| r0001) | caps/src/nsScriptSecurityManager.cpp:2115 High: smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r0002) | config/asdecode.cpp:2486 High: PL_strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0003) | config/asdecode.cpp:2887 High: PL_strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0004) | config/asdecode.cpp:2897 High: PL_strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0005) | config/asdecode.cpp:71 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0006) | config/asdecode.cpp:96 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0007) | config/asdecode.cpp:143 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0008) | config/makecopy.cpp:144 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0015) | config/makecopy.cpp:364 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0016) | config/makecopy.cpp:367 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0017) | config/makecopy.cpp:430 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0018) | config/makecopy.cpp:478 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0019) | config/makecopy.cpp:479 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0020) | config/makecopy.cpp:533 High: LoadLibrary: LoadLibrary will search several places for a library if no path is specified, allowing trojan DLL's to be inserted elsewhere even if the intended DLL is correctly protected from overwriting. Make sure to specify the full path.
|
| r0021) | config/makedep.cpp:107 Medium: stat: A potential TOCTOU (Time Of Check, Time Of Use) vulnerability exists. This is the first line where a check has occured. The following line(s) contain uses that may match up with this check: 110 (mkdir)
|
| r0022) | config/makedep.cpp:69 High: OemToAnsi: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0023) | config/makedep.cpp:76 High: lstrcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0024) | config/makedep.cpp:114 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0025) | config/makedep.cpp:161 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0026) | config/makedep.cpp:163 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0027) | config/makedep.cpp:275 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0028) | config/makedep.cpp:311 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0029) | config/makedep.cpp:325 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0030) | config/makedep.cpp:326 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0031) | config/makedep.cpp:472 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0032) | config/makedep.cpp:493 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0033) | config/makedep.cpp:494 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0034) | config/makedep.cpp:495 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0035) | config/makedep.cpp:496 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0036) | config/makedep.cpp:497 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0037) | config/makedep.cpp:536 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0038) | config/makedep.cpp:537 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0039) | config/makedep.cpp:538 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0040) | config/makedep.cpp:539 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0041) | config/makedep.cpp:540 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0042) | config/makedep.cpp:558 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0043) | config/makedep.cpp:791 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0044) | config/makedep.cpp:816 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0045) | config/trace.cpp:167 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0046) | config/trace.cpp:509 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0047) | config/trace.cpp:229 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0048) | config/trace.cpp:230 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0049) | config/trace.cpp:277 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0050) | config/trace.cpp:363 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0051) | config/bin2rc.c:233 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0052) | config/bin2rc.c:364 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0053) | config/gtscc.c:85 Medium: fgetc: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r0054) | config/gtscc.c:201 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0055) | config/gtscc.c:202 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0056) | config/gtscc.c:247 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0057) | config/gtscc.c:338 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0058) | config/gtscc.c:612 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0059) | config/gtscc.c:948 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0060) | config/gtscc.c:1254 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0061) | config/gtscc.c:1475 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0062) | config/gtscc.c:1617 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0063) | config/gtscc.c:1654 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0064) | config/gtscc.c:1655 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0065) | config/gtscc.c:1656 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0066) | config/gtscc.c:1670 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0067) | config/gtscc.c:1902 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0068) | config/gtscc.c:1920 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0069) | config/gtscc.c:1923 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0070) | config/gtscc.c:1972 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0071) | config/gtscc.c:1973 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0072) | config/gtscc.c:2378 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0073) | config/gtscc.c:2379 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0074) | config/gtscc.c:2479 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0075) | config/gtscc.c:2497 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0076) | config/gtscc.c:2499 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0077) | config/gtscc.c:2673 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0078) | config/gtscc.c:2707 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0105) | config/gtscc.c:562 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r0106) | config/mangle.c:2601 Medium: stat: A potential TOCTOU (Time Of Check, Time Of Use) vulnerability exists. This is the first line where a check has occured. The following line(s) contain uses that may match up with this check: 2283 (fopen), 2607 (fopen), 2756 (fopen)
|
| r0107) | config/mantomak.c:54 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0108) | config/mantomak.c:132 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0109) | config/mantomak.c:165 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0110) | config/mantomak.c:166 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0111) | config/mantomak.c:167 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0112) | config/mantomak.c:168 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0113) | config/mantomak.c:169 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0114) | config/mantomak.c:197 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0115) | config/mantomak.c:198 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0116) | config/mantomak.c:199 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0117) | config/mantomak.c:200 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0118) | config/mantomak.c:201 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0119) | config/mantomak.c:472 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0120) | config/mantomak.c:473 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0121) | config/mantomak.c:474 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0122) | config/mantomak.c:475 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0123) | config/mantomak.c:476 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0124) | config/mantomak.c:513 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0131) | config/nsinstall.c:496 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r0133) | config/nsinstall.c:366 High: getopt: Truncate all input strings to a reasonable length before passing them to this function
|
| r0134) | config/nsinstall.c:225 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0135) | config/nsinstall.c:356 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0136) | config/nsinstall.c:503 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0137) | config/nsinstall.c:252 Medium: read: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r0138) | config/nsinstall.c:172 Medium: lstat: A potential TOCTOU (Time Of Check, Time Of Use) vulnerability exists. This is the first line where a check has occured. The following line(s) contain uses that may match up with this check: 179 (mkdir)
|
| r0139) | config/pathsub.c:238 Medium: access: A potential TOCTOU (Time Of Check, Time Of Use) vulnerability exists. This is the first line where a check has occured. The following line(s) contain uses that may match up with this check: 241 (chmod), 244 (open), 246 (open), 279 (chmod), 298 (chmod)
|
| r0141) | config/pathsub.c:199 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0142) | config/pathsub.c:232 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0143) | config/W95make.c:209 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0144) | config/W95make.c:246 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0145) | config/W95make.c:256 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0146) | config/W95make.c:54 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0147) | config/mkdepend/cppsetup.c:80 High: _spawnvp: Many program execution commands under Windows will search the path for a program if you do not explicitly specify a full path to the file. This can allow trojans to be executed instead. Also, be sure to specify a file extension, since otherwise multiple extensions will be tried by the operating system, providing another opportunity for trojans.
