| f3000) | xpinstall/wizard/os2/setup/ifuncns.c:626 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3001) | xpinstall/wizard/os2/setup/ifuncns.c:628 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3002) | xpinstall/wizard/os2/setup/ifuncns.c:630 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3003) | xpinstall/wizard/os2/setup/ifuncns.c:651 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3004) | xpinstall/wizard/os2/setup/ifuncns.c:653 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3005) | xpinstall/wizard/os2/setup/ifuncns.c:656 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3006) | xpinstall/wizard/os2/setup/ifuncns.c:658 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3007) | xpinstall/wizard/os2/setup/ifuncns.c:663 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3008) | xpinstall/wizard/os2/setup/ifuncns.c:699 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3009) | xpinstall/wizard/os2/setup/ifuncns.c:701 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3010) | xpinstall/wizard/os2/setup/ifuncns.c:714 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3011) | xpinstall/wizard/os2/setup/ifuncns.c:715 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3012) | xpinstall/wizard/os2/setup/ifuncns.c:716 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3013) | xpinstall/wizard/os2/setup/ifuncns.c:721 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3014) | xpinstall/wizard/os2/setup/ifuncns.c:722 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3015) | xpinstall/wizard/os2/setup/ifuncns.c:726 [2] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat. Risk is low because the source is a constant string.
|
| f3016) | xpinstall/wizard/os2/setup/ifuncns.c:727 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3017) | xpinstall/wizard/os2/setup/ifuncns.c:729 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3018) | xpinstall/wizard/os2/setup/ifuncns.c:747 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3019) | xpinstall/wizard/os2/setup/ifuncns.c:762 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3020) | xpinstall/wizard/os2/setup/ifuncns.c:764 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3021) | xpinstall/wizard/os2/setup/ifuncns.c:766 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3022) | xpinstall/wizard/os2/setup/ifuncns.c:770 [1] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat. Risk is low because the source is a constant character.
|
| f3023) | xpinstall/wizard/os2/setup/ifuncns.c:771 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3024) | xpinstall/wizard/os2/setup/ifuncns.c:892 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3025) | xpinstall/wizard/os2/setup/ifuncns.c:894 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3026) | xpinstall/wizard/os2/setup/ifuncns.c:903 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3027) | xpinstall/wizard/os2/setup/ifuncns.c:905 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3028) | xpinstall/wizard/os2/setup/ifuncns.c:918 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3029) | xpinstall/wizard/os2/setup/ifuncns.c:920 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3030) | xpinstall/wizard/os2/setup/ifuncns.c:975 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3031) | xpinstall/wizard/os2/setup/ifuncns.c:980 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3032) | xpinstall/wizard/os2/setup/ifuncns.c:982 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3033) | xpinstall/wizard/os2/setup/ifuncns.c:987 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3034) | xpinstall/wizard/os2/setup/ifuncns.c:992 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3035) | xpinstall/wizard/os2/setup/ifuncns.c:994 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3036) | xpinstall/wizard/os2/setup/ifuncns.c:1008 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3037) | xpinstall/wizard/os2/setup/ifuncns.c:1013 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3038) | xpinstall/wizard/os2/setup/ifuncns.c:1015 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3039) | xpinstall/wizard/os2/setup/ifuncns.c:1020 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3040) | xpinstall/wizard/os2/setup/ifuncns.c:1037 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3041) | xpinstall/wizard/os2/setup/ifuncns.c:1041 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3042) | xpinstall/wizard/os2/setup/ifuncns.c:1044 [2] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat. Risk is low because the source is a constant string.
|
| f3043) | xpinstall/wizard/os2/setup/ifuncns.c:1046 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3044) | xpinstall/wizard/os2/setup/ifuncns.c:1054 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3045) | xpinstall/wizard/os2/setup/ifuncns.c:1058 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3046) | xpinstall/wizard/os2/setup/ifuncns.c:1066 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3047) | xpinstall/wizard/os2/setup/ifuncns.c:1070 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3048) | xpinstall/wizard/os2/setup/ifuncns.c:1075 [2] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat. Risk is low because the source is a constant string.
|
| f3049) | xpinstall/wizard/os2/setup/ifuncns.c:1173 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3050) | xpinstall/wizard/os2/setup/ifuncns.c:1175 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3051) | xpinstall/wizard/os2/setup/ifuncns.c:1234 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3052) | xpinstall/wizard/os2/setup/ifuncns.c:1236 [1] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat. Risk is low because the source is a constant character.
|
| f3053) | xpinstall/wizard/os2/setup/ifuncns.c:1245 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3054) | xpinstall/wizard/os2/setup/ifuncns.c:1247 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3055) | xpinstall/wizard/os2/setup/ifuncns.c:1340 [1] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat. Risk is low because the source is a constant character.
|
| f3056) | xpinstall/wizard/os2/setup/ifuncns.c:1341 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3057) | xpinstall/wizard/os2/setup/ifuncns.c:1409 [2] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy. Risk is low because the source is a constant string.
|
| f3058) | xpinstall/wizard/os2/setup/ifuncns.c:1412 [2] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy. Risk is low because the source is a constant string.
|
| f3059) | xpinstall/wizard/os2/setup/ifuncns.c:1415 [2] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy. Risk is low because the source is a constant string.
|
| f3060) | xpinstall/wizard/os2/setup/ifuncns.c:1418 [2] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy. Risk is low because the source is a constant string.
|
| f3061) | xpinstall/wizard/os2/setup/ifuncns.c:1421 [2] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy. Risk is low because the source is a constant string.
|
| f3062) | xpinstall/wizard/os2/setup/ifuncns.c:1424 [2] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy. Risk is low because the source is a constant string.
|
| f3063) | xpinstall/wizard/os2/setup/ifuncns.c:1426 [2] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy. Risk is low because the source is a constant string.
|
| f3064) | xpinstall/wizard/os2/setup/ifuncns.c:1566 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3065) | xpinstall/wizard/os2/setup/ifuncns.c:1568 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3066) | xpinstall/wizard/os2/setup/ifuncns.c:1664 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3067) | xpinstall/wizard/os2/setup/ifuncns.c:1681 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3068) | xpinstall/wizard/os2/setup/ifuncns.c:1686 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3069) | xpinstall/wizard/os2/setup/ifuncns.c:1733 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3070) | xpinstall/wizard/os2/setup/ifuncns.c:1747 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3071) | xpinstall/wizard/os2/setup/ifuncns.c:1759 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3072) | xpinstall/wizard/os2/setup/ifuncns.c:1831 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3073) | xpinstall/wizard/os2/setup/ifuncns.c:1832 [2] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat. Risk is low because the source is a constant string.
|
| f3074) | xpinstall/wizard/os2/setup/ifuncns.c:1833 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3075) | xpinstall/wizard/os2/setup/ifuncns.c:1859 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3076) | xpinstall/wizard/os2/setup/ifuncns.c:1861 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3077) | xpinstall/wizard/os2/setup/ifuncns.c:1867 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3078) | xpinstall/wizard/os2/setup/ifuncns.c:1868 [2] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat. Risk is low because the source is a constant string.
