498: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/server/sockfilt.c:1067: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/server/sockfilt.c:1068: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/sockfilt.c:1069: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/server/sockfilt.c:1162: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/server/sockfilt.c:1398: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/sockfilt.c:1415: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/sws.c:392: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/sws.c:396: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/sws.c:401: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/sws.c:406: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/sws.c:410: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/sws.c:499: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/sws.c:499: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/sws.c:500: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/server/sws.c:503: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/server/sws.c:536: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/server/sws.c:557: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/server/sws.c:628: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/server/sws.c:679: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/server/sws.c:689: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/sws.c:733: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/sws.c:798: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/sws.c:800: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/sws.c:801: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/sws.c:804: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/sws.c:816: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/sws.c:836: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/sws.c:1058: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/sws.c:1088: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/server/sws.c:1089: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/sws.c:1091: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/server/sws.c:1093: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/server/sws.c:1105: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/sws.c:1116: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/server/sws.c:1118: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/server/sws.c:1259: [1] (buffer) sscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. ./tests/server/sws.c:2023: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/sws.c:2040: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/sws.c:2085: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/server/sws.c:2144: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers (CWE-120). ./tests/server/sws.c:2311: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/tftpd.c:572: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/server/tftpd.c:724: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/tftpd.c:1149: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/server/tftpd.c:1192: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/server/tftpd.c:1426: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/server/util.c:80: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/server/util.c:115: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/server/util.c:145: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/unit/unit1304.c:52: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/unit/unit1305.c:133: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/unit/unit1396.c:101: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/unit/unit1603.c:63: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/unit/unit1603.c:64: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/unit/unit1603.c:65: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/unit/unit1603.c:66: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/unit/unit1603.c:70: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/unit/unit1603.c:72: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/unit/unit1603.c:75: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/unit/unit1603.c:77: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/unit/unit1603.c:80: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/unit/unit1603.c:82: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/unit/unit1603.c:86: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/unit/unit1603.c:88: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/unit/unit1603.c:92: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/unit/unit1603.c:94: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/unit/unit1603.c:96: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/unit/unit1603.c:98: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/unit/unit1603.c:102: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/unit/unit1603.c:104: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/unit/unit1603.c:106: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/unit/unit1603.c:110: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/unit/unit1603.c:112: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/unit/unit1603.c:116: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/unit/unit1603.c:118: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/unit/unit1603.c:120: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/unit/unit1603.c:124: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/unit/unit1603.c:126: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/unit/unit1603.c:128: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/unit/unit1603.c:132: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/unit/unit1603.c:136: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/unit/unit1603.c:138: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/unit/unit1603.c:142: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/unit/unit1603.c:144: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ./tests/unit/unit1604.c:49: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ./tests/unit/unit1604.c:61: [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else. ANALYSIS SUMMARY: Hits = 1804 Lines analyzed = 188366 in approximately 3.01 seconds (62585 lines/second) Physical Source Lines of Code (SLOC) = 122850 Hits@level = [0] 0 [1] 833 [2] 791 [3] 40 [4] 140 [5] 0 Hits@level+ = [0+] 1804 [1+] 1804 [2+] 971 [3+] 180 [4+] 140 [5+] 0 Hits/KSLOC@level+ = [0+] 14.6846 [1+] 14.6846 [2+] 7.90395 [3+] 1.4652 [4+] 1.1396 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming for Linux and Unix HOWTO' (http://www.dwheeler.com/secure-programs) for more information. firehose-0.5/tests/parsers/example-output/splint/000077500000000000000000000000001311207242100222765ustar00rootroot00000000000000firehose-0.5/tests/parsers/example-output/splint/README.txt000066400000000000000000000003351311207242100237750ustar00rootroot00000000000000These files were generated using: splint \ -strict \ -csv unconditional-file-leak.csv \ examples/unconditional-file-leak.c \ > unconditional-file-leak.stdout \ 2> unconditional-file-leak.stderr firehose-0.5/tests/parsers/example-output/splint/unconditional-file-leak.csv000066400000000000000000000041171311207242100275130ustar00rootroot00000000000000Warning, Flag Code, Flag Name, Priority, File, Line, Column, Warning Text, Additional Text 1,136,internalglobs,1,examples/unconditional-file-leak.c,7,7,"Called procedure fopen may access file system state, but globals list does not include globals fileSystem","A called function uses internal state, but the globals list for the function being checked does not include internalState" 2,126,modfilesys,1,examples/unconditional-file-leak.c,7,7,"Undocumented modification of file system state possible from call to fopen: fopen(filename, "w")","report undocumented file system modifications (applies to unspecified functions if modnomods is set)" 3,136,internalglobs,1,examples/unconditional-file-leak.c,9,5,"Called procedure fprintf may access file system state, but globals list does not include globals fileSystem","A called function uses internal state, but the globals list for the function being checked does not include internalState" 4,126,modfilesys,1,examples/unconditional-file-leak.c,9,5,"Undocumented modification of file system state possible from call to fprintf: fprintf(f, "%i: %i", i, i * i)","report undocumented file system modifications (applies to unspecified functions if modnomods is set)" 5,2,nullpass,1,examples/unconditional-file-leak.c,9,14,"Possibly null storage f passed as non-null param: fprintf (f, ...)","A possibly null pointer is passed as a parameter corresponding to a formal parameter with no /*@null@*/ annotation. If NULL may be used for this parameter, add a /*@null@*/ annotation to the function parameter declaration." 