|
| r0148) | config/mkdepend/include.c:143 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0149) | config/mkdepend/include.c:170 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0150) | config/mkdepend/include.c:62 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0151) | config/mkdepend/include.c:89 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0152) | config/mkdepend/include.c:244 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0155) | config/mkdepend/main.c:220 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r0156) | config/mkdepend/main.c:223 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r0158) | config/mkdepend/main.c:623 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0165) | config/mkdepend/main.c:171 Medium: read: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r0166) | config/mkdepend/main.c:445 Medium: read: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r0167) | config/mkdepend/main.c:351 Medium: signal: When setting signal handlers, do not use the same function to handle multiple signals. There exists the possibility a race condition will result if 2 or more different signals are sent to the process at nearly the same time. Also, when writing signal handlers, it is best to do as little as possible in them. The best strategy is to use the signal handler to set a flag, that another part of the program tests and performs the appropriate action(s) when it is set. See also: http://razor.bindview.com/publish/papers/signals.txt
|
| r0168) | config/mkdepend/main.c:353 Medium: signal: When setting signal handlers, do not use the same function to handle multiple signals. There exists the possibility a race condition will result if 2 or more different signals are sent to the process at nearly the same time. Also, when writing signal handlers, it is best to do as little as possible in them. The best strategy is to use the signal handler to set a flag, that another part of the program tests and performs the appropriate action(s) when it is set. See also: http://razor.bindview.com/publish/papers/signals.txt
|
| r0169) | config/mkdepend/main.c:355 Medium: signal: When setting signal handlers, do not use the same function to handle multiple signals. There exists the possibility a race condition will result if 2 or more different signals are sent to the process at nearly the same time. Also, when writing signal handlers, it is best to do as little as possible in them. The best strategy is to use the signal handler to set a flag, that another part of the program tests and performs the appropriate action(s) when it is set. See also: http://razor.bindview.com/publish/papers/signals.txt
|
| r0170) | config/mkdepend/main.c:357 Medium: signal: When setting signal handlers, do not use the same function to handle multiple signals. There exists the possibility a race condition will result if 2 or more different signals are sent to the process at nearly the same time. Also, when writing signal handlers, it is best to do as little as possible in them. The best strategy is to use the signal handler to set a flag, that another part of the program tests and performs the appropriate action(s) when it is set. See also: http://razor.bindview.com/publish/papers/signals.txt
|
| r0171) | config/mkdepend/main.c:359 Medium: signal: When setting signal handlers, do not use the same function to handle multiple signals. There exists the possibility a race condition will result if 2 or more different signals are sent to the process at nearly the same time. Also, when writing signal handlers, it is best to do as little as possible in them. The best strategy is to use the signal handler to set a flag, that another part of the program tests and performs the appropriate action(s) when it is set. See also: http://razor.bindview.com/publish/papers/signals.txt
|
| r0172) | config/mkdepend/main.c:361 Medium: signal: When setting signal handlers, do not use the same function to handle multiple signals. There exists the possibility a race condition will result if 2 or more different signals are sent to the process at nearly the same time. Also, when writing signal handlers, it is best to do as little as possible in them. The best strategy is to use the signal handler to set a flag, that another part of the program tests and performs the appropriate action(s) when it is set. See also: http://razor.bindview.com/publish/papers/signals.txt
|
| r0173) | config/mkdepend/main.c:363 Medium: signal: When setting signal handlers, do not use the same function to handle multiple signals. There exists the possibility a race condition will result if 2 or more different signals are sent to the process at nearly the same time. Also, when writing signal handlers, it is best to do as little as possible in them. The best strategy is to use the signal handler to set a flag, that another part of the program tests and performs the appropriate action(s) when it is set. See also: http://razor.bindview.com/publish/papers/signals.txt
|
| r0174) | config/mkdepend/parse.c:648 Medium: stat: A potential TOCTOU (Time Of Check, Time Of Use) vulnerability exists. This is the first line where a check has occured. The following line(s) contain uses that may match up with this check: 649 (fopen)
|
| r0175) | config/mkdepend/parse.c:215 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0176) | config/mkdepend/pr.c:322 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r0177) | config/mkdepend/pr.c:86 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0178) | config/mkdepend/def.h:98 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0180) | config/os2/dirent.c:132 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r0181) | config/os2/dirent.c:64 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0182) | config/os2/dirent.c:76 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0183) | config/os2/dirent.c:77 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0184) | config/os2/dirent.c:128 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0185) | config/os2/dirent.c:149 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0186) | config/os2/dirent.c:278 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0187) | config/os2/getopt.c:170 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0188) | config/os2/getopt.c:283 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0189) | config/os2/dirent.h:77 High: getopt: Truncate all input strings to a reasonable length before passing them to this function
|