|
| f3079) | xpinstall/wizard/os2/setup/ifuncns.c:1869 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3080) | xpinstall/wizard/os2/setup/logging.c:80 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3081) | xpinstall/wizard/os2/setup/logging.c:82 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3082) | xpinstall/wizard/os2/setup/logging.c:91 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3083) | xpinstall/wizard/os2/setup/logging.c:97 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3084) | xpinstall/wizard/os2/setup/logging.c:100 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3085) | xpinstall/wizard/os2/setup/logging.c:103 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3086) | xpinstall/wizard/os2/setup/logging.c:108 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3087) | xpinstall/wizard/os2/setup/logging.c:121 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3088) | xpinstall/wizard/os2/setup/logging.c:135 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3089) | xpinstall/wizard/os2/setup/logging.c:140 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3090) | xpinstall/wizard/os2/setup/logging.c:145 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3091) | xpinstall/wizard/os2/setup/logging.c:150 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3092) | xpinstall/wizard/os2/setup/logging.c:164 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3093) | xpinstall/wizard/os2/setup/logging.c:177 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3094) | xpinstall/wizard/os2/setup/logging.c:181 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3095) | xpinstall/wizard/os2/setup/logging.c:194 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3096) | xpinstall/wizard/os2/setup/logging.c:207 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3097) | xpinstall/wizard/os2/setup/logging.c:226 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3098) | xpinstall/wizard/os2/setup/logging.c:232 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3099) | xpinstall/wizard/os2/setup/logging.c:246 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3100) | xpinstall/wizard/os2/setup/logging.c:251 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3101) | xpinstall/wizard/os2/setup/logging.c:261 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3102) | xpinstall/wizard/os2/setup/logging.c:266 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3103) | xpinstall/wizard/os2/setup/logging.c:279 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3104) | xpinstall/wizard/os2/setup/logging.c:283 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3105) | xpinstall/wizard/os2/setup/logging.c:289 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3106) | xpinstall/wizard/os2/setup/logging.c:293 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3107) | xpinstall/wizard/os2/setup/logging.c:305 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3108) | xpinstall/wizard/os2/setup/logging.c:307 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3109) | xpinstall/wizard/os2/setup/logging.c:316 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3110) | xpinstall/wizard/os2/setup/logging.c:326 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3111) | xpinstall/wizard/os2/setup/logging.c:335 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3112) | xpinstall/wizard/os2/setup/logging.c:337 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3113) | xpinstall/wizard/os2/setup/logging.c:346 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3114) | xpinstall/wizard/os2/setup/logging.c:355 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3115) | xpinstall/wizard/os2/setup/logging.c:357 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3116) | xpinstall/wizard/os2/setup/logging.c:372 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3117) | xpinstall/wizard/os2/setup/logging.c:383 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3118) | xpinstall/wizard/os2/setup/logging.c:402 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3119) | xpinstall/wizard/os2/setup/logging.c:411 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3120) | xpinstall/wizard/os2/setup/logging.c:426 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3121) | xpinstall/wizard/os2/setup/logging.c:446 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3122) | xpinstall/wizard/os2/setup/logging.c:471 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3123) | xpinstall/wizard/os2/setup/logging.c:473 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3124) | xpinstall/wizard/os2/setup/setup.c:146 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3125) | xpinstall/wizard/os2/setup/setup.c:158 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3126) | xpinstall/wizard/os2/setup/xpi.c:102 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3127) | xpinstall/wizard/os2/setup/xpi.c:108 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3128) | xpinstall/wizard/os2/setup/xpi.c:114 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3129) | xpinstall/wizard/os2/setup/xpi.c:120 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3130) | xpinstall/wizard/os2/setup/xpi.c:284 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3131) | xpinstall/wizard/os2/setup/xpi.c:299 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3132) | xpinstall/wizard/os2/setup/xpi.c:316 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3133) | xpinstall/wizard/os2/setup/xpi.c:377 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3134) | xpinstall/wizard/os2/setup/xpi.c:392 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3135) | xpinstall/wizard/os2/setup/xpnetHook.cpp:274 [2] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy. Risk is low because the source is a constant string.
|
| f3136) | xpinstall/wizard/os2/setup/xpnetHook.cpp:285 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3137) | xpinstall/wizard/os2/setup/xpnetHook.cpp:292 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3138) | xpinstall/wizard/os2/setup/xpnetHook.cpp:307 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3139) | xpinstall/wizard/os2/setup/xpnetHook.cpp:314 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3140) | xpinstall/wizard/os2/setup/xpnetHook.cpp:327 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3141) | xpinstall/wizard/os2/setup/xpnetHook.cpp:340 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3142) | xpinstall/wizard/os2/setup/xpnetHook.cpp:359 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3143) | xpinstall/wizard/os2/setup/xpnetHook.cpp:365 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3144) | xpinstall/wizard/os2/setup/xpnetHook.cpp:391 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3145) | xpinstall/wizard/os2/setup/xpnetHook.cpp:393 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3146) | xpinstall/wizard/os2/setup/xpnetHook.cpp:427 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3147) | xpinstall/wizard/os2/setup/xpnetHook.cpp:442 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3148) | xpinstall/wizard/os2/setup/xpnetHook.cpp:490 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3149) | xpinstall/wizard/os2/setup/xpnetHook.cpp:536 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3150) | xpinstall/wizard/os2/setup/xpnetHook.cpp:735 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3151) | xpinstall/wizard/os2/setup/xpnetHook.cpp:736 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3152) | xpinstall/wizard/os2/setup/xpnetHook.cpp:773 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3153) | xpinstall/wizard/os2/setup/xpnetHook.cpp:775 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3154) | xpinstall/wizard/os2/setup/xpnetHook.cpp:871 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3155) | xpinstall/wizard/os2/setup/xpnetHook.cpp:907 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3156) | xpinstall/wizard/os2/setup/xpnetHook.cpp:922 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3157) | xpinstall/wizard/os2/setup/xpnetHook.cpp:931 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3158) | xpinstall/wizard/os2/test/testxpi.c:39 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3159) | xpinstall/wizard/os2/test/testxpi.c:40 [1] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat. Risk is low because the source is a constant character.
|
| f3160) | xpinstall/wizard/os2/test/testxpi.c:41 [2] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat. Risk is low because the source is a constant string.
|
| f3161) | xpinstall/wizard/os2/test/testxpi.c:42 [2] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat. Risk is low because the source is a constant string.
|
| f3162) | xpinstall/wizard/os2/test/testxpi.c:54 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3163) | xpinstall/wizard/os2/test/testxpi.c:57 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3164) | xpinstall/wizard/os2/test/xpi.c:54 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3165) | xpinstall/wizard/os2/test/xpi.c:59 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3166) | xpinstall/wizard/os2/test/xpi.c:64 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3167) | xpinstall/wizard/os2/test/xpi.c:69 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3168) | xpinstall/wizard/os2/test/xpi.c:116 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3169) | xpinstall/wizard/os2/test/xpi.c:134 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3170) | xpinstall/wizard/os2/test/xpi.c:147 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3171) | xpinstall/wizard/os2/uninstall/extra.c:70 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3172) | xpinstall/wizard/os2/uninstall/extra.c:73 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3173) | xpinstall/wizard/os2/uninstall/extra.c:118 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3174) | xpinstall/wizard/os2/uninstall/extra.c:120 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3175) | xpinstall/wizard/os2/uninstall/extra.c:135 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3176) | xpinstall/wizard/os2/uninstall/extra.c:137 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3177) | xpinstall/wizard/os2/uninstall/extra.c:174 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3178) | xpinstall/wizard/os2/uninstall/extra.c:205 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3179) | xpinstall/wizard/os2/uninstall/extra.c:207 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3180) | xpinstall/wizard/os2/uninstall/extra.c:225 [2] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat. Risk is low because the source is a constant string.
|
| f3181) | xpinstall/wizard/os2/uninstall/extra.c:227 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3182) | xpinstall/wizard/os2/uninstall/extra.c:229 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3183) | xpinstall/wizard/os2/uninstall/extra.c:243 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3184) | xpinstall/wizard/os2/uninstall/ifuncns.c:104 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3185) | xpinstall/wizard/os2/uninstall/ifuncns.c:107 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3186) | xpinstall/wizard/os2/uninstall/ifuncns.c:125 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3187) | xpinstall/wizard/os2/uninstall/ifuncns.c:127 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3188) | xpinstall/wizard/os2/uninstall/ifuncns.c:130 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3189) | xpinstall/wizard/os2/uninstall/ifuncns.c:132 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3190) | xpinstall/wizard/os2/uninstall/ifuncns.c:165 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3191) | xpinstall/wizard/os2/uninstall/ifuncns.c:167 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3192) | xpinstall/wizard/os2/uninstall/ifuncns.c:187 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3193) | xpinstall/wizard/os2/uninstall/ifuncns.c:189 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3194) | xpinstall/wizard/os2/uninstall/ifuncns.c:192 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3195) | xpinstall/wizard/os2/uninstall/ifuncns.c:194 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3196) | xpinstall/wizard/os2/uninstall/ifuncns.c:265 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3197) | xpinstall/wizard/os2/uninstall/ifuncns.c:267 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3198) | xpinstall/wizard/os2/uninstall/ifuncns.c:299 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3199) | xpinstall/wizard/os2/uninstall/ifuncns.c:301 [1] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat. Risk is low because the source is a constant character.
|
| f3200) | xpinstall/wizard/os2/uninstall/ifuncns.c:310 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3201) | xpinstall/wizard/os2/uninstall/ifuncns.c:312 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3202) | xpinstall/wizard/os2/uninstall/ifuncns.c:364 [2] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy. Risk is low because the source is a constant string.
|
| f3203) | xpinstall/wizard/os2/uninstall/ifuncns.c:371 [2] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy. Risk is low because the source is a constant string.
|
| f3204) | xpinstall/wizard/os2/uninstall/ifuncns.c:378 [2] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy. Risk is low because the source is a constant string.
|
| f3205) | xpinstall/wizard/os2/uninstall/ifuncns.c:385 [2] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy. Risk is low because the source is a constant string.
|
| f3206) | xpinstall/wizard/os2/uninstall/ifuncns.c:392 [2] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy. Risk is low because the source is a constant string.
|
| f3207) | xpinstall/wizard/os2/uninstall/ifuncns.c:399 [2] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy. Risk is low because the source is a constant string.
|
| f3208) | xpinstall/wizard/os2/uninstall/ifuncns.c:406 [2] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy. Risk is low because the source is a constant string.