6,182,forblock,1,examples/unconditional-file-leak.c,9,5,"Body of for statement is not a block: fprintf(f, "%i: %i", i, i * i);","Loop body is a single statement, not a compound block." 7,300,fcnuse,1,examples/unconditional-file-leak.c,3,6,"Function test declared but not used","A function is declared but not used. Use /*@unused@*/ in front of function header to suppress message." 8,295,exportheader,1,examples/unconditional-file-leak.c,3,6,"Function test exported but not declared in header file","A declaration is exported, but does not appear in a header file." firehose-0.5/tests/parsers/example-output/splint/unconditional-file-leak.stderr000066400000000000000000000002711311207242100302200ustar00rootroot00000000000000Splint 3.1.2 --- 04 Aug 2013 Specified CSV output file already exists (use +csvoverwrite to automatically overwrite): unconditional-file-leak.csv Finished checking --- 8 code warnings firehose-0.5/tests/parsers/example-output/splint/unconditional-file-leak.stdout000066400000000000000000000042561311207242100302460ustar00rootroot00000000000000examples/unconditional-file-leak.c: (in function test) examples/unconditional-file-leak.c:7:7: Called procedure fopen may access file system state, but globals list does not include globals fileSystem A called function uses internal state, but the globals list for the function being checked does not include internalState (Use -internalglobs to inhibit warning) examples/unconditional-file-leak.c:7:7: Undocumented modification of file system state possible from call to fopen: fopen(filename, "w") report undocumented file system modifications (applies to unspecified functions if modnomods is set) (Use -modfilesys to inhibit warning) examples/unconditional-file-leak.c:9:5: Called procedure fprintf may access file system state, but globals list does not include globals fileSystem examples/unconditional-file-leak.c:9:5: Undocumented modification of file system state possible from call to fprintf: fprintf(f, "%i: %i", i, i * i) examples/unconditional-file-leak.c:9:14: Possibly null storage f passed as non-null param: fprintf (f, ...) A possibly null pointer is passed as a parameter corresponding to a formal parameter with no /*@null@*/ annotation. If NULL may be used for this parameter, add a /*@null@*/ annotation to the function parameter declaration. (Use -nullpass to inhibit warning) examples/unconditional-file-leak.c:7:7: Storage f may become null examples/unconditional-file-leak.c:9:5: Body of for statement is not a block: fprintf(f, "%i: %i", i, i * i); Loop body is a single statement, not a compound block. (Use -forblock to inhibit warning) examples/unconditional-file-leak.c:3:6: Function test declared but not used A function is declared but not used. Use /*@unused@*/ in front of function header to suppress message. (Use -fcnuse to inhibit warning) examples/unconditional-file-leak.c:10:1: Definition of test examples/unconditional-file-leak.c:3:6: Function test exported but not declared in header file A declaration is exported, but does not appear in a header file. (Use -exportheader to inhibit warning) examples/unconditional-file-leak.c:10:1: Definition of test firehose-0.5/tests/parsers/test_clanganalyzer_parser.py000066400000000000000000000247521311207242100236250ustar00rootroot00000000000000# Copyright 2013, 2017 Red Hat, Inc. # # This library is free software; you can redistribute it and/or # modify it under the terms of the GNU Lesser General Public # License as published by the Free Software Foundation; either # version 2.1 of the License, or (at your option) any later version. # # This library is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # Lesser General Public License for more details. # # You should have received a copy of the GNU Lesser General Public # License along with this library; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 # USA import os import unittest from firehose.parsers.clanganalyzer import parse_plist from firehose.model import Analysis, Issue, Sut, Trace class TestParsePlist(unittest.TestCase): def parse_example(self, filename): a = parse_plist(os.path.join(os.path.dirname(__file__), 'example-output/clanganalyzer', filename), file_=None, stats=None) return a def test_example_001(self): a = self.parse_example('report-001.plist') self.assertEqual(a.metadata.generator.name, 'clang-analyzer') self.assertEqual(a.metadata.generator.version, None) self.assertEqual(len(a.results), 2) w0 = a.results[0] self.assertEqual(w0.cwe, None) self.assertEqual(w0.testid, 'Dead assignment') self.assertEqual(w0.message.text, "Value stored to 'ret' is never read") self.assertEqual(w0.notes, None) self.assertEqual(w0.location.file.givenpath, 'python-ethtool/ethtool.c') self.assertEqual(w0.location.file.abspath, None) self.assertEqual(w0.location.function, None) self.assertEqual(w0.location.line, 130) self.assertEqual(w0.location.column, 2) self.assertNotEqual(w0.trace, None) self.assertEqual(len(w0.trace.states), 1) s0 = w0.trace.states[0] self.assertEqual(s0.location.file.givenpath, 'python-ethtool/ethtool.c') self.assertEqual(s0.location.file.abspath, None) self.assertEqual(s0.location.function.name, '') self.assertEqual(s0.location.line, 130) self.assertEqual(s0.location.column, 2) self.assertEqual(s0.notes.text, "Value stored to 'ret' is never read") def test_example_002(self): a = self.parse_example('report-002.plist') self.assertEqual(a.metadata.generator.name, 'clang-analyzer') self.assertEqual(a.metadata.generator.version, None) self.assertEqual(len(a.results), 4) w0 = a.results[0] self.assertEqual(w0.testid, 'Dead assignment') self.assertEqual(w0.message.text, "Value stored to 'error' is never read") self.assertEqual(w0.location.file.givenpath, 'search.c') self.assertEqual(w0.location.line, 454) self.assertEqual(w0.location.column, 3) w1 = a.results[1] self.assertEqual(w1.testid, 'Dead increment') self.assertEqual(w1.message.text, "Value stored to 'pol_opt' is never read") self.assertEqual(w1.location.file.givenpath, 'search.c') self.assertEqual(w1.location.line, 824) self.assertEqual(w1.location.column, 2) w2 = a.results[2] self.assertEqual(w2.testid, 'Dereference of null pointer') self.assertEqual(w2.message.text, "Access to field 'ob_refcnt' results in a dereference of a null pointer (loaded from variable 'dict')") self.assertEqual(w2.location.file.givenpath, 'search.c') self.assertEqual(w2.location.line, 215) self.assertEqual(w2.location.column, 2) trace2 = w2.trace self.assertIsInstance(trace2, Trace) self.assertEqual(len(trace2.states), 13) # s0 and s1 come from the first control edge in the input file: # 'path': [{'edges': [{'end': [{'col': 9, # 'file': 0, # 'line': 161}, # {'col': 9, # 'file': 0, # 'line': 161}], # 'start': [{'col': 2, # 'file': 0, # 'line': 161}, # {'col': 2, # 'file': 0, # 'line': 161}]}], # 'kind': 'control'}, s0 = trace2.states[0] self.assertEqual(s0.location.point.line, 161) self.assertEqual(s0.location.point.column, 2) self.assertEqual(s0.location.range_, None) s1 = trace2.states[1] self.assertEqual(s1.location.point.line, 161) self.assertEqual(s1.location.point.column, 9) self.assertEqual(s1.location.range_, None) # s2 