| r0190) | content/base/src/nsDocumentEncoder.cpp:56 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0191) | content/base/src/nsDocumentEncoder.cpp:62 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0192) | content/base/src/nsGenericDOMDataNode.cpp:472 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0193) | content/base/src/nsPrintEngine.cpp:605 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0194) | content/base/src/nsPrintEngine.cpp:625 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0195) | content/base/src/nsPrintEngine.cpp:2878 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0196) | content/base/src/nsPrintEngine.cpp:4716 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0197) | content/base/src/nsPrintEngine.cpp:4724 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0198) | content/base/src/nsPrintEngine.cpp:4739 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0199) | content/base/src/nsPrintEngine.cpp:4896 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0200) | content/base/src/nsPrintEngine.cpp:4718 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0201) | content/base/src/nsPrintEngine.cpp:4725 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0202) | content/base/src/nsPrintEngine.cpp:4740 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0203) | content/base/src/nsXMLContentSerializer.cpp:4742 High: strcat: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0204) | content/build/nsContentDLF.cpp:378 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0205) | content/html/content/src/nsGenericHTMLElement.cpp:592 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0206) | content/html/content/src/nsHTMLInputElement.cpp:2190 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0207) | content/html/content/src/nsHTMLInputElement.cpp:2916 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0208) | content/html/document/src/nsHTMLDocument.cpp:2279 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0209) | content/html/style/src/nsCSSParser.cpp:853 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0210) | content/xbl/src/nsXBLProtoImplMethod.cpp:2574 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0211) | content/xul/document/src/nsElementMap.cpp:193 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0212) | content/xul/templates/src/nsXULContentUtils.cpp:66 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0213) | content/xul/templates/src/nsClusterKeySet.h:404 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0214) | content/xul/templates/src/nsConflictSet.h:141 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0215) | db/mork/src/morkFactory.cpp:259 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0216) | db/mork/src/morkFactory.cpp:319 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0217) | db/mork/src/morkFactory.cpp:383 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0218) | db/mork/src/morkStore.cpp:456 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0219) | db/mork/src/morkWriter.cpp:995 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0220) | db/mork/src/orkinErrorHook.cpp:514 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0221) | db/mork/src/orkinErrorHook.cpp:799 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0222) | db/mork/src/orkinErrorHook.cpp:1349 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0223) | db/mork/src/orkinErrorHook.cpp:1469 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0224) | db/mork/src/orkinErrorHook.cpp:1552 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0225) | db/mork/src/orkinErrorHook.cpp:1596 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0226) | db/mork/src/orkinErrorHook.cpp:1639 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0227) | db/mork/src/orkinErrorHook.cpp:1743 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0228) | db/mork/src/orkinErrorHook.cpp:1858 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0229) | db/mork/src/orkinErrorHook.cpp:1998 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0230) | db/mork/src/orkinErrorHook.cpp:2107 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0231) | db/mork/src/orkinFactory.cpp:74 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0232) | db/mork/src/morkWriter.h:596 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0233) | dbm/include/winfile.h:158 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0234) | dbm/include/winfile.h:197 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0235) | dbm/include/winfile.h:200 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0236) | dbm/src/hash.c:48 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0237) | dbm/src/hash.c:92 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0238) | dbm/src/hash.c:94 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0239) | dbm/src/hash.c:227 Medium: read: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r0240) | dbm/src/h_page.c:602 Medium: stat: A potential TOCTOU (Time Of Check, Time Of Use) vulnerability exists. This is the first line where a check has occured. The following line(s) contain uses that may match up with this check: 197 (open), 250 (remove)
|
| r0241) | dbm/src/h_page.c:164 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0242) | dbm/src/h_page.c:1174 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0249) | dbm/src/mktemp.c:712 Medium: read: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r0251) | dbm/src/ndbm.c:129 Medium: stat: A potential TOCTOU (Time Of Check, Time Of Use) vulnerability exists. This is the first line where a check has occured. The following line(s) contain uses that may match up with this check: 144 (open)
|
| r0252) | dbm/src/ndbm.c:74 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0254) | dbm/src/nsres.c:83 High: strcat: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0255) | dbm/src/nsres.c:15 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0256) | dbm/src/nsres.c:46 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0258) | dbm/src/snprintf.c:67 High: strcat: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0263) | dbm/src/strerror.c:48 High: vsprintf: Check to be sure that the format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle. Additionally, the format string could contain `%s' without precision that could result in a buffer overflow.
|
| r0264) | dbm/src/strerror.c:52 High: vsprintf: Check to be sure that the format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle. Additionally, the format string could contain `%s' without precision that could result in a buffer overflow.
|
| r0265) | dbm/src/strerror.c:66 High: vsprintf: Check to be sure that the format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle. Additionally, the format string could contain `%s' without precision that could result in a buffer overflow.
|
| r0266) | dbm/src/strerror.c:68 High: vsprintf: Check to be sure that the format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle. Additionally, the format string could contain `%s' without precision that could result in a buffer overflow.