|
| f3209) | xpinstall/wizard/os2/uninstall/parser.c:55 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3210) | xpinstall/wizard/os2/uninstall/parser.c:57 [2] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat. Risk is low because the source is a constant string.
|
| f3211) | xpinstall/wizard/os2/uninstall/parser.c:94 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3212) | xpinstall/wizard/os2/uninstall/parser.c:96 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3213) | xpinstall/wizard/os2/uninstall/parser.c:122 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3214) | xpinstall/wizard/os2/uninstall/parser.c:199 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3215) | xpinstall/wizard/os2/uninstall/parser.c:201 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3216) | xpinstall/wizard/os2/uninstall/parser.c:246 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3217) | xpinstall/wizard/os2/uninstall/parser.c:247 [2] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat. Risk is low because the source is a constant string.
|
| f3218) | xpinstall/wizard/os2/uninstall/parser.c:251 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3219) | xpinstall/wizard/os2/uninstall/parser.c:272 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3220) | xpinstall/wizard/os2/uninstall/parser.c:273 [2] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat. Risk is low because the source is a constant string.
|
| f3221) | xpinstall/wizard/os2/uninstall/parser.c:277 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3222) | xpinstall/wizard/os2/uninstall/parser.c:293 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3223) | xpinstall/wizard/os2/uninstall/parser.c:304 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3224) | xpinstall/wizard/os2/uninstall/parser.c:335 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3225) | xpinstall/wizard/os2/uninstall/parser.c:345 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3226) | xpinstall/wizard/os2/uninstall/parser.c:441 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3227) | xpinstall/wizard/os2/uninstall/parser.c:447 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3228) | xpinstall/wizard/os2/uninstall/parser.c:511 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3229) | xpinstall/wizard/os2/uninstall/parser.c:653 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3230) | xpinstall/wizard/os2/uninstall/parser.c:654 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3231) | xpinstall/wizard/os2/uninstall/parser.c:655 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3232) | xpinstall/wizard/os2/uninstall/parser.c:660 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3233) | xpinstall/wizard/os2/uninstall/parser.c:661 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3234) | xpinstall/wizard/os2/uninstall/parser.c:665 [2] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat. Risk is low because the source is a constant string.
|
| f3235) | xpinstall/wizard/os2/uninstall/parser.c:666 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3236) | xpinstall/wizard/os2/uninstall/parser.c:668 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3237) | xpinstall/wizard/os2/uninstall/parser.c:685 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3238) | xpinstall/wizard/os2/uninstall/parser.c:696 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3239) | xpinstall/wizard/os2/uninstall/parser.c:698 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3240) | xpinstall/wizard/os2/uninstall/parser.c:700 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3241) | xpinstall/wizard/os2/uninstall/parser.c:704 [1] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat. Risk is low because the source is a constant character.
|
| f3242) | xpinstall/wizard/os2/uninstall/parser.c:705 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3243) | xpinstall/wizard/os2/uninstall/rdi.c:41 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3244) | xpinstall/wizard/os2/uninstall/rdi.c:51 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3245) | xpinstall/wizard/os2/uninstall/rdi.c:71 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3246) | xpinstall/wizard/os2/uninstall/rdi.c:75 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3247) | xpinstall/wizard/os2/uninstall/rdi.c:88 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3248) | xpinstall/wizard/os2/uninstall/rdi.c:114 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3249) | xpinstall/wizard/unix/src2/nsComponent.cpp:180 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3250) | xpinstall/wizard/unix/src2/nsComponentsDlg.cpp:150 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3251) | xpinstall/wizard/unix/src2/nsComponentsDlg.cpp:202 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3252) | xpinstall/wizard/unix/src2/nsComponentsDlg.cpp:226 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3253) | xpinstall/wizard/unix/src2/nsComponentsDlg.cpp:236 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3254) | xpinstall/wizard/unix/src2/nsINIParser.cpp:162 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3255) | xpinstall/wizard/unix/src2/nsINIParser.cpp:167 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3256) | xpinstall/wizard/unix/src2/nsInstallDlg.cpp:238 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3257) | xpinstall/wizard/unix/src2/nsInstallDlg.cpp:324 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3258) | xpinstall/wizard/unix/src2/nsInstallDlg.cpp:326 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3259) | xpinstall/wizard/unix/src2/nsInstallDlg.cpp:641 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3260) | xpinstall/wizard/unix/src2/nsInstallDlg.cpp:695 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3261) | xpinstall/wizard/unix/src2/nsInstallDlg.cpp:699 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3262) | xpinstall/wizard/unix/src2/nsInstallDlg.cpp:703 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3263) | xpinstall/wizard/unix/src2/nsInstallDlg.cpp:753 [2] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat. Risk is low because the source is a constant string.
|
| f3264) | xpinstall/wizard/unix/src2/nsInstallDlg.cpp:758 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3265) | xpinstall/wizard/unix/src2/nsInstallDlg.cpp:768 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3266) | xpinstall/wizard/unix/src2/nsInstallDlg.cpp:817 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3267) | xpinstall/wizard/unix/src2/nsInstallDlg.cpp:938 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3268) | xpinstall/wizard/unix/src2/nsInstallDlg.cpp:1456 [2] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat. Risk is low because the source is a constant string.
|
| f3269) | xpinstall/wizard/unix/src2/nsSetupTypeDlg.cpp:201 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3270) | xpinstall/wizard/unix/src2/nsSetupTypeDlg.cpp:249 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3271) | xpinstall/wizard/unix/src2/nsSetupTypeDlg.cpp:275 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3272) | xpinstall/wizard/unix/src2/nsSetupTypeDlg.cpp:667 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3273) | xpinstall/wizard/unix/src2/nsSetupTypeDlg.cpp:713 [4] (race) access: this usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition. Set up the correct permissions (e.g., using setuid()) and try to open the file directly.
|
| f3274) | xpinstall/wizard/unix/src2/nsSetupTypeDlg.cpp:715 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3275) | xpinstall/wizard/unix/src2/nsSetupTypeDlg.cpp:747 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3276) | xpinstall/wizard/unix/src2/nsSetupTypeDlg.cpp:933 [4] (tmpfile) system: this calls out to a new process and is difficult to use safely. try using a library call that implements the same functionality if available..
|
| f3277) | xpinstall/wizard/unix/src2/nsSetupTypeDlg.cpp:975 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3278) | xpinstall/wizard/unix/src2/nsSetupTypeDlg.cpp:979 [1] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat. Risk is low because the source is a constant character.
|
| f3279) | xpinstall/wizard/unix/src2/nsSetupTypeDlg.cpp:981 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3280) | xpinstall/wizard/unix/src2/nsSetupTypeDlg.cpp:1007 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3281) | xpinstall/wizard/unix/src2/nsSetupTypeDlg.cpp:1008 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3282) | xpinstall/wizard/unix/src2/nsSetupTypeDlg.cpp:1009 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3283) | xpinstall/wizard/unix/src2/nsXIContext.cpp:219 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3284) | xpinstall/wizard/unix/src2/nsXIEngine.cpp:62 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3285) | xpinstall/wizard/unix/src2/nsXIEngine.cpp:63 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3286) | xpinstall/wizard/unix/src2/nsXIEngine.cpp:64 [4] (tmpfile) system: this calls out to a new process and is difficult to use safely. try using a library call that implements the same functionality if available..
|
| f3287) | xpinstall/wizard/unix/src2/nsXIEngine.cpp:113 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3288) | xpinstall/wizard/unix/src2/nsXIEngine.cpp:178 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3289) | xpinstall/wizard/unix/src2/nsXIEngine.cpp:196 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3290) | xpinstall/wizard/unix/src2/nsXIEngine.cpp:203 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3291) | xpinstall/wizard/unix/src2/nsXIEngine.cpp:226 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3292) | xpinstall/wizard/unix/src2/nsXIEngine.cpp:238 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3293) | xpinstall/wizard/unix/src2/nsXIEngine.cpp:267 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3294) | xpinstall/wizard/unix/src2/nsXIEngine.cpp:286 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3295) | xpinstall/wizard/unix/src2/nsXIEngine.cpp:292 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3296) | xpinstall/wizard/unix/src2/nsXIEngine.cpp:489 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3297) | xpinstall/wizard/unix/src2/nsXIEngine.cpp:491 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3299) | xpinstall/wizard/unix/src2/nsXIEngine.cpp:539 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3300) | xpinstall/wizard/unix/src2/nsXIEngine.cpp:553 [3] (tmpfile) tempnam: temporary file race condition. .
|
| f3301) | xpinstall/wizard/unix/src2/nsXIEngine.cpp:591 [1] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source is a constant character.