comes from the endpoint of the second control edge in the # input file (the startpoint == s1). # {'edges': [{'end': [{'col': 18, # 'file': 0, # 'line': 165}, # {'col': 21, # 'file': 0, # 'line': 165}], # 'start': [{'col': 9, # 'file': 0, # 'line': 161}, # {'col': 9, # 'file': 0, # 'line': 161}]}], # 'kind': 'control'}, # # It is a range rather than a point: s2 = trace2.states[2] self.assertEqual(s2.location.point, None) self.assertEqual(s2.location.range_.start.line, 165) self.assertEqual(s2.location.range_.start.column, 18) self.assertEqual(s2.location.range_.end.line, 165) self.assertEqual(s2.location.range_.end.column, 21) # s3 comes from the next entry in the input file, which is the first # "event" in the trace: # {'extended_message': "Variable 'dict' initialized to a null pointer value", # 'kind': 'event', # 'location': {'col': 18, # 'file': 0, # 'line': 165}, # 'message': "Variable 'dict' initialized to a null pointer value", # 'ranges': [[{'col': 18, # 'file': 0, # 'line': 165}, # {'col': 21, # 'file': 0, # 'line': 165}]]}, s3 = trace2.states[3] # The importer uses the 'location' point for the event, and hence # is treated as a different location. However, as an event, it is # always given its own state in the imported data: self.assertEqual(s3.location.point.line, 165) self.assertEqual(s3.location.point.column, 18) self.assertEqual(s3.notes.text, "Variable 'dict' initialized to a null pointer value") self.assertEqual(s3.location.range_, None) # The next entry in the input file is another kind == 'control': # {'edges': [{'end': [{'col': 2, # 'file': 0, # 'line': 171}, # {'col': 2, # 'file': 0, # 'line': 171}], # 'start': [{'col': 18, # 'file': 0, # 'line': 165}, # {'col': 21, # 'file': 0, # 'line': 165}]}], # 'kind': 'control'}, # The "start" is range-based, whereas the previous event was # handled as a point, so the importer will treat it as two # different locations (s3 and s4): s4 = trace2.states[4] self.assertEqual(s4.location.point, None) self.assertEqual(s4.location.range_.start.line, 165) self.assertEqual(s4.location.range_.start.column, 18) self.assertEqual(s4.location.range_.end.line, 165) self.assertEqual(s4.location.range_.end.column, 21) s5 = trace2.states[5] self.assertEqual(s5.location.point.line, 171) self.assertEqual(s5.location.point.column, 2) self.assertEqual(s5.location.range_, None) # etc def test_example_003(self): a = self.parse_example('report-003.plist') self.assertEqual(a.metadata.generator.name, 'clang-analyzer') # This example has a version self.assertEqual(a.metadata.generator.version, 'clang version 3.4.2 (tags/RELEASE_34/dot2-final)') self.assertEqual(len(a.results), 1) w0 = a.results[0] self.assertEqual(w0.testid, 'Garbage return value') self.assertEqual(w0.message.text, "Undefined or garbage value returned to caller") self.assertEqual(w0.location.file.givenpath, '../../src/test-sources/out-of-bounds.c') self.assertEqual(w0.location.line, 5) self.assertEqual(w0.location.column, 3) # Verify that we capture various clang-specific per-issue metadata self.assertEqual(w0.customfields['category'], 'Logic error') self.assertEqual(w0.customfields['issue_context'], 'out_of_bounds') self.assertEqual(w0.customfields['issue_context_kind'], 'function') if __name__ == '__main__': unittest.main() firehose-0.5/tests/parsers/test_cppcheck_parser.py000066400000000000000000000071061311207242100225450ustar00rootroot00000000000000# Copyright 2013 Red Hat, Inc. # # This library is free software; you can redistribute it and/or # modify it under the terms of the GNU Lesser General Public # License as published by the Free Software Foundation; either # version 2.1 of the License, or (at your option) any later version. # # This library is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # Lesser General Public License for more details. # # You should have received a copy of the GNU Lesser General Public # License along with this library; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 # USA import os import unittest from firehose.model import Issue, Failure from firehose.parsers.cppcheck import parse_file class TestParseXml(unittest.TestCase): def parse_example(self, filename): a = parse_file(os.path.join(os.path.dirname(__file__), 'example-output', 'cppcheck-xml-v2', filename)) return a def test_example_001(self): a = self.parse_example('example-001.xml') self.assertEqual(a.metadata.generator.name, 'cppcheck') self.assertEqual(a.metadata.generator.version, '1.57') self.assertEqual(a.metadata.sut, None) self.assertEqual(a.metadata.file_, None) self.assertEqual(a.metadata.stats, None) self.assertEqual(len(a.results), 7) r0 = a.results[0] self.assertIsInstance(r0, Issue) self.assertEqual(r0.cwe, None) self.assertEqual(r0.testid, 'uninitvar') self.assertEqual(r0.message.text, 'Uninitialized variable: ret') self.assertEqual(r0.notes, None) self.assertEqual(r0.location.file.givenpath, 'python-ethtool/etherinfo_obj.c') self.assertEqual(r0.location.file.abspath, None) self.assertEqual(r0.location.function, None) self.assertEqual(r0.location.line, 185) self.assertEqual(r0.trace, None) self.assertEqual(r0.severity, 'error') def test_example_002(self): a = self.parse_example('example-002.xml') self.assertEqual(a.metadata.generator.name, 'cppcheck') self.assertEqual(a.metadata.generator.version, '1.58') self.assertEqual(a.metadata.sut, None) self.assertEqual(a.metadata.file_, None) self.assertEqual(a.metadata.stats, None) self.assertEqual(len(a.results), 1) r0 = a.results[0] self.assertIsInstance(r0, Failure) self.assertEqual(r0.failureid, 'toomanyconfigs') self.assertEqual(r0.location, None) self.assertEqual(r0.message.text, ('Too many #ifdef configurations - cppcheck only' ' checks 12 configurations. Use --force to check' ' all configurations. For more details, use' ' --enable=information.')) self.assertEqual(r0.customfields['verbose'], ('The checking of the file will be interrupted because' ' there are too many #ifdef configurations. Checking of' ' all #ifdef configurations can be forced by --force' ' command line option or from GUI preferences. However' ' that may increase the checking time. For more details,' ' use --enable=information.')) firehose-0.5/tests/parsers/test_findbugs_parser.py000066400000000000000000000161751311207242100225740ustar00rootroot00000000000000# Copyright 2013 Shuxiong Ye # # This library is free software; you can redistribute it and/or # modify it under the terms of the GNU Lesser General Public # License as published by the Free Software Foundation; either # version 2.1 of the License, or (at your option) any later version. # # This library is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # Lesser General Public License for more details. # # You should have received a copy of the GNU Lesser General Public # License along with this library; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA # 02110-1301 USA import unittest import os from firehose.parsers import findbugs# import parse_warning, parse_file from firehose.model import Analysis, Issue, Location, File, Point, \ Function, Message, Sut, Metadata, Generator FAKE_SUT = Sut() def readRawData(filePath): f = open(filePath, "r") ret = f.readlines() f.close() return ret class TestParseFile(unittest.TestCase): def run_testdata(self, xmlFileName, answer, isDebug=False): path = os.path.join(os.path.dirname(__file__), "example-output", "findbugs", xmlFileName) analysis = findbugs.parse_file(path) self.assertIsInstance(analysis, Analysis) self.assertNotEqual(analysis.results, None) if isDebug: print(len(analysis.results), len(answer)) self.assertEqual(len(analysis.results), len(answer)) for i in range(0, len(analysis.results)): ret = analysis.results[i] self.assertIsInstance(ret, Issue) self.assertIsInstance(ret.location, Location) self.assertEqual(ret.location.line, answer[i][0]) if answer[i][1]: self.assertIsInstance(ret.location.function, Function) self.assertEqual(ret.location.function.name, answer[i][1]) else: self.assertEqual(ret.location.function, None) self.assertIsInstance(ret.location.file, File) self.assertEqual(ret.location.file.givenpath, answer[i][2]) def test_testdata_jformatstring(self): answer = [ [66, "edu.umd.cs.findbugs.formatStringChecker."