|
| r0286) | directory/c-sdk/ldap/build/dirver.c:293 Medium: lstat: A potential TOCTOU (Time Of Check, Time Of Use) vulnerability exists. This is the first line where a check has occured. The following line(s) contain uses that may match up with this check: 298 (unlink), 301 (mkdir), 303 (chown), 345 (lchown)
|
| r0287) | directory/c-sdk/ldap/build/dirver.c:73 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0354) | directory/c-sdk/ldap/include/portable.h:240 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0355) | directory/c-sdk/ldap/include/proto-ntutil.h:359 High: fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r0356) | directory/c-sdk/ldap/libraries/liblber/bprint.c:46 High: getopt: Truncate all input strings to a reasonable length before passing them to this function
|
| r0357) | directory/c-sdk/ldap/libraries/liblber/decode.c:38 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0358) | directory/c-sdk/ldap/libraries/liblber/decode.c:44 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0359) | directory/c-sdk/ldap/libraries/liblber/decode.c:66 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0360) | directory/c-sdk/ldap/libraries/liblber/dtest.c:160 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0361) | directory/c-sdk/ldap/libraries/liblber/dtest.c:438 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0362) | directory/c-sdk/ldap/libraries/liblber/dtest.c:580 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0363) | directory/c-sdk/ldap/libraries/liblber/encode.c:54 Medium: read: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r0364) | directory/c-sdk/ldap/libraries/liblber/etest.c:565 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0365) | directory/c-sdk/ldap/libraries/liblber/etest.c:651 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0366) | directory/c-sdk/ldap/libraries/liblber/etest.c:97 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0367) | directory/c-sdk/ldap/libraries/liblber/etest.c:98 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0368) | directory/c-sdk/ldap/libraries/liblber/io.c:56 Medium: read: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r0369) | directory/c-sdk/ldap/libraries/liblber/io.c:125 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0370) | directory/c-sdk/ldap/libraries/liblber/io.c:359 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0371) | directory/c-sdk/ldap/libraries/liblber/io.c:528 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0372) | directory/c-sdk/ldap/libraries/liblber/io.c:548 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0373) | directory/c-sdk/ldap/libraries/liblber/io.c:733 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0374) | directory/c-sdk/ldap/libraries/liblber/io.c:147 Medium: read: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r0375) | directory/c-sdk/ldap/libraries/liblber/lber-int.h:1400 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r0376) | directory/c-sdk/ldap/libraries/libldap/cache.c:136 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0377) | directory/c-sdk/ldap/libraries/libldap/cache.c:137 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0378) | directory/c-sdk/ldap/libraries/libldap/cache.c:138 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0379) | directory/c-sdk/ldap/libraries/libldap/cache.c:139 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0380) | directory/c-sdk/ldap/libraries/libldap/cldap.c:67 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0381) | directory/c-sdk/ldap/libraries/libldap/cldap.c:159 High: gethostbyname: DNS results can easily be forged by an attacker (or arbitrarily set to large values, etc), and should not be trusted.
|
| r0384) | directory/c-sdk/ldap/libraries/libldap/dllmain.c:531 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0385) | directory/c-sdk/ldap/libraries/libldap/error.c:135 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0386) | directory/c-sdk/ldap/libraries/libldap/error.c:158 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0387) | directory/c-sdk/ldap/libraries/libldap/friendly.c:135 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0388) | directory/c-sdk/ldap/libraries/libldap/getdxbyname.c:45 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0389) | directory/c-sdk/ldap/libraries/libldap/getfilter.c:86 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0390) | directory/c-sdk/ldap/libraries/libldap/getfilter.c:119 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0391) | directory/c-sdk/ldap/libraries/libldap/memcache.c:138 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0392) | directory/c-sdk/ldap/libraries/libldap/memcache.c:345 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0393) | directory/c-sdk/ldap/libraries/libldap/memcache.c:579 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0394) | directory/c-sdk/ldap/libraries/libldap/mozock.c:646 High: strcat: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0395) | directory/c-sdk/ldap/libraries/libldap/mozock.c:192 High: EnterCriticalSection: This function can throw exceptions in low memory conditions. Use InitialCriticalSectionAndSpinCount instead.
|
| r0396) | directory/c-sdk/ldap/libraries/libldap/mozock.c:261 High: LoadLibrary: LoadLibrary will search several places for a library if no path is specified, allowing trojan DLL's to be inserted elsewhere even if the intended DLL is correctly protected from overwriting. Make sure to specify the full path.
|
| r0397) | directory/c-sdk/ldap/libraries/libldap/mozock.c:481 High: gethostbyname: DNS results can easily be forged by an attacker (or arbitrarily set to large values, etc), and should not be trusted.
|
| r0398) | directory/c-sdk/ldap/libraries/libldap/nsprthreadtest.c:490 High: gethostbyaddr: DNS results can easily be forged by an attacker (or arbitrarily set to large values, etc), and should not be trusted.
|
| r0399) | directory/c-sdk/ldap/libraries/libldap/nsprthreadtest.c:306 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0400) | directory/c-sdk/ldap/libraries/libldap/nsprthreadtest.c:385 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0401) | directory/c-sdk/ldap/libraries/libldap/nsprthreadtest.c:386 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0402) | directory/c-sdk/ldap/libraries/libldap/nsprthreadtest.c:432 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0405) | directory/c-sdk/ldap/libraries/libldap/open.c:413 High: sprintf: Check to be sure that the format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle. Additionally, the format string could contain `%s' without precision that could result in a buffer overflow.
|
| r0406) | directory/c-sdk/ldap/libraries/libldap/open.c:458 High: sprintf: Check to be sure that the format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle. Additionally, the format string could contain `%s' without precision that could result in a buffer overflow.
|
| r0408) | directory/c-sdk/ldap/libraries/libldap/os-ip.c:804 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r0409) | directory/c-sdk/ldap/libraries/libldap/pthreadtest.c:771 High: gethostbyaddr: DNS results can easily be forged by an attacker (or arbitrarily set to large values, etc), and should not be trusted.