|
| f3302) | xpinstall/wizard/unix/src2/nsXIEngine.cpp:625 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3303) | xpinstall/wizard/unix/src2/nsXIEngine.cpp:630 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3304) | xpinstall/wizard/unix/src2/nsXIEngine.cpp:688 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3305) | xpinstall/wizard/unix/src2/nsXIEngine.cpp:769 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3306) | xpinstall/wizard/unix/src2/nsXIEngine.cpp:800 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3307) | xpinstall/wizard/unix/src2/nsXIEngine.cpp:816 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3308) | xpinstall/wizard/unix/src2/nsXIEngine.cpp:1022 [1] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat. Risk is low because the source is a constant character.
|
| f3309) | xpinstall/wizard/unix/src2/nsXIEngine.cpp:1023 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3310) | xpinstall/wizard/unix/src2/nsXIEngine.cpp:1080 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3312) | xpinstall/wizard/unix/src2/nsXIEngine.cpp:1136 [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation. use a more secure technique for acquiring random values.
|
| f3313) | xpinstall/wizard/unix/src2/nsXInstaller.cpp:354 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3314) | xpinstall/wizard/unix/src2/nsXInstaller.cpp:393 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3315) | xpinstall/wizard/unix/src2/nsXInstaller.cpp:400 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3316) | xpinstall/wizard/unix/src2/nsXInstaller.cpp:401 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3317) | xpinstall/wizard/unix/src2/nsXInstaller.cpp:405 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3318) | xpinstall/wizard/unix/src2/nsXInstaller.cpp:408 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3319) | xpinstall/wizard/unix/src2/nsZipExtractor.cpp:65 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3320) | xpinstall/wizard/unix/src2/nsZipExtractor.cpp:116 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3321) | xpinstall/wizard/unix/src2/nsZipExtractor.cpp:130 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3322) | xpinstall/wizard/windows/ds32/ds32.cpp:226 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3323) | xpinstall/wizard/windows/ds32/ds32.cpp:482 [4] (race) access: this usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition. Set up the correct permissions (e.g., using setuid()) and try to open the file directly.
|
| f3328) | xpinstall/wizard/windows/ren8dot3/ren8dot3.c:41 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3329) | xpinstall/wizard/windows/setup/dialogs.c:420 [2] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy. Risk is low because the source is a constant string.
|
| f3330) | xpinstall/wizard/windows/setup/dialogs.c:2590 [2] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy. Risk is low because the source is a constant string.
|
| f3331) | xpinstall/wizard/windows/setup/dialogs.c:2592 [2] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy. Risk is low because the source is a constant string.
|
| f3332) | xpinstall/wizard/windows/setup/extra.c:3763 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3333) | xpinstall/wizard/windows/setup/extra.c:3764 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3334) | xpinstall/wizard/windows/setup/extra.c:3781 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3335) | xpinstall/wizard/windows/setup/extra.c:3782 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3336) | xpinstall/wizard/windows/setup/extra.c:3978 [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation. use a more secure technique for acquiring random values.
|
| f3337) | xpinstall/wizard/windows/setup/extra.c:6158 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3338) | xpinstall/wizard/windows/setup/ifuncns.c:1793 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3339) | xpinstall/wizard/windows/setup/ifuncns.c:1795 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3340) | xpinstall/wizard/windows/setup/xpnetHook.cpp:288 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3341) | xpinstall/wizard/windows/setup/xpnetHook.cpp:295 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3342) | xpinstall/wizard/windows/setup/xpnetHook.cpp:311 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3343) | xpinstall/wizard/windows/setup/xpnetHook.cpp:318 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3344) | content/base/src/nsDocumentViewer.cpp:216 [4] (format) fprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3345) | content/base/src/nsDocumentViewer.cpp:217 [4] (format) fprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3346) | content/base/src/nsDocumentViewer.cpp:218 [4] (format) fprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3347) | content/base/src/nsDocumentViewer.cpp:219 [4] (format) fprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3348) | content/base/src/nsDocumentViewer.cpp:220 [4] (format) fprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3349) | content/base/src/nsDocumentViewer.cpp:1892 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3350) | content/base/src/nsDocumentViewer.cpp:1896 [1] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat. Risk is low because the source is a constant character.
|
| f3351) | content/base/src/nsDocumentViewer.cpp:1899 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3352) | content/base/src/nsDocumentViewer.cpp:1900 [2] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat. Risk is low because the source is a constant string.
|
| f3353) | content/base/src/nsDocumentViewer.cpp:1914 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3354) | content/base/src/nsDocumentViewer.cpp:1915 [1] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat. Risk is low because the source is a constant character.
|
| f3355) | content/base/src/nsDocumentViewer.cpp:1916 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3356) | content/base/src/nsDocumentViewer.cpp:2069 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3357) | content/base/src/nsDocumentViewer.cpp:3644 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3358) | content/html/content/src/nsHTMLInputElement.cpp:2138 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3359) | content/html/content/src/nsHTMLInputElement.cpp:2140 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3360) | content/html/style/src/nsCSSParser.cpp:2509 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3361) | content/html/style/src/nsCSSParser.cpp:2516 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3362) | content/svg/content/src/nsSVGLength.cpp:286 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3363) | content/svg/content/src/nsSVGPathSeg.cpp:210 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3364) | content/svg/content/src/nsSVGPathSeg.cpp:319 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3365) | content/svg/content/src/nsSVGPathSeg.cpp:427 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3366) | content/svg/content/src/nsSVGPathSeg.cpp:536 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3367) | content/svg/content/src/nsSVGPathSeg.cpp:651 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3368) | content/svg/content/src/nsSVGPathSeg.cpp:823 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3369) | content/svg/content/src/nsSVGPathSeg.cpp:991 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3370) | content/svg/content/src/nsSVGPathSeg.cpp:1132 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3371) | content/svg/content/src/nsSVGPathSeg.cpp:1279 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3372) | content/svg/content/src/nsSVGPathSeg.cpp:1469 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3373) | content/svg/content/src/nsSVGPathSeg.cpp:1648 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3374) | content/svg/content/src/nsSVGPathSeg.cpp:1741 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3375) | content/svg/content/src/nsSVGPathSeg.cpp:1834 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3376) | content/svg/content/src/nsSVGPathSeg.cpp:1927 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3377) | content/svg/content/src/nsSVGPathSeg.cpp:2024 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3378) | content/svg/content/src/nsSVGPathSeg.cpp:2164 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3379) | content/svg/content/src/nsSVGPathSeg.cpp:2301 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3380) | content/svg/content/src/nsSVGPathSeg.cpp:2409 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3381) | content/svg/content/src/nsSVGPointList.cpp:230 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3382) | content/svg/content/src/nsSVGTransform.cpp:151 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3383) | content/svg/content/src/nsSVGTransform.cpp:153 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3384) | content/svg/content/src/nsSVGTransform.cpp:159 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3385) | content/svg/content/src/nsSVGTransform.cpp:161 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3386) | content/svg/content/src/nsSVGTransform.cpp:170 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3387) | content/svg/content/src/nsSVGTransform.cpp:172 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3388) | content/svg/content/src/nsSVGTransform.cpp:179 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3389) | content/svg/content/src/nsSVGTransform.cpp:186 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3390) | gfx/src/nsNameValuePairDB.cpp:53 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3391) | gfx/src/nsPrintOptionsImpl.cpp:1109 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3392) | gfx/src/beos/nsDeviceContextSpecB.cpp:295 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3393) | gfx/src/beos/nsDeviceContextSpecB.cpp:296 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3394) | gfx/src/beos/nsDeviceContextSpecB.cpp:299 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3395) | gfx/src/beos/nsDeviceContextSpecB.cpp:310 [2] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy. Risk is low because the source is a constant string.
|
| f3396) | gfx/src/beos/nsDeviceContextSpecB.cpp:312 [2] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy. Risk is low because the source is a constant string.
|
| f3397) | gfx/src/beos/nsDeviceContextSpecB.cpp:332 [2] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy. Risk is low because the source is a constant string.