+ "FormatterCompileTimeTest.testBug1874856FalsePositive()", "edu/umd/cs/findbugs/formatStringChecker/"+ "FormatterCompileTimeTest.java"], [89, "edu.umd.cs.findbugs.formatStringChecker."+ "FormatterCompileTimeTest.testBug1874856TruePositive()", "edu/umd/cs/findbugs/formatStringChecker/"+ "FormatterCompileTimeTest.java"], [19, "edu.umd.cs.findbugs.formatStringChecker."+ "FormatterRuntimeTest.testShouldWork()", "edu/umd/cs/findbugs/formatStringChecker/"+ "FormatterRuntimeTest.java"], [52, "edu.umd.cs.findbugs.formatStringChecker."+ "FormatterRuntimeTest.testFormatDateWithY()", "edu/umd/cs/findbugs/formatStringChecker/"+ "FormatterRuntimeTest.java"], [36, "edu.umd.cs.findbugs.formatStringChecker."+ "FormatterRuntimeTest.testNotEnoughParameters()", "edu/umd/cs/findbugs/formatStringChecker/"+ "FormatterRuntimeTest.java"], [28, "edu.umd.cs.findbugs.formatStringChecker."+ "FormatterRuntimeTest.testStringWhereIntegerExpected()", "edu/umd/cs/findbugs/formatStringChecker/"+ "FormatterRuntimeTest.java"], [88, "edu.umd.cs.findbugs.formatStringChecker."+ "FormatterRuntimeTest.testDateMismatch()", "edu/umd/cs/findbugs/formatStringChecker/"+ "FormatterRuntimeTest.java"], [28, "edu.umd.cs.findbugs.formatStringChecker."+ "FormatterRuntimeTest.testStringWhereIntegerExpected()", "edu/umd/cs/findbugs/formatStringChecker/"+ "FormatterRuntimeTest.java"], [43, "edu.umd.cs.findbugs.formatStringChecker."+ "FormatterRuntimeTest.testPassingAnArray()", "edu/umd/cs/findbugs/formatStringChecker/"+ "FormatterRuntimeTest.java"], [47, "edu.umd.cs.findbugs.formatStringChecker."+ "FormatterRuntimeTest.testPassingAnIntToABoolean()", "edu/umd/cs/findbugs/formatStringChecker/"+ "FormatterRuntimeTest.java"], [52, "edu.umd.cs.findbugs.formatStringChecker."+ "FormatterRuntimeTest.testFormatDateWithY()", "edu/umd/cs/findbugs/formatStringChecker/"+ "FormatterRuntimeTest.java"], [36, "edu.umd.cs.findbugs.formatStringChecker."+ "FormatterRuntimeTest.testNotEnoughParameters()", "edu/umd/cs/findbugs/formatStringChecker/"+ "FormatterRuntimeTest.java"], [78, "edu.umd.cs.findbugs.formatStringChecker."+ "FormatterRuntimeTest.testBug1874856TruePositive()", "edu/umd/cs/findbugs/formatStringChecker/"+ "FormatterRuntimeTest.java"], [88, "edu.umd.cs.findbugs.formatStringChecker."+ "FormatterRuntimeTest.testDateMismatch()", "edu/umd/cs/findbugs/formatStringChecker/"+ "FormatterRuntimeTest.java"], [21, "edu.umd.cs.findbugs.formatStringChecker"+ ".FormatterRuntimeTest.testShouldWork()", "edu/umd/cs/findbugs/formatStringChecker/"+ "FormatterRuntimeTest.java"], [22, "edu.umd.cs.findbugs.formatStringChecker."+ "FormatterRuntimeTest.testShouldWork()", "edu/umd/cs/findbugs/formatStringChecker/"+ "FormatterRuntimeTest.java"] ] self.run_testdata("findbugs_jformatstring.xml", answer) def test_testdata_example(self): answer = [ [8, "O0.()", "O0.java"], [13, "new O0()", "O0.java"], [18, "O0.bugs()", "O0.java"], [23, "O0.main(String[])", "O0.java"], [9, "l1.O1.()", "l1/O1.java"], [14, "new l1.O1()", "l1/O1.java"], [19, "l1.O1.bugs()", "l1/O1.java"], [24, "l1.O1.main(String[])", "l1/O1.java"], [9, "l1.l2.O2.()", "l1/l2/O2.java"], [14, "new l1.l2.O2()", "l1/l2/O2.java"], [19, "l1.l2.O2.bugs()", "l1/l2/O2.java"], [24, "l1.l2.O2.main(String[])", "l1/l2/O2.java"], ] self.run_testdata("findbugs_Example.xml", answer) def test_testdata_no_method(self): answer = [ [77, None, "com/clearspring/ircbot/trac/TracRpc.java"], ] self.run_testdata("findbugs_no_method.xml", answer) firehose-0.5/tests/parsers/test_flawfinder_parser.py000066400000000000000000000060061311207242100231040ustar00rootroot00000000000000#!/usr/bin/env python # # Copyright 2017 David Carlos # This library is free software; you can redistribute it and/or # modify it under the terms of the GNU Lesser General Public # License as published by the Free Software Foundation; either # version 2.1 of the License, or (at your option) any later version. # # This library is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # Lesser General Public License for more details. # # You should have received a copy of the GNU Lesser General Public # License along with this library; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 # USA import os import unittest from firehose.parsers.flawfinder import parse_file from firehose.model import Analysis, Issue, Sut, Trace class TestParseXml(unittest.TestCase): def parse_example(self, filename): try: path = os.path.join(os.path.dirname(__file__), 'example-output', 'flawfinder', filename) with open(path) as infile: return parse_file(infile) except IOError: print("Example input not found") def test_flawfinder_report(self): a = self.parse_example('flawfinder-report-1') self.assertEqual(a.metadata.generator.name, 'flawfinder') self.assertEqual(a.metadata.generator.version, '1.31') self.assertEqual(a.metadata.sut, None) self.assertEqual(a.metadata.file_, None) self.assertEqual(a.metadata.stats, None) self.assertEqual(a.metadata.stats, None) self.assertEqual(len(a.results), 1804) w0 = a.results[0] self.assertEqual(w0.cwe, 78) expected_message = 'This causes a new program to execute ' \ 'and is difficult to use safely (CWE-78). ' \ 'try using a library call that implements ' \ 'the same functionality if available.' self.assertEqual(w0.message.text, expected_message) self.assertEqual(w0.testid, 'shell') self.assertEqual(w0.location.file.givenpath , "./docs/examples/asiohiper.cpp") self.assertEqual(w0.location.point.line, 78) self.assertEqual(w0.location.point.column, 0) w3 = a.results[4] self.assertEqual(w3.location.file.givenpath , "./docs/examples/cookie_interface.c") self.assertEqual(w3.testid, 'format') some_w = a.results[1801] self.assertEqual(some_w.cwe, 126) self.assertEqual(some_w.testid, 'buffer') other_w = a.results[1802] self.assertEqual(other_w.cwe, None) self.assertEqual(other_w.location.file.givenpath, "./tests/unit/unit1604.c") self.assertEqual(other_w.location.point.line, 49) self.assertEqual(other_w.location.point.column, 0) firehose-0.5/tests/parsers/test_frama_c_parser.py000066400000000000000000000044451311207242100223600ustar00rootroot00000000000000import unittest import mock from firehose.parsers import frama_c from firehose.model import Issue, Location, File, Point, \ Function, Message, Sut, Result, Analysis FAKE_SUT = Sut() class TestParseWarning(unittest.TestCase): @staticmethod def create_mock_file(lines): mock_file = mock.MagicMock() mock_file.readlines.return_value = lines return mock_file def get_file_with_warning(self): return self.create_mock_file(["new.c:13:[kernel] warning: Body of function foo falls-through. Adding a return statement"]) def get_file_without_warning(self): return self.create_mock_file(["[kernel] Parsing perft.c (with preprocessing)"]) def test_parse_warning(self): mock_file = self.get_file_with_warning() ret = frama_c.parse_file(mock_file) self.assertIsInstance(ret, Analysis) self.assertIsInstance(ret.results[0], Result) self.assertEqual(len(ret.results), 1) def test_paths(self): mock_file = self.get_file_with_warning() analysis = frama_c.parse_file(mock_file) self.assertIsInstance(analysis, Analysis) self.assertEqual(len(analysis.results), 1) results = analysis.results[0] self.assertIsInstance(results.location, Location) self.assertIsInstance(results.location.file, File) self.assertIsInstance(results.location.point, Point) self.assertEqual(results.location.function, None) self.assertIsInstance(results.message, Message) self.assertEqual(results.location.line, 13) self.assertEqual( results.message.text, "Body of function foo falls-through. Adding a return statement") self.assertEqual(results.location.file.givenpath, "new.c") self.assertEqual(results.location.file.abspath, None) def test_empty(self): mock_file = self.create_mock_file([""]) ret = frama_c.parse_file(mock_file) self.assertEqual(len(ret.results), 