|
| r0411) | directory/c-sdk/ldap/libraries/libldap/pthreadtest.c:393 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0412) | directory/c-sdk/ldap/libraries/libldap/pthreadtest.c:523 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0413) | directory/c-sdk/ldap/libraries/libldap/pthreadtest.c:524 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0414) | directory/c-sdk/ldap/libraries/libldap/pthreadtest.c:596 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0415) | directory/c-sdk/ldap/libraries/libldap/pthreadtest.c:685 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0416) | directory/c-sdk/ldap/libraries/libldap/pthreadtest.c:728 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0417) | directory/c-sdk/ldap/libraries/libldap/pthreadtest.c:786 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0418) | directory/c-sdk/ldap/libraries/libldap/pthreadtest.c:1009 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0429) | directory/c-sdk/ldap/libraries/libldap/regex.c:469 Medium: random: Standard random number generators should not be used to generate randomness used for security reasons. For security sensitive randomness a crytographic randomness generator that provides sufficient entropy should be used.
|
| r0430) | directory/c-sdk/ldap/libraries/libldap/regex.c:741 Medium: random: Standard random number generators should not be used to generate randomness used for security reasons. For security sensitive randomness a crytographic randomness generator that provides sufficient entropy should be used.
|
| r0431) | directory/c-sdk/ldap/libraries/libldap/regex.c:1002 Medium: random: Standard random number generators should not be used to generate randomness used for security reasons. For security sensitive randomness a crytographic randomness generator that provides sufficient entropy should be used.
|
| r0433) | directory/c-sdk/ldap/libraries/libldap/regex.c:808 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0435) | directory/c-sdk/ldap/libraries/libldap/request.c:811 High: vsprintf: Check to be sure that the format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle. Additionally, the format string could contain `%s' without precision that could result in a buffer overflow.
|
| r0436) | directory/c-sdk/ldap/libraries/libldap/request.c:108 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0437) | directory/c-sdk/ldap/libraries/libldap/request.c:628 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0438) | directory/c-sdk/ldap/libraries/libldap/request.c:631 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0439) | directory/c-sdk/ldap/libraries/libldap/request.c:677 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0441) | directory/c-sdk/ldap/libraries/libldap/sort.c:1079 High: strcat: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0442) | directory/c-sdk/ldap/libraries/libldap/test.c:286 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0444) | directory/c-sdk/ldap/libraries/libldap/test.c:113 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0445) | directory/c-sdk/ldap/libraries/libldap/test.c:207 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0446) | directory/c-sdk/ldap/libraries/libldap/test.c:285 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0461) | directory/c-sdk/ldap/libraries/libldap/tmplout.c:128 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r0462) | directory/c-sdk/ldap/libraries/libldap/tmplout.c:135 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r0463) | directory/c-sdk/ldap/libraries/libldap/tmplout.c:265 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r0464) | directory/c-sdk/ldap/libraries/libldap/tmplout.c:274 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r0465) | directory/c-sdk/ldap/libraries/libldap/tmplout.c:360 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r0466) | directory/c-sdk/ldap/libraries/libldap/tmplout.c:1760 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r0467) | directory/c-sdk/ldap/libraries/libldap/tmplout.c:487 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0468) | directory/c-sdk/ldap/libraries/libldap/tmplout.c:907 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0469) | directory/c-sdk/ldap/libraries/libldap/tmplout.c:1032 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0473) | directory/c-sdk/ldap/libraries/libldap/ufn.c:954 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0475) | directory/c-sdk/ldap/libraries/libldap/ldap-int.h:314 High: strcat: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0476) | directory/c-sdk/ldap/libraries/libldif/line64.c:569 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0477) | directory/c-sdk/ldap/libraries/libldif/line64.c:426 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0478) | directory/c-sdk/ldap/libraries/libldif/line64.c:542 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0479) | directory/c-sdk/ldap/libraries/libprldap/ldappr-io.c:585 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r0480) | directory/c-sdk/ldap/libraries/libprldap/ldappr-io.c:322 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0481) | directory/c-sdk/ldap/libraries/libprldap/ldappr-io.c:369 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0482) | directory/c-sdk/ldap/libraries/libssldap/clientinit.c:335 High: fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r0483) | directory/c-sdk/ldap/libraries/libssldap/clientinit.c:118 High: PL_strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0484) | directory/c-sdk/ldap/libraries/libssldap/clientinit.c:120 High: PL_strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0485) | directory/c-sdk/ldap/libraries/libssldap/clientinit.c:123 High: PL_strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0486) | directory/c-sdk/ldap/libraries/libssldap/clientinit.c:125 High: PL_strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0487) | directory/c-sdk/ldap/libraries/libssldap/clientinit.c:127 High: PL_strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0488) | directory/c-sdk/ldap/libraries/libssldap/clientinit.c:237 High: PL_strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0489) | directory/c-sdk/ldap/libraries/libssldap/clientinit.c:242 High: PL_strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0490) | directory/c-sdk/ldap/libraries/libssldap/clientinit.c:296 High: PL_strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0491) | directory/c-sdk/ldap/libraries/libssldap/clientinit.c:301 High: PL_strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0492) | directory/c-sdk/ldap/libraries/libutil/getopt.c:255 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0493) | directory/c-sdk/ldap/libraries/macintosh/getopt.c:66 High: getopt: Truncate all input strings to a reasonable length before passing them to this function
|
| r0494) | directory/c-sdk/ldap/libraries/macintosh/kerberos-macos.c:62 High: getopt: Truncate all input strings to a reasonable length before passing them to this function
|
| r0495) | directory/c-sdk/ldap/libraries/macintosh/macos-ip.c:62 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0496) | directory/c-sdk/ldap/libraries/macintosh/strings.c:224 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r0497) | directory/c-sdk/ldap/libraries/macintosh/strings.c:272 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r0498) | directory/c-sdk/ldap/libraries/macintosh/ldap-macos.h:113 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0500) | directory/c-sdk/ldap/libraries/msdos/winsock/mozock.c:91 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0501) | directory/c-sdk/ldap/libraries/msdos/winsock/mozock.c:234 High: LoadLibrary: LoadLibrary will search several places for a library if no path is specified, allowing trojan DLL's to be inserted elsewhere even if the intended DLL is correctly protected from overwriting. Make sure to specify the full path.