|
| f3398) | gfx/src/beos/nsDeviceContextSpecB.cpp:335 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3399) | gfx/src/beos/nsFontMetricsBeOS.cpp:173 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3400) | gfx/src/gtk/nsDeviceContextSpecG.cpp:408 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3401) | gfx/src/gtk/nsDeviceContextSpecG.cpp:410 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3402) | gfx/src/gtk/nsDeviceContextSpecG.cpp:412 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3403) | gfx/src/gtk/nsDeviceContextSpecG.cpp:414 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3404) | gfx/src/gtk/nsFontMetricsGTK.cpp:3745 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3405) | gfx/src/gtk/nsFontMetricsGTK.cpp:3872 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3406) | gfx/src/gtk/nsFontMetricsGTK.h:84 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3407) | gfx/src/gtk/nsFontMetricsGTK.h:112 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3408) | gfx/src/gtk/nsPrintdGTK.c:94 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3409) | gfx/src/gtk/nsPrintdGTK.c:96 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3410) | gfx/src/gtk/nsPrintdGTK.c:142 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3411) | gfx/src/mac/nsCoreGraphicsGlue.cpp:99 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3412) | gfx/src/mac/nsUnicodeMappingUtil.cpp:335 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3413) | gfx/src/mac/nsUnicodeMappingUtil.cpp:397 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3414) | gfx/src/os2/nsDeviceContextSpecOS2.cpp:374 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3415) | gfx/src/os2/nsDeviceContextSpecOS2.cpp:377 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3416) | gfx/src/os2/nsDeviceContextSpecOS2.cpp:662 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3417) | gfx/src/os2/nsDeviceContextSpecOS2.cpp:663 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3418) | gfx/src/os2/nsDeviceContextSpecOS2.cpp:664 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3419) | gfx/src/os2/nsDeviceContextSpecOS2.cpp:682 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3420) | gfx/src/os2/nsDeviceContextSpecOS2.cpp:683 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3421) | gfx/src/os2/nsDeviceContextSpecOS2.cpp:687 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3422) | gfx/src/os2/nsDeviceContextSpecOS2.cpp:697 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3423) | gfx/src/os2/nsDeviceContextSpecOS2.cpp:701 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3424) | gfx/src/os2/nsDeviceContextSpecOS2.cpp:897 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3425) | gfx/src/os2/nsGfxDefs.cpp:32 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3426) | gfx/src/os2/nsGfxDefs.cpp:35 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3427) | gfx/src/os2/nsGfxDefs.cpp:131 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3429) | gfx/src/photon/nsFontMetricsPh.cpp:175 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3431) | gfx/src/ps/nsAFMObject.cpp:770 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3432) | gfx/src/ps/nsAFMObject.cpp:787 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3433) | gfx/src/ps/nsPostScriptObj.cpp:376 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3434) | gfx/src/ps/nsPostScriptObj.cpp:385 [2] (tmpfile) tmpfile: tmpfile() has a security flaw on some systems (e.g., older System V systems). .
|
| f3435) | gfx/src/ps/nsPostScriptObj.cpp:391 [3] (tmpfile) tempnam: temporary file race condition. .
|
| f3436) | gfx/src/ps/nsPostScriptObj.cpp:2087 [4] (tmpfile) system: this calls out to a new process and is difficult to use safely. try using a library call that implements the same functionality if available..
|
| f3437) | gfx/src/ps/nsPostScriptObj.cpp:2102 [4] (tmpfile) popen: this calls out to a new process and is difficult to use safely. try using a library call that implements the same functionality if available..
|
| f3438) | gfx/src/qt/nsDeviceContextSpecQT.cpp:228 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3439) | gfx/src/qt/nsDeviceContextSpecQT.cpp:229 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3440) | gfx/src/qt/nsDeviceContextSpecQT.cpp:236 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3441) | gfx/src/qt/nsDeviceContextSpecQT.cpp:240 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3442) | gfx/src/qt/nsDeviceContextSpecQT.cpp:257 [2] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy. Risk is low because the source is a constant string.
|
| f3443) | gfx/src/qt/nsDeviceContextSpecQT.cpp:259 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3445) | gfx/src/windows/nsDeviceContextSpecWin.cpp:1024 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3446) | gfx/src/windows/nsFontMetricsWin.cpp:2043 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3447) | gfx/src/windows/nsFontMetricsWin.cpp:3622 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3448) | gfx/src/x11shared/nsFT2FontCatalog.cpp:292 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3449) | gfx/src/x11shared/nsFT2FontCatalog.cpp:983 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3450) | gfx/src/x11shared/nsFT2FontCatalog.cpp:1032 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3451) | gfx/src/x11shared/nsFT2FontCatalog.cpp:1042 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3452) | gfx/src/x11shared/nsFT2FontCatalog.cpp:1328 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3453) | gfx/src/x11shared/nsFT2FontCatalog.cpp:1340 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3454) | gfx/src/x11shared/nsFT2FontCatalog.cpp:2306 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3455) | gfx/src/x11shared/nsFT2FontCatalog.cpp:2311 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3456) | gfx/src/x11shared/nsFT2FontCatalog.cpp:2314 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3457) | gfx/src/x11shared/nsFT2FontCatalog.cpp:2317 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3458) | gfx/src/x11shared/nsFT2FontCatalog.cpp:2320 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3459) | gfx/src/x11shared/nsFT2FontCatalog.cpp:2322 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3460) | gfx/src/x11shared/nsFT2FontCatalog.cpp:2325 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3461) | gfx/src/x11shared/nsFT2FontCatalog.cpp:2327 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3462) | gfx/src/x11shared/nsFT2FontCatalog.cpp:2329 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3463) | gfx/src/x11shared/nsFT2FontCatalog.cpp:2331 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3464) | gfx/src/x11shared/nsFT2FontCatalog.cpp:2333 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3465) | gfx/src/x11shared/nsFT2FontCatalog.cpp:2335 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3466) | gfx/src/x11shared/nsFT2FontCatalog.cpp:2337 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3467) | gfx/src/x11shared/nsFT2FontCatalog.cpp:2339 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3468) | gfx/src/x11shared/nsFT2FontCatalog.cpp:2344 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3469) | gfx/src/x11shared/nsFT2FontCatalog.cpp:2366 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3470) | gfx/src/x11shared/nsFT2FontCatalog.cpp:2392 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3471) | gfx/src/x11shared/nsFT2FontCatalog.cpp:2395 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3472) | gfx/src/x11shared/nsFT2FontCatalog.cpp:2469 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3473) | gfx/src/x11shared/nsX11AlphaBlend.cpp:55 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3474) | gfx/src/xlib/nsDeviceContextSpecXlib.cpp:408 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3475) | gfx/src/xlib/nsDeviceContextSpecXlib.cpp:410 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3476) | gfx/src/xlib/nsDeviceContextSpecXlib.cpp:412 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3477) | gfx/src/xlib/nsDeviceContextSpecXlib.cpp:414 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3478) | gfx/src/xlib/nsFontMetricsXlib.cpp:4053 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3479) | gfx/src/xlib/nsFontMetricsXlib.cpp:4214 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3480) | gfx/src/xlib/nsFontMetricsXlib.h:135 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3481) | gfx/src/xlib/nsFontMetricsXlib.h:163 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3483) | gfx/src/xlibrgb/xlibrgb.c:569 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3484) | gfx/src/xlibrgb/xlibrgb.c:598 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3490) | gfx/src/xprint/xprintutil.c:267 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3491) | gfx/src/xprint/xprintutil.c:281 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3492) | gfx/src/xprint/xprintutil.c:533 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3493) | gfx/src/xprint/xprintutil.c:683 [4] (buffer) sscanf: the scanf() family's %s operation, without a limit specification, permits buffer overflows. Specify a limit to %s, or use a different input function.
|
| f3494) | gfx/src/xprint/xprintutil.c:812 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3496) | htmlparser/robot/nsDebugRobot.cpp:290 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3497) | htmlparser/src/COtherElements.h:2386 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3498) | htmlparser/src/COtherElements.h:2466 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3499) | htmlparser/src/SelfTest.cpp:125 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3500) | htmlparser/src/SelfTest.cpp:126 [2] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat. Risk is low because the source is a constant string.
|
| f3501) | htmlparser/src/SelfTest.cpp:165 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3502) | htmlparser/src/SelfTest.cpp:166 [2] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat. Risk is low because the source is a constant string.
|
| f3503) | htmlparser/src/SelfTest.cpp:177 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3504) | htmlparser/src/SelfTest.cpp:178 [1] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat. Risk is low because the source is a constant character.
|
| f3505) | htmlparser/src/SelfTest.cpp:179 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3506) | htmlparser/src/SelfTest.cpp:188 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3507) | htmlparser/src/SelfTest.cpp:189 [1] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat. Risk is low because the source is a constant character.
|
| f3508) | htmlparser/src/SelfTest.cpp:190 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3509) | htmlparser/src/SelfTest.cpp:216 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3510) | htmlparser/src/nsDTDUtils.cpp:730 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3511) | htmlparser/src/nsViewSourceHTML.cpp:491 [4] (format) fprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3512) | htmlparser/src/nsViewSourceHTML.cpp:947 [4] (format) fprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3513) | htmlparser/src/nsViewSourceHTML.cpp:961 [4] (format) fprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3514) | htmlparser/src/nsViewSourceHTML.cpp:977 [4] (format) fprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3515) | htmlparser/src/nsViewSourceHTML.cpp:1005 [4] (format) fprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3560) | layout/html/base/src/nsFrame.cpp:4567 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3561) | layout/html/base/src/nsFrame.cpp:4568 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3562) | layout/html/base/src/nsFrame.cpp:4966 [2] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy. Risk is low because the source is a constant string.
|
| f3563) | layout/html/base/src/nsFrame.cpp:4971 [2] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy. Risk is low because the source is a constant string.