0) def test_new_line(self): mock_file = self.create_mock_file(["\n"]) ret = frama_c.parse_file(mock_file) self.assertEqual(len(ret.results), 0) def test_no_warning(self): mock_file = self.get_file_without_warning() ret = frama_c.parse_file(mock_file) self.assertEqual(len(ret.results), 0) firehose-0.5/tests/parsers/test_gcc_parser.py000066400000000000000000000243541311207242100215250ustar00rootroot00000000000000# Copyright 2013 Red Hat, Inc. # # This library is free software; you can redistribute it and/or # modify it under the terms of the GNU Lesser General Public # License as published by the Free Software Foundation; either # version 2.1 of the License, or (at your option) any later version. # # This library is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # Lesser General Public License for more details. # # You should have received a copy of the GNU Lesser General Public # License along with this library; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 # USA import unittest import mock from firehose.parsers import gcc # import parse_warning, parse_file from firehose.model import Analysis, Issue, Location, File, Point, \ Function, Message, Sut, Metadata, Generator FUNC_NAME = 'I am a func name' FAKE_SUT = Sut() class TestParseWarning(unittest.TestCase): def test_empty(self): ret = gcc.parse_warning('', FUNC_NAME) self.assertTrue(ret is None) def test_new_line(self): ret = gcc.parse_warning('\n', FUNC_NAME) self.assertTrue(ret is None) def test_parse_c(self): line = "unix/arlib.c:299:9: warning: ignoring return value of 'fread', declared with attribute warn_unused_result [-Wunused-result]" ret = gcc.parse_warning(line, FUNC_NAME) self.assertIsInstance(ret, Issue) def test_no_metadata(self): line = "unix/arlib.c:299:9: warning: ignoring return value of 'fread', declared with attribute warn_unused_result [-Wunused-result]" ret = gcc.parse_warning(line, FUNC_NAME) self.assertIsInstance(ret, Issue) def test_parse_cpp(self): line = "num_get_float.cpp:535:29: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing]" ret = gcc.parse_warning(line, FUNC_NAME) self.assertIsInstance(ret, Issue) def test_empty_col(self): line = "webkit/glue/webkitclient_impl.cc:411: warning: 'current_mem_usage' may be used uninitialized in this function" ret = gcc.parse_warning(line, FUNC_NAME) self.assertIsInstance(ret, Issue) self.assertEqual(ret.location.column, 0) self.assertEqual(ret.location.line, 411) def test_values_c(self): line = "unix/arlib.c:299:9: warning: ignoring return value of 'fread', declared with attribute warn_unused_result [-Wunused-result]" issue = gcc.parse_warning(line, FUNC_NAME) # Verify the metadata: self.assertEqual(issue.cwe, None) self.assertEqual(issue.testid, 'unused-result') self.assertIsInstance(issue.location, Location) self.assertIsInstance(issue.location.file, File) self.assertIsInstance(issue.location.point, Point) self.assertIsInstance(issue.location.function, Function) self.assertIsInstance(issue.message, Message) self.assertEqual(issue.message.text, "ignoring return value of 'fread', declared with attribute warn_unused_result") self.assertEqual(issue.location.file.givenpath, "unix/arlib.c") self.assertEqual(issue.location.file.abspath, None) self.assertEqual(issue.location.point.line, 299) self.assertEqual(issue.location.point.column, 9) self.assertEqual(issue.location.function.name, FUNC_NAME) def test_values_cpp(self): line = "num_get_float.cpp:535:29: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing]" issue = gcc.parse_warning(line, FUNC_NAME) self.assertIsInstance(issue.location, Location) self.assertIsInstance(issue.location.file, File) self.assertIsInstance(issue.location.point, Point) self.assertIsInstance(issue.location.function, Function) self.assertIsInstance(issue.message, Message) self.assertEqual(issue.message.text, "dereferencing type-punned pointer will break strict-aliasing rules") self.assertEqual(issue.location.file.givenpath, "num_get_float.cpp") self.assertEqual(issue.location.file.abspath, None) self.assertEqual(issue.location.point.line, 535) self.assertEqual(issue.location.point.column, 29) self.assertEqual(issue.location.function.name, FUNC_NAME) def test_full_path(self): line = "/builddir/build/BUILD/libreoffice-3.5.7.2/icc/unxlngi6.pro/misc/build/SampleICC-1.3.2/IccProfLib/IccMpeACS.cpp:203:40: warning: comparison between signed and unsigned integer expressions [-Wsign-compare]" issue = gcc.parse_warning(line, FUNC_NAME) self.assertEqual(issue.location.file.givenpath, "/builddir/build/BUILD/libreoffice-3.5.7.2/icc/unxlngi6.pro/misc/build/SampleICC-1.3.2/IccProfLib/IccMpeACS.cpp") self.assertEqual(issue.location.file.abspath, None) def test_ignore_zip_warning(self): line = " zip warning: ../../unxlngi6.pro/bin/autotextuser.zip not found or empty" issue = gcc.parse_warning(line, FUNC_NAME) self.assertTrue(issue is None) def test_ignore_java_warning(self): line = " [javac] /builddir/build/BUILD/libreoffice-3.5.7.2/hsqldb/unxlngi6.pro/misc/build/hsqldb/build/build.xml:139: warning: 'includeantruntime' was not set, defaulting to build.sysclasspath=last; set to false for repeatable builds" issue = gcc.parse_warning(line, FUNC_NAME) self.assertTrue(issue is None) def test_parse_no_switch(self): line = "unix/arlib.c:299:9: warning: ignoring return value of 'fread', declared with attribute warn_unused_result" issue = gcc.parse_warning(line, FUNC_NAME) self.assertIsInstance(issue, Issue) class TestParseFile(unittest.TestCase): @staticmethod def create_mock_file(lines): mock_file = mock.MagicMock() mock_file.readlines.return_value = lines return mock_file @mock.patch.object(gcc, 'parse_warning') def test_identify_c(self, mock_parse_warning): lines = self.create_mock_file(["unix/arlib.c: In function 'ar_scan':", "ignored by mock"]) analysis = gcc.parse_file(lines, '4.7.2') self.assertEqual(len(analysis.results), 1) self.assertEqual(analysis.results[0], mock_parse_warning.return_value) self.assertEqual(mock_parse_warning.call_args[0][1], "ar_scan") @mock.patch.object(gcc, 'parse_warning') def test_identify_cpp(self, mock_parse_warning): lines = self.create_mock_file( ["/builddir/build/BUILD/libreoffice-3.5.7.2/icc/unxlngi6.pro/misc/build/SampleICC-1.3.2/IccProfLib/IccMpeACS.cpp: In member function 'virtual bool CIccMpeAcs::Read(icUInt32Number, CIccIO*)':", "ignored by mock"]) analysis = gcc.parse_file(lines, '4.7.2') self.assertEqual(len(analysis.results), 1) self.assertEqual(analysis.results[0], mock_parse_warning.return_value) self.assertEqual(mock_parse_warning.call_args[0][1], "virtual bool CIccMpeAcs::Read(icUInt32Number, CIccIO*)") @mock.patch.object(gcc, 'parse_warning') def test_identify_global(self, mock_parse_warning): lines = self.create_mock_file( ["/builddir/build/BUILD/libreoffice-3.5.7.2/icc/unxlngi6.pro/misc/build/SampleICC-1.3.2/IccProfLib/IccMpeACS.cpp: At global scope:", "ignored by mock"]) analysis = gcc.parse_file(lines, '4.7.2') self.assertEqual(len(analysis.results), 1) self.assertEqual(analysis.results[0], mock_parse_warning.return_value) self.assertEqual(mock_parse_warning.call_args[0][1], gcc.GLOBAL_FUNC_NAME) @mock.patch.object(gcc, 'parse_warning') def test_multiple_warnings_per_func(self, mock_parse_warning): # we expect that upon reaching "None", it will stop looking for # warnings, and thus the last MagicMock won't be counted mock_parse_warning.side_effect = [mock.MagicMock(), mock.MagicMock(), None, mock.MagicMock()] lines = self.create_mock_file(["unix/arlib.c: In function 'ar_scan':", "", "", "", ""]) analysis = gcc.parse_file(lines, '4.7.2') self.assertEqual(len(analysis.results), 2) # This represents a variety of cases that we should handle. # # For the first warning (on line 3), there was no function name given, so do # we make the function name optional? """ In file included from /builddir/build/BUILD/libreoffice-3.5.7.2/icc/unxlngi6.pro/misc/build/SampleICC-1.3.2/IccProfLib/IccMpeACS.h:83:0, from /builddir/build/BUILD/libreoffice-3.5.7.2/icc/unxlngi6.pro/misc/build/SampleICC-1.3.2/IccProfLib/IccMpeACS.cpp:86: /builddir/build/BUILD/libreoffice-3.5.7.2/icc/unxlngi6.pro/misc/build/SampleICC-1.3.2/IccProfLib/IccTagMPE.h:212:16: warning: unused parameter 'nIterp' [-Wunused-parameter] /builddir/build/BUILD/libreoffice-3.5.7.2/icc/unxlngi6.pro/misc/build/SampleICC-1.3.2/IccProfLib/IccTagMPE.h:212:16: warning: unused parameter 'pMPE' [-Wunused-parameter] /builddir/build/BUILD/libreoffice-3.5.7.2/icc/unxlngi6.pro/misc/build/SampleICC-1.3.2/IccProfLib/IccTagMPE.h:213:16: warning: unused parameter 'pDestPixel' [-Wunused-parameter] /builddir/build/BUILD/libreoffice-3.5.7.2/icc/unxlngi6.pro/misc/build/SampleICC-1.3.2/IccProfLib/IccTagMPE.h:213:16: warning: unused parameter 'pSrcPixel' [-Wunused-parameter] /builddir/build/BUILD/libreoffice-3.5.7.2/icc/unxlngi6.pro/misc/build/SampleICC-1.3.2/IccProfLib/IccMpeACS.cpp: In member function 'virtual bool CIccMpeAcs::Read(icUInt32Number, CIccIO*)': /builddir/build/BUILD/libreoffice-3.5.7.2/icc/unxlngi6.pro/misc/build/SampleICC-1.3.2/IccProfLib/IccMpeACS.cpp:203:40: warning: comparison between signed and unsigned integer expressions [-Wsign-compare] /builddir/build/BUILD/libreoffice-3.5.7.2/icc/unxlngi6.pro/misc/build/SampleICC-1.3.2/IccProfLib/IccMpeACS.cpp: At global scope: /builddir/build/BUILD/libreoffice-3.5.7.2/icc/unxlngi6.pro/misc/build/SampleICC-1.3.2/IccProfLib/IccMpeACS.cpp:260:6: warning: unused parameter 'nInterp' [-Wunused-parameter] /builddir/build/BUILD/libreoffice-3.5.7.2/icc/unxlngi6.pro/misc/build/SampleICC-1.3.2/IccProfLib/IccMpeACS.cpp:260:6: warning: unused parameter 'pMPE' [-Wunused-parameter] """ firehose-0.5/tests/parsers/test_splint_parser.py000066400000000000000000000076241311207242100223030ustar00rootroot00000000000000# Copyright 2017 David Malcolm # Copyright 2017 Red Hat, Inc. # # This library is free software; you can redistribute it and/or # modify it under the terms of the GNU Lesser General Public # License as published by the Free Software Foundation; either # version 2.1 of the License, or (at your option) any later version. # # This library is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # Lesser General Public License for more details. # # You should have received a copy of the GNU Lesser General Public # License along with this library; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 # USA import os import unittest from firehose.model import Issue from firehose.parsers.splint import parse_splint_csv, parse_splint_stderr class TestParser(unittest.TestCase): def locate_filename(self, filename): return os.path.join(os.path.dirname(__file__), 'example-output', 'splint', filename) def parse_example_csv(self, filename): return parse_splint_csv(self.locate_filename(filename)) def test_unconditional_file_leak(self): a = self.parse_example_csv('unconditional-file-leak.csv') self.assertEqual(a.metadata.generator.name, 'splint') self.assertEqual(a.metadata.generator.version, None) # FIXME self.assertEqual(a.metadata.sut, None) self.assertEqual(a.metadata.file_, None) self.assertEqual(a.metadata.stats, None) self.assertEqual(len(a.results), 8) r0 = a.results[0] self.assertIsInstance(r0, Issue) self.assertEqual(r0.cwe, None) self.assertEqual(r0.testid, 'internalglobs') self.assertEqual(r0.message.text, 'Called procedure fopen may access file system' ' state, but globals list does not include globals' ' fileSystem') self.assertEqual(r0.notes.text, 'A called function uses internal state, but the' ' globals list for the function being checked does' ' not include internalState') self.assertEqual(r0.location.file.givenpath, 'examples/unconditional-file-leak.c') self.assertEqual(r0.location.file.abspath, None) self.assertEqual(r0.location.function, None) self.assertEqual(r0.trace, None) self.assertEqual(r0.severity, '1') # Verify that rows with unescaped quotes are correctly worked around # In this example, this affects warnings #4 and #6 (these are 1-based, # so index 3 and 5 in the list). r3 = a.results[3] self.assertEqual(r3.location.line, 9) self.assertEqual(r3.location.column, 5) # Quote-handling is not quite perfect, we've lost the open quote of # the format string, and there an erroneous trailing quote in this # message. self.assertEqual(r3.message.text, 'Undocumented modification of file system state' ' possible from call to fprintf:' ' fprintf(f, %i: %i", i, i * i)"') r5 = a.results[5] # Similar issues here: self.assertEqual(r5.message.text, 'Body of for statement is not a block:' ' fprintf(f, %i: %i", i, i * i);"') def parse_example_stderr(self, filename): with open(self.locate_filename(filename)) as f: stderr = f.read() return parse_splint_stderr(stderr) def test_parse_stderr(self): v = self.parse_example_stderr('unconditional-file-leak.stderr') self.assertEqual(v, '3.1.2') firehose-0.5/tests/test_model.py000066400000000000000000000646401311207242100170400ustar00rootroot00000000000000# Copyright 2013 David Malcolm # Copyright 2013 Red Hat, Inc. # # This library is free software; you can redistribute it and/or # modify it under the terms of the GNU Lesser General Public # License as published by the Free Software Foundation; either # version 2.1 of the License, or (at your option) any later version. # # This library is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # Lesser General Public License for more details. # # You should have received a copy of the GNU Lesser General Public # License along with this library; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 # USA import glob import os import subprocess import tempfile import unittest from six import u, StringIO, BytesIO from firehose.model import Analysis, Issue, Metadata, Generator, SourceRpm, \ Location, File, Function, Point, Message, Notes, Trace, State, Stats, \ Failure, Range, DebianSource, DebianBinary, CustomFields, Info class AnalysisTests(unittest.TestCase): def make_simple_analysis(self): """ Construct a minimal Analysis instance """ a = Analysis(metadata=Metadata(generator=Generator(name='cpychecker'), sut=None, file_=None, stats=None), results=[Issue(cwe=None, testid=None, location=Location(file=File('foo.c', None), function=None, point=Point(10, 15)), message=Message(text='something bad involving pointers'), notes=None, trace=None)]) return a, a.results[0] def make_complex_analysis(self): """ Construct a Analysis instance that uses all features """ a = Analysis(metadata=Metadata(generator=Generator(name='cpychecker', version='0.11'), sut=SourceRpm(name='python-ethtool', version='0.7', release='4.fc19', buildarch='x86_64'), file_=File(givenpath='foo.c', abspath='/home/david/coding/foo.c'), stats=Stats(wallclocktime=0.4)), results=[Issue(cwe=681, testid='refcount-too-high', location=Location(file=File(givenpath='foo.c', abspath='/home/david/coding/foo.c'), function=Function('bar'), point=Point(10, 15)), message=Message(text='something bad involving pointers'), notes=Notes('here is some explanatory text'), trace=Trace([State(location=Location(file=File('foo.c', None), function=Function('bar'), point=Point(7, 12)), notes=Notes('first we do this')), State(location=Location(file=File('foo.c', None), function=Function('bar'), point=Point(8, 10)), notes=Notes('then we do that')), State(location=Location(file=File('foo.c', None), function=Function('bar'), range_=Range(Point(10, 15), Point(10, 25))), notes=Notes('then it crashes here')) ]), severity='really bad', customfields=CustomFields(foo='bar')), ], customfields=CustomFields(gccinvocation='gcc -I/usr/include/python2.7 -c foo.c'), ) return a, a.results[0] def make_failed_analysis(self): a = Analysis(metadata=Metadata(generator=Generator(name='yet-another-checker'), sut=None, file_=None, stats=None), results=[Failure(failureid='out-of-memory', location=Location(file=File('foo.c', None), function=Function('something_complicated'), point=Point(10, 15)), message=Message('out of memory'), customfields=CustomFields(stdout='sample stdout', stderr='sample stderr', returncode=-9)) # (killed) ]) return a, a.results[0] def make_info(self): a = Analysis(metadata=Metadata(generator=Generator(name='an-invented-checker'), sut=None, file_=None, stats=None), results=[Info(infoid='gimple-stats', location=Location(file=File('bar.c', None), function=Function('sample_function'), point=Point(10, 15)), message=Message('sample message'), customfields=CustomFields(num_stmts=57, num_basic_blocks=10)) ]) return a, a.results[0] def test_creating_simple_analysis(self): a, w = self.make_simple_analysis() self.assertEqual(a.metadata.generator.name, 'cpychecker') self.assertEqual(a.metadata.generator.version, None) self.assertEqual(a.metadata.sut, None) self.assertEqual(a.metadata.file_, None) self.assertEqual(a.metadata.stats, None) self.assertEqual(w.cwe, None) self.assertEqual(w.testid, None) self.assertEqual(w.location.file.givenpath, 'foo.c') self.assertEqual(w.location.file.abspath, None) self.assertEqual(w.location.function, None) self.assertEqual(w.location.line, 10) self.assertEqual(w.location.column, 15) self.assertEqual(w.message.text, 'something bad involving pointers') self.assertEqual(w.notes, None) self.assertEqual(w.trace, None) def test_creating_complex_analysis(self): a, w = self.make_complex_analysis() self.assertEqual(a.metadata.generator.name, 'cpychecker') self.assertEqual(a.metadata.generator.version, '0.11') self.assertIsInstance(a.metadata.sut, SourceRpm) self.assertEqual(a.metadata.sut.name, 'python-ethtool') self.assertEqual(a.metadata.sut.version, '0.7') self.assertEqual(a.metadata.sut.release, '4.fc19') self.assertEqual(a.metadata.sut.buildarch, 'x86_64') self.assertEqual(a.metadata.file_.givenpath, 'foo.c') self.assertEqual(a.metadata.file_.abspath, '/home/david/coding/foo.c') self.assertEqual(a.metadata.stats.wallclocktime, 0.4) self.assertEqual(w.cwe, 681) self.assertEqual(w.testid, 'refcount-too-high') self.assertEqual(w.location.file.givenpath, 'foo.c') self.assertEqual(w.location.file.abspath, '/home/david/coding/foo.c') self.assertEqual(w.location.function.name, 'bar') self.assertEqual(w.location.line, 10) self.assertEqual(w.location.column, 15) self.assertEqual(w.message.text, 'something bad involving pointers') self.assertEqual(w.notes.text, 'here is some explanatory text') self.assertEqual(w.severity, 'really bad') self.assertIsInstance(w.trace, Trace) self.assertEqual(len(w.trace.states), 3) s0 = w.trace.states[0] self.assertIsInstance(s0, State) self.assertEqual(s0.location.file.givenpath, 'foo.c') self.assertEqual(s0.location.function.name, 'bar') self.assertEqual(s0.location.line, 7) self.assertEqual(s0.location.column, 12) self.assertEqual(s0.notes.text, 'first we do this') # Verify the Range type within the final state in the trace: s2 = w.trace.states[2] self.assertIsInstance(s2, State) self.assertEqual(s2.location.line, 10) self.assertEqual(s2.location.column, 15) def test_making_failed_analysis(self): a, f = self.make_failed_analysis() self.assertIsInstance(f, Failure) self.assertEqual(f.failureid, 'out-of-memory') self.assertEqual(f.location.file.givenpath, 'foo.c') self.assertEqual(f.location.function.name, 'something_complicated') self.assertEqual(f.location.line, 10) self.assertEqual(f.location.column, 15) self.assertEqual(f.message.text, 'out of memory') self.assertEqual(f.customfields['stdout'], 'sample stdout') self.assertEqual(f.customfields['stderr'], 'sample stderr') self.assertEqual(f.customfields['returncode'], -9) def test_making_info(self): a, info = self.make_info() self.assertIsInstance(info, Info) self.assertEqual(info.infoid, 'gimple-stats') self.assertEqual(info.location.file.givenpath, 'bar.c') self.assertEqual(info.location.function.name, 'sample_function') self.assertEqual(info.location.line, 10) self.assertEqual(info.location.column, 15) self.assertEqual(info.message.text, 'sample message') self.assertEqual(info.customfields['num_stmts'], 57) self.assertEqual(info.customfields['num_basic_blocks'], 10) def test_from_xml(self): num_analyses = 0 for filename in sorted(glob.glob('examples/example-*.xml')): with open(filename) as f: r = Analysis.from_xml(f) num_analyses += 1 # Ensure that all of the reports were indeed parsed: self.assertEqual(num_analyses, 10) def test_example_2(self): # Verify that the parser works: with open('examples/example-2.xml') as f: a = Analysis.from_xml(f) self.assertEqual(a.metadata.generator.name, 'cpychecker') self.assertEqual(a.metadata.generator.version, '0.11') self.assertIsInstance(a.metadata.sut, SourceRpm) self.assertEqual(a.metadata.sut.name, 'python-ethtool') self.assertEqual(a.metadata.sut.version, '0.7') self.assertEqual(a.metadata.sut.release, '4.fc19') self.assertEqual(a.metadata.sut.buildarch, 'x86_64') self.assertEqual(len(a.results), 1) w = a.results[0] self.assertIsInstance(w, Issue) self.assertEqual(w.cwe, 401) self.assertEqual(w.testid, 'refcount-too-high') self.assertEqual(w.location.file.givenpath, 'examples/python-src-example.c') self.assertEqual(w.location.file.abspath, None) self.assertEqual(w.location.file.hash_.alg, 'sha1') self.assertEqual(w.location.file.hash_.hexdigest, '6ba29daa94d64b48071e299a79f2a00dcd99eeb1') self.assertEqual(w.location.function.name, 'make_a_list_of_random_ints_badly') self.assertEqual(w.location.line, 40) self.assertEqual(w.location.column, 4) self.assertEqual(w.message.text, "ob_refcnt of '*item' is 1 too high") self.assertMultiLineEqual(w.notes.text, ("was expecting final item->ob_refcnt to be N + 1 (for some unknown N)\n" "due to object being referenced by: PyListObject.ob_item[0]\n" "but final item->ob_refcnt is N + 2")) self.assertIsInstance(w.trace, Trace) self.assertEqual(len(w.trace.states), 3) s0 = w.trace.states[0] self.assertIsInstance(s0, State) self.assertEqual(s0.location.file.givenpath, 'examples/python-src-example.c') self.assertEqual(s0.location.function.name, 'make_a_list_of_random_ints_badly') self.assertEqual(s0.location.line, 36) self.assertEqual(s0.location.column, 14) self.assertEqual(s0.notes.text, 'PyLongObject allocated at: item = PyLong_FromLong(random());') def test_example_3(self): # Verify that the parser works: with open('examples/example-3.xml') as f: a = Analysis.from_xml(f) self.assertEqual(a.metadata.generator.name, 'cpychecker') self.assertEqual(a.metadata.generator.version, '0.11') self.assertIsInstance(a.metadata.sut, SourceRpm) self.assertEqual(a.metadata.sut.name, 'python-ethtool') self.assertEqual(a.metadata.sut.version, '0.7') self.assertEqual(a.metadata.sut.release, '4.fc19') self.assertEqual(a.metadata.sut.buildarch, 'x86_64') self.assertEqual(len(a.results), 1) w = a.results[0] self.assertIsInstance(w, Failure) self.assertEqual(w.failureid, 'bad-exit-code') self.assertEqual(w.customfields['returncode'], -11) def test_example_4(self): with open('examples/example-4.xml') as f: a = Analysis.from_xml(f) self.assertEqual(a.metadata.generator.name, 'cpychecker') self.assertEqual(a.metadata.generator.version, '0.11') self.assertIsInstance(a.metadata.sut, SourceRpm) self.assertEqual(a.metadata.sut.name, 'python-ethtool') self.assertEqual(a.metadata.sut.version, '0.7') self.assertEqual(a.metadata.sut.release, '4.fc19') self.assertEqual(a.metadata.sut.buildarch, 'x86_64') self.assertEqual(len(a.results), 1) w = a.results[0] self.assertIsInstance(w, Failure) self.assertEqual(w.failureid, 'python-exception') self.assertEqual(w.location.file.givenpath, 'wspy_register.c') self.assertEqual(w.location.function.name, 'register_all_py_protocols_func') self.assertEqual(w.location.line, 159) self.assertEqual(w.location.column, 42) self.assertTrue(w.customfields['traceback'] .startswith('wspy_register.c: In function \'register_all_py_protocols_func\':\n')) def test_example_5(self): # Ensure that we can load range information from XML with open('examples/example-5.xml') as f: a = Analysis.from_xml(f) self.assertEqual(len(a.results), 1) w = a.results[0] self.assertIsInstance(w, Issue) self.assertEqual(w.location.range_.start.line, 10) self.assertEqual(w.location.range_.start.column, 9) self.assertEqual(w.location.range_.end.line, 10) self.assertEqual(w.location.range_.end.column, 