|
| r0502) | directory/c-sdk/ldap/libraries/msdos/winsock/mozock.c:452 High: gethostbyname: DNS results can easily be forged by an attacker (or arbitrarily set to large values, etc), and should not be trusted.
|
| r0503) | directory/xpcom/base/src/nsLDAPConnection.cpp:461 High: gethostbyaddr: DNS results can easily be forged by an attacker (or arbitrarily set to large values, etc), and should not be trusted.
|
| r0504) | dom/src/base/nsDOMException.cpp:850 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0505) | dom/src/base/nsJSEnvironment.cpp:292 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r0506) | editor/libeditor/base/InsertTextTxn.cpp:894 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0507) | editor/libeditor/base/InsertTextTxn.cpp:924 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0508) | editor/libeditor/base/InsertTextTxn.cpp:1058 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0509) | editor/libeditor/html/nsEditorTxnLog.cpp:84 High: wprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r0510) | editor/libeditor/html/nsHTMLEditor.cpp:391 High: printf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r0511) | editor/libeditor/html/nsHTMLEditor.cpp:405 High: printf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r0512) | editor/libeditor/html/nsHTMLEditorLog.cpp:1934 High: wprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r0513) | editor/libeditor/html/nsHTMLEditorLog.cpp:2089 High: wprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r0514) | editor/libeditor/html/nsHTMLEditorLog.cpp:2094 High: wprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r0515) | editor/libeditor/html/nsHTMLEditorLog.cpp:3030 High: wprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r0516) | editor/libeditor/html/nsHTMLEditorLog.cpp:3034 High: wprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r0517) | editor/libeditor/html/nsHTMLEditorLog.cpp:939 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0518) | editor/libeditor/html/nsHTMLEditorLog.cpp:963 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0519) | editor/libeditor/html/nsHTMLEditorLog.cpp:941 High: sprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r0520) | embedding/browser/activex/src/control/IEHtmlElementCollection.cpp:941 High: sprintf: Check to be sure that the format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle. Additionally, the format string could contain `%s' without precision that could result in a buffer overflow.
|
| r0521) | embedding/browser/activex/src/control/MozillaBrowser.cpp:297 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r0522) | embedding/browser/activex/src/control/MozillaBrowser.cpp:586 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0523) | embedding/browser/activex/src/control/MozillaBrowser.cpp:587 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0524) | embedding/browser/activex/src/control/MozillaBrowser.cpp:616 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0525) | embedding/browser/activex/src/control/MozillaBrowser.cpp:668 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0526) | embedding/browser/activex/src/control/MozillaBrowser.cpp:669 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0527) | embedding/browser/activex/src/control/MozillaBrowser.cpp:670 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0528) | embedding/browser/activex/src/control/MozillaBrowser.cpp:671 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0529) | embedding/browser/activex/src/control/MozillaBrowser.cpp:672 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0530) | embedding/browser/activex/src/control/MozillaBrowser.cpp:673 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0531) | embedding/browser/activex/src/control/MozillaBrowser.cpp:965 High: _stprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r0532) | embedding/browser/activex/src/control/BrowserDiagnostics.h:965 High: _stprintf: Check to be sure that the format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle. Additionally, the format string could contain `%s' without precision that could result in a buffer overflow.
|
| r0533) | embedding/browser/activex/src/control_kicker/control_kicker.cpp:75 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0534) | embedding/browser/activex/src/control_kicker/control_kicker.cpp:105 High: LoadLibrary: LoadLibrary will search several places for a library if no path is specified, allowing trojan DLL's to be inserted elsewhere even if the intended DLL is correctly protected from overwriting. Make sure to specify the full path.
|
| r0535) | embedding/browser/activex/src/control_kicker/control_kicker.cpp:283 High: LoadLibrary: LoadLibrary will search several places for a library if no path is specified, allowing trojan DLL's to be inserted elsewhere even if the intended DLL is correctly protected from overwriting. Make sure to specify the full path.
|
| r0536) | embedding/browser/activex/src/control_kicker/control_kicker.cpp:212 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0537) | embedding/browser/activex/src/control_kicker/control_kicker.cpp:231 High: lstrcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0538) | embedding/browser/activex/src/plugin/LegacyPlugin.cpp:277 High: lstrcat: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0539) | embedding/browser/activex/src/plugin/LegacyPlugin.cpp:278 High: lstrcat: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0540) | embedding/browser/activex/src/plugin/LegacyPlugin.cpp:279 High: lstrcat: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0541) | embedding/browser/activex/src/plugin/LegacyPlugin.cpp:192 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0542) | embedding/browser/activex/src/plugin/LegacyPlugin.cpp:323 High: _stprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r0543) | embedding/browser/activex/src/plugin/LiveConnect.cpp:323 High: _stprintf: Check to be sure that the format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle. Additionally, the format string could contain `%s' without precision that could result in a buffer overflow.