|
| f3564) | layout/html/base/src/nsFrame.cpp:4974 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3566) | layout/html/base/src/nsPageFrame.cpp:91 [4] (format) fprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3567) | layout/html/base/src/nsPageFrame.cpp:92 [4] (format) fprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3568) | layout/html/base/src/nsPageFrame.cpp:93 [4] (format) fprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3569) | layout/html/base/src/nsPageFrame.cpp:94 [4] (format) fprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3570) | layout/html/base/src/nsPageFrame.cpp:95 [4] (format) fprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3571) | layout/html/base/src/nsPageFrame.cpp:596 [2] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy. Risk is low because the source is a constant string.
|
| f3572) | layout/html/base/src/nsPageFrame.cpp:597 [2] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy. Risk is low because the source is a constant string.
|
| f3573) | layout/html/base/src/nsPageFrame.cpp:598 [2] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy. Risk is low because the source is a constant string.
|
| f3574) | layout/html/base/src/nsPresShell.cpp:7565 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3575) | layout/html/base/src/nsPresShell.cpp:7593 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3576) | layout/html/base/src/nsPresShell.cpp:7604 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3577) | layout/html/base/src/nsPresShell.cpp:7733 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3578) | layout/html/base/src/nsPresShell.cpp:7851 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3579) | layout/html/base/src/nsPresShell.cpp:7856 [2] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat. Risk is low because the source is a constant string.
|
| f3580) | layout/html/base/src/nsSimplePageSequence.cpp:94 [4] (format) fprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3581) | layout/html/base/src/nsSimplePageSequence.cpp:95 [4] (format) fprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3582) | layout/html/base/src/nsSimplePageSequence.cpp:96 [4] (format) fprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3583) | layout/html/base/src/nsSimplePageSequence.cpp:97 [4] (format) fprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3584) | layout/html/base/src/nsSimplePageSequence.cpp:98 [4] (format) fprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3585) | layout/html/forms/src/nsComboboxControlFrame.cpp:220 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3586) | layout/html/forms/src/nsComboboxControlFrame.cpp:221 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3587) | layout/html/forms/src/nsComboboxControlFrame.cpp:222 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3588) | layout/html/forms/src/nsComboboxControlFrame.cpp:223 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3589) | layout/html/forms/src/nsComboboxControlFrame.cpp:244 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3590) | layout/html/forms/src/nsComboboxControlFrame.cpp:245 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3591) | layout/html/forms/src/nsComboboxControlFrame.cpp:246 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3592) | layout/html/forms/src/nsComboboxControlFrame.cpp:247 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3593) | layout/html/forms/src/nsFormControlFrame.cpp:88 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3594) | layout/html/forms/src/nsFormControlFrame.cpp:89 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3595) | layout/html/forms/src/nsFormControlFrame.cpp:90 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3596) | layout/html/forms/src/nsFormControlFrame.cpp:91 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3597) | layout/html/forms/src/nsFormControlFrame.cpp:93 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3598) | layout/html/forms/src/nsFormControlFrame.cpp:94 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3599) | layout/html/forms/src/nsFormControlFrame.cpp:95 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3600) | layout/html/forms/src/nsFormControlFrame.cpp:96 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3601) | layout/html/forms/src/nsListControlFrame.cpp:170 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3602) | layout/html/forms/src/nsListControlFrame.cpp:171 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3603) | layout/html/forms/src/nsListControlFrame.cpp:172 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3604) | layout/html/forms/src/nsListControlFrame.cpp:173 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3605) | layout/html/forms/src/nsListControlFrame.cpp:194 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3606) | layout/html/forms/src/nsListControlFrame.cpp:195 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3607) | layout/html/forms/src/nsListControlFrame.cpp:196 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3608) | layout/html/forms/src/nsListControlFrame.cpp:197 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3609) | layout/html/table/src/nsTableFrame.cpp:7223 [2] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy. Risk is low because the source is a constant string.
|
| f3610) | layout/html/table/src/nsTableFrame.cpp:7225 [2] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy. Risk is low because the source is a constant string.
|
| f3611) | layout/html/table/src/nsTableFrame.cpp:7229 [2] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy. Risk is low because the source is a constant string.
|
| f3612) | layout/html/table/src/nsTableFrame.cpp:7231 [2] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy. Risk is low because the source is a constant string.
|
| f3613) | layout/html/table/src/nsTableFrame.cpp:7233 [2] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy. Risk is low because the source is a constant string.
|
| f3614) | layout/html/table/src/nsTableFrame.cpp:7235 [2] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy. Risk is low because the source is a constant string.
|
| f3615) | layout/html/table/src/nsTableFrame.cpp:7251 [2] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy. Risk is low because the source is a constant string.
|
| f3616) | layout/html/table/src/nsTableFrame.cpp:7254 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3617) | layout/svg/base/src/nsSVGGenericContainerFrame.cpp:276 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3618) | layout/svg/base/src/nsSVGRenderingContext.cpp:167 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3619) | layout/xul/base/src/nsBox.cpp:103 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3620) | layout/xul/base/src/nsBoxFrame.cpp:2475 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3621) | layout/xul/base/src/nsBoxFrame.cpp:2477 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3622) | layout/xul/base/src/nsBoxFrame.cpp:2480 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3623) | layout/xul/base/src/nsBoxFrame.cpp:2482 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3624) | layout/xul/base/src/nsBoxFrame.cpp:2485 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3625) | layout/xul/base/src/nsBoxFrame.cpp:2494 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3626) | layout/xul/base/src/nsBoxFrame.cpp:2496 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3627) | layout/xul/base/src/nsMenuBarListener.cpp:280 [4] (race) access: this usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition. Set up the correct permissions (e.g., using setuid()) and try to open the file directly.
|
| f3628) | layout/xul/base/src/nsMenuBarListener.cpp:284 [4] (race) access: this usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition. Set up the correct permissions (e.g., using setuid()) and try to open the file directly.
|
| f3629) | layout/xul/base/src/nsMenuBarListener.cpp:285 [4] (race) access: this usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition. Set up the correct permissions (e.g., using setuid()) and try to open the file directly.
|
| f3630) | layout/xul/base/src/nsMenuBarListener.cpp:287 [4] (race) access: this usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition. Set up the correct permissions (e.g., using setuid()) and try to open the file directly.
|
| f3631) | layout/xul/base/src/nsMenuBarListener.cpp:288 [4] (race) access: this usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition. Set up the correct permissions (e.g., using setuid()) and try to open the file directly.
|
| f3632) | layout/xul/base/src/nsMenuBarListener.cpp:290 [4] (race) access: this usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition. Set up the correct permissions (e.g., using setuid()) and try to open the file directly.
|
| f3633) | layout/xul/base/src/nsMenuBarListener.cpp:291 [4] (race) access: this usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition. Set up the correct permissions (e.g., using setuid()) and try to open the file directly.
|
| f3634) | layout/xul/base/src/nsMenuListener.cpp:120 [4] (race) access: this usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition. Set up the correct permissions (e.g., using setuid()) and try to open the file directly.
|
| f3635) | layout/xul/base/src/nsMenuListener.cpp:125 [4] (race) access: this usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition. Set up the correct permissions (e.g., using setuid()) and try to open the file directly.
|
| f3636) | layout/xul/base/src/nsMenuListener.cpp:128 [4] (race) access: this usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition. Set up the correct permissions (e.g., using setuid()) and try to open the file directly.
|
| f3637) | layout/xul/base/src/nsMenuListener.cpp:131 [4] (race) access: this usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition. Set up the correct permissions (e.g., using setuid()) and try to open the file directly.
|
| f3638) | layout/xul/base/src/nsMenuListener.cpp:134 [4] (race) access: this usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition. Set up the correct permissions (e.g., using setuid()) and try to open the file directly.
|
| f3639) | layout/xul/base/src/nsMenuListener.cpp:140 [4] (race) access: this usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition. Set up the correct permissions (e.g., using setuid()) and try to open the file directly.
|
| f3640) | layout/xul/base/src/nsScrollbarButtonFrame.cpp:201 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3641) | layout/xul/base/src/nsSliderFrame.cpp:271 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3642) | layout/xul/base/src/nsSliderFrame.cpp:878 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3643) | layout/xul/base/src/nsSliderFrame.cpp:886 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3644) | layout/xul/base/src/nsSplitterFrame.cpp:1225 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3667) | widget/src/beos/nsToolkit.cpp:112 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3668) | widget/src/beos/nsToolkit.cpp:113 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3669) | widget/src/beos/nsToolkit.cpp:262 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3670) | widget/src/beos/nsToolkit.cpp:263 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3671) | widget/src/gtk/nsGtkIMEHelper.cpp:1164 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3672) | widget/src/gtk/nsWindow.cpp:3577 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3673) | widget/src/cocoa/nsMimeMapper.cpp:195 [4] (buffer) sscanf: the scanf() family's %s operation, without a limit specification, permits buffer overflows. Specify a limit to %s, or use a different input function.