44) self.assertEqual(w.location.point, None) # The line/column getters use the start: self.assertEqual(w.location.line, 10) self.assertEqual(w.location.column, 9) def test_example_6(self): with open('examples/example-6.xml') as f: a = Analysis.from_xml(f) self.assertEqual(a.metadata.generator.name, 'cpychecker') self.assertEqual(len(a.results), 1) w = a.results[0] self.assertIsInstance(w, Failure) self.assertEqual(w.failureid, 'too-complicated') self.assertEqual(w.message.text, 'this function is too complicated for the' ' reference-count checker to fully analyze:' ' not all paths were analyzed') self.assertEqual(w.customfields, None) def test_non_ascii_example(self): with open('examples/example-non-ascii.xml') as f: a = Analysis.from_xml(f) self.assertEqual(a.metadata.generator.name, u('\u2620') * 8) self.assertEqual(len(a.results), 1) w = a.results[0] self.assertIsInstance(w, Issue) # Verify the Japanese version of # "comparison between signed and unsigned integer expressions" # within the message: self.assertEqual(w.message.text, (u('\u7b26\u53f7\u4ed8\u304d\u3068\u7b26\u53f7' '\u7121\u3057\u306e\u6574\u6570\u5f0f\u306e' '\u9593\u3067\u306e\u6bd4\u8f03\u3067\u3059'))) # Verify the "mojibake" Kanji/Hiragana within the notes: self.assertIn(u('\u6587\u5b57\u5316\u3051'), w.notes.text) self.assertEqual(w.location.function.name, u('oo\u025f')) def test_to_xml(self): def validate(xmlbytes): f = tempfile.NamedTemporaryFile(delete=False) f.write(xmlbytes) f.flush() print("") p = subprocess.check_output(['xmllint', '--relaxng', 'firehose.rng', '--noout', f.name]) # do this by hand: if a test fails, we'll want to inspect the # file: os.unlink(f.name) a, w = self.make_simple_analysis() validate(a.to_xml_bytes()) a, w = self.make_complex_analysis() validate(a.to_xml_bytes()) a, w = self.make_failed_analysis() validate(a.to_xml_bytes()) a, w = self.make_info() validate(a.to_xml_bytes()) def test_xml_roundtrip(self): def roundtrip_through_xml(a): xmlbytes = a.to_xml_bytes() buf = BytesIO(xmlbytes) return Analysis.from_xml(buf) a1, w = self.make_simple_analysis() a2 = roundtrip_through_xml(a1) self.assertEqual(a1.metadata, a2.metadata) self.assertEqual(a1.results, a2.results) self.assertEqual(a1, a2) a3, w = self.make_complex_analysis() a4 = roundtrip_through_xml(a3) self.assertEqual(a3.metadata, a4.metadata) self.assertEqual(a3.results, a4.results) self.assertEqual(a3, a4) a5, f = self.make_failed_analysis() a6 = roundtrip_through_xml(a5) self.assertEqual(a5.metadata, a6.metadata) self.assertEqual(a5.results, a6.results) self.assertEqual(a5, a6) a7, info = self.make_info() a8 = roundtrip_through_xml(a7) self.assertEqual(a7.metadata, a8.metadata) self.assertEqual(a7.results, a8.results) self.assertEqual(a7, a8) a9 = Analysis.from_xml('examples/example-non-ascii.xml') a10 = roundtrip_through_xml(a9) self.assertEqual(a9, a10) def test_json_roundtrip(self): verbose = False def roundtrip_through_json(a): jsondict = a.to_json() if verbose: from pprint import pprint pprint(jsondict) return Analysis.from_json(jsondict) a1, w = self.make_simple_analysis() a2 = roundtrip_through_json(a1) self.assertEqual(a1.metadata, a2.metadata) self.assertEqual(a1.results, a2.results) self.assertEqual(a1, a2) a3, w = self.make_complex_analysis() a4 = roundtrip_through_json(a3) self.assertEqual(a3.metadata, a4.metadata) self.assertEqual(a3.results, a4.results) self.assertEqual(a3, a4) a5, f = self.make_failed_analysis() a6 = roundtrip_through_json(a5) self.assertEqual(a5.metadata, a6.metadata) self.assertEqual(a5.results, a6.results) self.assertEqual(a5, a6) a7, info = self.make_info() a8 = roundtrip_through_json(a7) self.assertEqual(a7.metadata, a8.metadata) self.assertEqual(a7.results, a8.results) self.assertEqual(a7, a8) a9 = Analysis.from_xml('examples/example-non-ascii.xml') a10 = roundtrip_through_json(a9) self.assertEqual(a9, a10) def test_repr(self): # Verify that the various __repr__ methods are sane: a, w = self.make_simple_analysis() self.assertIn('Analysis(', repr(a)) self.assertIn('Issue(', repr(a)) a, w = self.make_complex_analysis() self.assertIn('Analysis(', repr(a)) self.assertIn('Issue(', repr(a)) a, f = self.make_failed_analysis() self.assertIn('Analysis(', repr(a)) self.assertIn('Failure(', repr(a)) a, info = self.make_info() self.assertIn('Analysis(', repr(a)) self.assertIn('Info(', repr(a)) def test_hash(self): def compare_hashes(creator): a1, w1 = creator() a2, w2 = creator() self.assertEqual(hash(a1), hash(a2)) compare_hashes(self.make_simple_analysis) compare_hashes(self.make_complex_analysis) compare_hashes(self.make_failed_analysis) compare_hashes(self.make_info) def test_cwe(self): # Verify that the CWE methods are sane: a, w = self.make_complex_analysis() self.assertIsInstance(w.cwe, int) self.assertEqual(w.get_cwe_str(), 'CWE-681') self.assertEqual(w.get_cwe_url(), 'http://cwe.mitre.org/data/definitions/681.html') # Verify that they are sane for a warning without a CWE: a, w = self.make_simple_analysis() self.assertEqual(w.cwe, None) self.assertEqual(w.get_cwe_str(), None) self.assertEqual(w.get_cwe_url(), None) def test_fixup_paths(self): # Verify that Report.fixup_files() can make paths absolute: a, w = self.make_simple_analysis() self.assertEqual(w.location.file.abspath, None) a.fixup_files(relativedir='/home/david/coding/test') self.assertEqual(w.location.file.abspath, '/home/david/coding/test/foo.c') def test_fixup_hashes(self): # Verify that Report.fixup_files() can add hashes to files: a, w = self.make_simple_analysis() w.location.file.givenpath = 'examples/python-src-example.c' w.location.file.abspath = None self.assertEqual(w.location.file.hash_, None) a.fixup_files(hashalg='sha1') self.assertEqual(w.location.file.hash_.alg, 'sha1') self.assertEqual(w.location.file.hash_.hexdigest, 'e978c45fc1779e59d5f8c6c0d534fe2d0a5a7c66') def test_gcc_output(self): a, w = self.make_simple_analysis() output = StringIO() w.write_as_gcc_output(output) self.assertEqual(output.getvalue(), 'foo.c:10:15: warning: something bad involving pointers\n') a, w = self.make_complex_analysis() output = StringIO() w.write_as_gcc_output(output) self.assertMultiLineEqual(output.getvalue(), ("foo.c: In function 'bar':\n" "foo.c:10:15: warning: something bad involving pointers [CWE-681]\n" "here is some explanatory text\n" "foo.c:7:12: note: first we do this\n" "foo.c:8:10: note: then we do that\n" "foo.c:10:15: note: then it crashes here\n")) def test_debian_source(self): """ Test to ensure that Debian source package Sut loading works. """ with open('examples/example-debian-source.xml') as f: a = Analysis.from_xml(f) self.assertEqual(a.metadata.generator.name, 'handmade') self.assertEqual(a.metadata.generator.version, '0.1') self.assertIsInstance(a.metadata.sut, DebianSource) self.assertEqual(a.metadata.sut.name, 'python-ethtool') self.assertEqual(a.metadata.sut.version, '0.7') self.assertEqual(a.metadata.sut.release, '4.1+b1') self.assertFalse(hasattr(a.metadata.sut, 'buildarch')) def test_debian_binary(self): """ Test to ensure that Debian binary package Sut loading works. """ with open('examples/example-debian-binary.xml') as f: a = Analysis.from_xml(f) self.assertEqual(a.metadata.generator.name, 'handmade') self.assertEqual(a.metadata.generator.version, '0.1') self.assertIsInstance(a.metadata.sut, DebianBinary) self.assertEqual(a.metadata.sut.name, 'python-ethtool') self.assertEqual(a.metadata.sut.version, '0.7') self.assertEqual(a.metadata.sut.buildarch, 'amd64') self.assertEqual(a.metadata.sut.release, '1.1') def parse_xml_bytes(self, xmlbytes): f = BytesIO(xmlbytes) a = Analysis.from_xml(f) f.close() return a def test_empty_str_field(self): a = self.parse_xml_bytes( b''' ''') # Ensure that an empty has value '', rather than None: self.assertEqual(a.customfields['test'], '') def test_set_custom_field(self): a, w = self.make_simple_analysis() self.assertEqual(a.customfields, None) a.set_custom_field('foo', 'bar') self.assertNotEqual(a.customfields, None) self.assertEqual(a.customfields['foo'], 'bar')