|
| r0544) | embedding/browser/activex/src/plugin/XPConnect.cpp:297 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0545) | embedding/browser/activex/src/plugin/XPConnect.cpp:309 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0546) | embedding/browser/activex/src/plugin/XPConnect.cpp:330 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0547) | embedding/browser/activex/src/plugin/XPConnect.cpp:436 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0548) | embedding/browser/activex/src/plugin/XPConnect.cpp:451 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0549) | embedding/browser/activex/src/plugin/XPConnect.cpp:483 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0550) | embedding/browser/activex/src/plugin/XPConnect.cpp:494 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0551) | embedding/browser/activex/src/plugin/XPConnect.cpp:519 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0552) | embedding/browser/activex/src/pluginhostctrl/nsPluginHostCtrl.cpp:361 High: LoadLibrary: LoadLibrary will search several places for a library if no path is specified, allowing trojan DLL's to be inserted elsewhere even if the intended DLL is correctly protected from overwriting. Make sure to specify the full path.
|
| r0553) | embedding/browser/activex/src/pluginhostctrl/nsPluginHostCtrl.cpp:346 High: _tcscat: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0554) | embedding/browser/activex/src/pluginhostctrl/nsPluginHostCtrl.cpp:525 High: LoadLibrary: LoadLibrary will search several places for a library if no path is specified, allowing trojan DLL's to be inserted elsewhere even if the intended DLL is correctly protected from overwriting. Make sure to specify the full path.
|
| r0555) | embedding/browser/activex/src/pluginhostctrl/nsPluginHostCtrl.cpp:686 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0556) | embedding/browser/activex/src/pluginhostctrl/nsURLDataCallback.cpp:638 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r0557) | embedding/browser/activex/src/pluginhostctrl/nsURLDataCallback.cpp:639 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r0560) | embedding/browser/activex/src/pluginhostctrl/nsURLDataCallback.cpp:314 High: _stprintf: Check to be sure that the format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle. Additionally, the format string could contain `%s' without precision that could result in a buffer overflow.
|
| r0561) | embedding/browser/activex/src/pluginhostctrl/nsURLDataCallback.cpp:317 High: _stprintf: Check to be sure that the format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle. Additionally, the format string could contain `%s' without precision that could result in a buffer overflow.
|
| r0562) | embedding/browser/activex/src/pluginhostctrl/nsURLDataCallback.cpp:318 High: _tcscat: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0563) | embedding/browser/activex/src/pluginhostctrl/nsURLDataCallback.cpp:323 High: _tcscat: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0564) | embedding/browser/activex/src/pluginhostctrl/nsURLDataCallback.cpp:328 High: _tcscat: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0565) | embedding/browser/activex/src/pluginhostctrl/nsPluginHostCtrl.h:558 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0566) | embedding/browser/activex/src/tlb2xpt/TypeDesc.cpp:90 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r0567) | embedding/browser/activex/src/xml/XMLDocument.cpp:125 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0578) | embedding/browser/photon/src/EmbedProgress.cpp:68 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0579) | embedding/browser/photon/src/nsUnknownContentTypeHandler.cpp:98 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0580) | embedding/browser/photon/src/nsUnknownContentTypeHandler.cpp:186 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0581) | embedding/browser/photon/src/PtMozilla.cpp:121 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0582) | embedding/browser/photon/src/PtMozilla.cpp:122 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0583) | embedding/browser/photon/src/PtMozilla.cpp:397 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0584) | embedding/browser/photon/src/PtMozilla.cpp:459 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0585) | embedding/browser/photon/src/PtMozilla.cpp:478 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0586) | embedding/browser/photon/src/PtMozilla.cpp:558 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0587) | embedding/browser/photon/src/PtMozilla.cpp:804 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0588) | embedding/browser/photon/src/PtMozilla.cpp:809 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0589) | embedding/browser/photon/src/PtMozilla.cpp:814 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0590) | embedding/browser/photon/src/PtMozilla.cpp:819 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0591) | embedding/browser/photon/src/PtMozilla.cpp:856 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0592) | embedding/browser/photon/src/PtMozilla.cpp:863 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0593) | embedding/browser/photon/src/PtMozilla.cpp:868 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0594) | embedding/browser/photon/src/PtMozilla.cpp:875 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0595) | embedding/browser/photon/src/PtMozilla.cpp:880 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0596) | embedding/browser/photon/src/PtMozilla.cpp:885 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0597) | embedding/browser/photon/src/PtMozilla.cpp:892 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0598) | embedding/browser/photon/src/PtMozilla.cpp:897 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0599) | embedding/browser/photon/src/PtMozilla.cpp:904 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0600) | embedding/browser/photon/src/PtMozilla.cpp:578 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0601) | embedding/browser/photon/src/PtMozilla.cpp:625 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0602) | embedding/browser/photon/src/PtMozilla.cpp:849 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0619) | embedding/browser/powerplant/source/CHeaderSniffer.cpp:311 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0620) | embedding/browser/powerplant/source/CHeaderSniffer.cpp:501 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0621) | embedding/browser/powerplant/source/CProfileManager.cpp:303 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0622) | embedding/browser/powerplant/source/UDownloadDisplay.cpp:179 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0623) | embedding/browser/powerplant/source/UMacUnicode.cpp:531 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0624) | embedding/browser/powerplant/source/UMacUnicode.cpp:557 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0625) | embedding/browser/powerplant/source/CAppFileLocationProvider.h:232 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0626) | embedding/components/commandhandler/src/nsCommandGroup.cpp:49 