|
| f3674) | widget/src/cocoa/nsMimeMapper.cpp:263 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3675) | widget/src/cocoa/nsMimeMapper.cpp:264 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3676) | widget/src/mac/nsMimeMapper.cpp:196 [4] (buffer) sscanf: the scanf() family's %s operation, without a limit specification, permits buffer overflows. Specify a limit to %s, or use a different input function.
|
| f3677) | widget/src/mac/nsMimeMapper.cpp:264 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3678) | widget/src/mac/nsMimeMapper.cpp:265 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3679) | widget/src/mac/nsNativeScrollbar.cpp:245 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3680) | widget/src/os2/nsDragService.cpp:290 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3681) | widget/src/os2/nsDragService.cpp:296 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3682) | widget/src/os2/nsDragService.cpp:341 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3683) | widget/src/os2/nsDragService.cpp:366 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3684) | widget/src/os2/nsFilePicker.cpp:223 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3685) | widget/src/os2/nsWindow.cpp:1392 [4] (buffer) sscanf: the scanf() family's %s operation, without a limit specification, permits buffer overflows. Specify a limit to %s, or use a different input function.
|
| f3686) | widget/src/os2/nsWindow.cpp:1432 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3687) | widget/src/photon/nsClipboard.cpp:488 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3688) | widget/src/photon/nsClipboard.cpp:490 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3689) | widget/src/photon/nsClipboard.cpp:492 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3690) | widget/src/photon/nsDragService.cpp:137 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3691) | widget/src/photon/nsDragService.cpp:209 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3692) | widget/src/photon/nsWidget.cpp:2195 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3693) | widget/src/photon/nsWidget.cpp:2234 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3694) | widget/src/windows/nsBidiKeyboard.cpp:139 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3695) | widget/src/windows/nsBidiKeyboard.cpp:143 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3696) | widget/src/windows/nsDataObj.cpp:61 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3697) | widget/src/windows/nsDataObj.cpp:62 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3698) | widget/src/windows/nsDataObj.cpp:63 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3699) | widget/src/windows/nsDataObj.cpp:506 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3700) | widget/src/windows/nsDataObj.cpp:899 [2] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy. Risk is low because the source is a constant string.
|
| f3701) | widget/src/windows/nsDataObj.cpp:909 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3702) | widget/src/windows/nsDataObj.cpp:910 [2] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat. Risk is low because the source is a constant string.
|
| f3703) | widget/src/windows/nsDataObj.cpp:912 [2] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat. Risk is low because the source is a constant string.
|
| f3704) | widget/src/windows/nsDataObjCollection.cpp:49 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3705) | widget/src/windows/nsDataObjCollection.cpp:50 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3706) | widget/src/windows/nsDataObjCollection.cpp:51 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3707) | widget/src/windows/nsWindow.cpp:6159 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3708) | widget/src/xpwidgets/nsBaseWidget.cpp:893 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3709) | widget/src/xremoteclient/XRemoteClient.cpp:339 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3710) | widget/src/xremoteclient/XRemoteClient.cpp:340 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3711) | expat/xmlwf/xmltchar.h:27 [4] (format) fprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3712) | expat/xmlwf/xmltchar.h:32 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3713) | expat/xmlwf/xmltchar.h:33 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3714) | xpfe/bootstrap/nsNativeAppSupportOS2.cpp:481 [2] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat. Risk is low because the source is a constant string.
|
| f3715) | xpfe/bootstrap/nsNativeAppSupportOS2.cpp:788 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3716) | xpfe/bootstrap/nsNativeAppSupportOS2.cpp:808 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3717) | xpfe/bootstrap/nsNativeAppSupportOS2.cpp:916 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3718) | xpfe/bootstrap/nsNativeAppSupportOS2.cpp:993 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3719) | xpfe/bootstrap/nsNativeAppSupportOS2.cpp:1122 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf.
|
| f3720) | xpfe/bootstrap/nsNativeAppSupportOS2.cpp:1707 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3723) | xpfe/bootstrap/nsNativeAppSupportPh.cpp:139 [2] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat. Risk is low because the source is a constant string.
|
| f3724) | xpfe/bootstrap/nsNativeAppSupportWin.cpp:460 [2] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat. Risk is low because the source is a constant string.
|
| f3726) | xpfe/bootstrap/nsNativeAppSupportWin.cpp:1727 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3727) | mailnews/addrbook/src/nsAddrDatabase.cpp:484 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3728) | mailnews/base/search/src/nsMsgSearchAdapter.cpp:195 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3730) | mailnews/base/util/nsMsgUtf7Utils.cpp:172 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3731) | mailnews/compose/src/nsMsgAppleCodes.h:77 [4] (race) access: this usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition. Set up the correct permissions (e.g., using setuid()) and try to open the file directly.
|
| f3732) | mailnews/compose/src/nsMsgAppleEncode.cpp:150 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3733) | mailnews/compose/src/nsMsgAppleEncode.cpp:256 [4] (race) access: this usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition. Set up the correct permissions (e.g., using setuid()) and try to open the file directly.
|
| f3734) | mailnews/compose/src/nsMsgAppleEncode.cpp:315 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3735) | mailnews/compose/src/nsMsgCompUtils.cpp:693 [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation. use a more secure technique for acquiring random values.
|
| f3736) | mailnews/compose/src/nsMsgCompUtils.cpp:1656 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3737) | mailnews/compose/src/nsMsgComposeService.cpp:478 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3738) | mailnews/compose/src/nsMsgSend.cpp:131 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3739) | mailnews/compose/src/nsMsgSend.cpp:142 [2] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat. Risk is low because the source is a constant string.
|
| f3740) | mailnews/compose/src/nsMsgSend.cpp:143 [4] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat.
|
| f3741) | mailnews/db/msgdb/src/nsMsgDatabase.cpp:894 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3742) | mailnews/extensions/smime/src/nsMsgComposeSecure.cpp:162 [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation. use a more secure technique for acquiring random values.
|
| f3743) | mailnews/imap/src/nsIMAPNamespace.cpp:426 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3744) | mailnews/imap/src/nsImapMailFolder.cpp:6402 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3745) | mailnews/imap/src/nsImapMailFolder.cpp:6403 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3746) | mailnews/imap/src/nsImapProtocol.cpp:1685 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3747) | mailnews/imap/src/nsImapProtocol.cpp:2916 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3748) | mailnews/imap/src/nsImapProtocol.cpp:4688 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3749) | mailnews/imap/src/nsImapProtocol.cpp:7187 [4] (race) access: this usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition. Set up the correct permissions (e.g., using setuid()) and try to open the file directly.
|
| f3750) | mailnews/imap/src/nsImapProtocol.cpp:7201 [4] (race) access: this usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition. Set up the correct permissions (e.g., using setuid()) and try to open the file directly.
|
| f3751) | mailnews/imap/src/nsImapProtocol.cpp:7208 [4] (race) access: this usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition. Set up the correct permissions (e.g., using setuid()) and try to open the file directly.
|
| f3753) | mailnews/imap/src/nsImapProtocol.cpp:7218 [4] (race) access: this usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition. Set up the correct permissions (e.g., using setuid()) and try to open the file directly.
|
| f3755) | mailnews/imap/src/nsImapProtocol.cpp:7246 [4] (race) access: this usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition. Set up the correct permissions (e.g., using setuid()) and try to open the file directly.
|
| f3756) | mailnews/imap/src/nsImapServerResponseParser.cpp:1168 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3757) | mailnews/imap/src/nsImapService.cpp:2624 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3758) | mailnews/imap/src/nsImapService.cpp:2640 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3759) | mailnews/imap/src/nsImapService.cpp:2658 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3760) | mailnews/imap/src/nsImapService.cpp:2674 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3761) | mailnews/imap/src/nsImapService.cpp:2687 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3762) | mailnews/imap/src/nsImapService.cpp:2699 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3763) | mailnews/imap/src/nsImapService.cpp:2713 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3764) | mailnews/imap/src/nsImapService.cpp:2735 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3765) | mailnews/imap/src/nsImapService.cpp:2742 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3766) | mailnews/imap/src/nsImapService.cpp:2747 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3767) | mailnews/imap/src/nsImapService.cpp:2770 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3768) | mailnews/imap/src/nsImapService.cpp:2792 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3769) | mailnews/imap/src/nsImapService.cpp:2812 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3770) | mailnews/imap/src/nsImapService.cpp:2836 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3771) | mailnews/imap/src/nsImapService.cpp:2856 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3772) | mailnews/imap/src/nsImapService.cpp:2875 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3773) | mailnews/imap/src/nsImapService.cpp:2894 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3774) | mailnews/imap/src/nsImapService.cpp:2910 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3775) | mailnews/imap/src/nsImapService.cpp:2931 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3776) | mailnews/imap/src/nsImapService.cpp:2952 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3777) | mailnews/imap/src/nsImapService.cpp:2970 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3778) | mailnews/imap/src/nsImapService.cpp:2996 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3779) | mailnews/imap/src/nsImapService.cpp:3028 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3780) | mailnews/imap/src/nsImapService.cpp:3053 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3781) | mailnews/imap/src/nsImapService.cpp:3080 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3782) | mailnews/imap/src/nsImapService.cpp:3094 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3783) | mailnews/imap/src/nsImapService.cpp:3110 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3784) | mailnews/imap/src/nsImapService.cpp:3125 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3785) | mailnews/imap/src/nsImapService.cpp:3149 [4] (format) sprintf: Potential format string problem. Make format string constant.
|
| f3786) | mailnews/import/comm4x/src/Comm4xMailDebugLog.h:48 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3787) | mailnews/import/comm4x/src/Comm4xMailDebugLog.h:49 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3788) | mailnews/import/comm4x/src/Comm4xMailDebugLog.h:50 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3789) | mailnews/import/comm4x/src/Comm4xMailDebugLog.h:51 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3790) | mailnews/import/eudora/src/EudoraDebugLog.h:29 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3791) | mailnews/import/eudora/src/EudoraDebugLog.h:30 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3792) | mailnews/import/eudora/src/EudoraDebugLog.h:31 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3793) | mailnews/import/eudora/src/EudoraDebugLog.h:32 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3794) | mailnews/import/oexpress/OEDebugLog.h:50 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3795) | mailnews/import/oexpress/OEDebugLog.h:51 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3796) | mailnews/import/oexpress/OEDebugLog.h:52 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3797) | mailnews/import/oexpress/OEDebugLog.h:53 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3798) | mailnews/import/outlook/src/MapiDbgLog.h:51 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3799) | mailnews/import/outlook/src/MapiDbgLog.h:52 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3800) | mailnews/import/outlook/src/MapiDbgLog.h:53 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3801) | mailnews/import/outlook/src/MapiDbgLog.h:54 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3802) | mailnews/import/outlook/src/MapiDbgLog.h:55 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3803) | mailnews/import/outlook/src/MapiMessage.cpp:604 [2] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy. Risk is low because the source is a constant string.
|
| f3804) | mailnews/import/outlook/src/MapiMessage.cpp:608 [1] (buffer) strcat: does not check for buffer overflows. Consider using strncat or strlcat. Risk is low because the source is a constant character.
|
| f3805) | mailnews/import/outlook/src/OutlookDebugLog.h:48 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3806) | mailnews/import/outlook/src/OutlookDebugLog.h:49 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3807) | mailnews/import/outlook/src/OutlookDebugLog.h:50 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3808) | mailnews/import/outlook/src/OutlookDebugLog.h:51 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3809) | mailnews/import/src/ImportDebug.h:48 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3810) | mailnews/import/src/ImportDebug.h:49 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3811) | mailnews/import/src/ImportDebug.h:50 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3812) | mailnews/import/src/ImportDebug.h:51 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3813) | mailnews/import/text/src/TextDebugLog.h:29 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3814) | mailnews/import/text/src/TextDebugLog.h:30 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3815) | mailnews/import/text/src/TextDebugLog.h:31 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3816) | mailnews/import/text/src/TextDebugLog.h:32 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3817) | mailnews/local/src/nsLocalMailFolder.cpp:2243 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3822) | mailnews/mapi/old/lib/nsstrseq.cpp:119 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3823) | mailnews/mapi/old/mapi32/mapi32.cpp:924 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3824) | mailnews/mapi/old/mapi32/mapi32.cpp:963 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3825) | mailnews/mapi/old/mapi32/mapi32.cpp:1049 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3826) | mailnews/mapi/old/mapi32/mapi32.cpp:2079 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3829) | mailnews/mapi/old/mapi32/mapiutl.cpp:158 [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation. use a more secure technique for acquiring random values.
|
| f3834) | mailnews/mapi/old/mapi32/xpapi.cpp:78 [4] (race) access: this usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition. Set up the correct permissions (e.g., using setuid()) and try to open the file directly.
|
| f3835) | mailnews/mapi/old/mapi32/xpapi.cpp:82 [4] (race) access: this usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition. Set up the correct permissions (e.g., using setuid()) and try to open the file directly.
|
| f3836) | mailnews/mapi/old/mapi32/xpapi.h:127 [4] (race) access: this usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition. Set up the correct permissions (e.g., using setuid()) and try to open the file directly.
|
| f3856) | mailnews/mime/cthandlers/vcard/nsVCardObj.cpp:1298 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3857) | mailnews/mime/cthandlers/vcard/nsVCardObj.cpp:1304 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3858) | mailnews/mime/emitters/src/nsMimeXmlEmitter.cpp:74 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3859) | mailnews/mime/emitters/src/nsMimeXmlEmitter.cpp:195 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
|
| f3860) | mailnews/mime/src/comi18n.cpp:310 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3861) | mailnews/mime/src/comi18n.cpp:408 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3862) | mailnews/mime/src/comi18n.cpp:417 [2] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy. Risk is low because the source is a constant string.
|
| f3863) | mailnews/mime/src/comi18n.cpp:428 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3864) | mailnews/mime/src/comi18n.cpp:477 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3865) | mailnews/mime/src/comi18n.cpp:489 [2] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy. Risk is low because the source is a constant string.
|
| f3866) | mailnews/mime/src/comi18n.cpp:494 [2] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy. Risk is low because the source is a constant string.
|
| f3867) | mailnews/mime/src/mimefilt.cpp:173 [4] (format) fprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3878) | mailnews/mime/src/mimemoz2.cpp:1107 [4] (race) access: this usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition. Set up the correct permissions (e.g., using setuid()) and try to open the file directly.
|
| f3879) | mailnews/mime/src/mimemoz2.cpp:1110 [4] (race) access: this usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition. Set up the correct permissions (e.g., using setuid()) and try to open the file directly.
|
| f3880) | mailnews/mime/src/mimemoz2.cpp:1112 [4] (race) access: this usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition. Set up the correct permissions (e.g., using setuid()) and try to open the file directly.
|
| f3881) | mailnews/mime/src/mimemoz2.cpp:1115 [4] (race) access: this usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition. Set up the correct permissions (e.g., using setuid()) and try to open the file directly.
|
| f3883) | mailnews/movemail/src/movemail.c:104 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3884) | mailnews/movemail/src/movemail.c:117 [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else.
|
| f3885) | mailnews/movemail/src/movemail.c:148 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
|
| f3886) | mailnews/movemail/src/movemail.c:158 [4] (race) access: this usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition. Set up the correct permissions (e.g., using setuid()) and try to open the file directly.
|
| f3887) | mailnews/movemail/src/movemail.c:160 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3888) | mailnews/movemail/src/movemail.c:179 [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else.
|
| f3889) | mailnews/movemail/src/movemail.c:181 [4] (race) access: this usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition. Set up the correct permissions (e.g., using setuid()) and try to open the file directly.
|
| f3890) | mailnews/movemail/src/movemail.c:185 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3891) | mailnews/movemail/src/movemail.c:193 [1] (port) snprintf: On some very old systems, snprintf is incorrectly implemented and permits buffer overflows; there are also incompatible standard definitions of it. Check it during installation, or use something else.
|
| f3892) | mailnews/movemail/src/movemail.c:203 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3893) | mailnews/movemail/src/movemail.c:224 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3894) | mailnews/movemail/src/movemail.c:264 [4] (race) access: this usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition. Set up the correct permissions (e.g., using setuid()) and try to open the file directly.
|
| f3895) | mailnews/movemail/src/movemail.c:266 [4] (race) access: this usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition. Set up the correct permissions (e.g., using setuid()) and try to open the file directly.
|
| f3896) | mailnews/movemail/src/movemail.c:270 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3897) | mailnews/movemail/src/movemail.c:279 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3898) | mailnews/movemail/src/movemail.c:295 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3899) | mailnews/movemail/src/movemail.c:312 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3900) | mailnews/movemail/src/movemail.c:327 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3901) | mailnews/movemail/src/movemail.c:339 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3902) | mailnews/movemail/src/movemail.c:360 [4] (format) snprintf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification.
|
| f3903) | mailnews/news/src/nsNNTPProtocol.cpp:880 [4] (race) access: this usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition. Set up the correct permissions (e.g., using setuid()) and try to open the file directly.
|
| f3904) | mailnews/news/src/nsNNTPProtocol.cpp:891 [4] (race) access: this usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition. Set up the correct permissions (e.g., using setuid()) and try to open the file directly.
|
| f3906) | mailnews/news/src/nsNNTPProtocol.cpp:914 [4] (race) access: this usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition. Set up the correct permissions (e.g., using setuid()) and try to open the file directly.
|