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0627) | embedding/components/printingui/src/mac/nsPrintingPromptService.cpp:155 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0628) | embedding/components/printingui/src/mac/nsPrintingPromptServiceX.cpp:92 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0629) | embedding/components/printingui/src/win/nsPrintDialogUtil.cpp:103 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0630) | embedding/components/printingui/src/win/nsPrintDialogUtil.cpp:395 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0631) | embedding/components/webbrowserpersist/src/nsWebBrowserPersist.cpp:891 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0677) | expat/gennmtab/gennmtab.c:379 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0678) | expat/gennmtab/gennmtab.c:417 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0679) | expat/gennmtab/gennmtab.c:418 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0680) | expat/gennmtab/gennmtab.c:419 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0681) | expat/gennmtab/gennmtab.c:420 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0682) | expat/gennmtab/gennmtab.c:421 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0683) | expat/gennmtab/gennmtab.c:422 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0684) | expat/gennmtab/gennmtab.c:1329 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0685) | expat/sample/elements.c:375 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0686) | expat/sample/elements.c:420 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0687) | expat/xmlparse/xmlparse.c:27 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0688) | expat/xmlparse/xmlparse.c:2109 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0689) | expat/xmltok/xmltok.c:935 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r0690) | expat/xmltok/xmltok.c:1373 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r0691) | expat/xmltok/xmltok.c:1400 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r0692) | expat/xmltok/xmltok.c:1678 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r0693) | expat/xmltok/xmltok.c:1879 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r0694) | expat/xmltok/xmltok.c:2659 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r0695) | expat/xmltok/xmltok.c:3233 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r0696) | expat/xmltok/xmltok.c:3945 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r0697) | expat/xmltok/xmltok_ns.c:123 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0698) | expat/xmltok/xmltok_ns.c:883 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0699) | expat/xmltok/xmltok_ns.c:1187 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0700) | expat/xmltok/xmltok_ns.c:1228 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0701) | expat/xmlwf/readfilemap.c:66 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0702) | expat/xmlwf/win32filemap.c:59 Medium: read: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r0703) | expat/xmlwf/xmlfile.c:48 High: _ftprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r0704) | expat/xmlwf/xmlfile.c:89 High: _ftprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r0705) | expat/xmlwf/xmlfile.c:94 High: _ftprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r0706) | extensions/cookie/nsCookies.cpp:153 Medium: read: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r0707) | extensions/cookie/nsPermissions.cpp:1768 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0708) | extensions/cookie/nsPermissions.cpp:1894 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0709) | extensions/cookie/nsPermissions.cpp:269 High: smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r0710) | extensions/cookie/nsUtils.cpp:544 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0711) | extensions/cookie/nsUtils.cpp:160 High: PL_strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0712) | extensions/inspector/base/src/inBitmap.cpp:65 Medium: read: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r0713) | extensions/inspector/base/src/inCSSValueSearch.cpp:111 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0714) | extensions/p3p/src/nsCompactPolicy.cpp:353 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0715) | extensions/pics/src/nsPICS.cpp:100 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0718) | extensions/pref/autoconfig/src/nsAutoConfig.cpp:17 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0719) | extensions/pref/autoconfig/src/nsAutoConfig.cpp:20 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0720) | extensions/pref/autoconfig/src/nsAutoConfig.cpp:28 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0721) | extensions/pref/autoconfig/src/nsAutoConfig.cpp:31 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0722) | extensions/pref/autoconfig/src/nsAutoConfig.cpp:33 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0723) | extensions/pref/autoconfig/src/nsAutoConfig.cpp:35 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0724) | extensions/pref/autoconfig/src/nsAutoConfig.cpp:37 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0725) | extensions/pref/autoconfig/src/nsAutoConfig.cpp:39 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0726) | extensions/pref/autoconfig/src/nsAutoConfig.cpp:40 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0727) | extensions/pref/autoconfig/src/nsAutoConfig.cpp:41 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0728) | extensions/pref/autoconfig/src/nsAutoConfig.cpp:43 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0729) | extensions/python/xpcom/src/ErrorUtils.cpp:128 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0730) | extensions/python/xpcom/src/ErrorUtils.cpp:47 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0733) | extensions/python/xpcom/src/PyGBase.cpp:202 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0734) | extensions/python/xpcom/src/PyGBase.cpp:210 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0735) | extensions/python/xpcom/src/PyIID.cpp:585 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0736) | extensions/python/xpcom/src/PyIID.cpp:632 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0737) | extensions/python/xpcom/src/PyISupports.cpp:184 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0738) | extensions/python/xpcom/src/TypeObject.cpp:109 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0739) | extensions/python/xpcom/src/VariantUtils.cpp:133 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0740) | extensions/python/xpcom/src/xpcom.cpp:472 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0741) | extensions/python/xpcom/src/xpcom.cpp:1985 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0742) | extensions/python/xpcom/src/PyXPCOM.h:494 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0743) | extensions/python/xpcom/src/loader/pyloader.cpp:379 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0744) | extensions/python/xpcom/src/loader/pyloader.cpp:451 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0745) | extensions/python/xpcom/src/loader/pyloader.cpp:182 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0747) | extensions/python/xpcom/src/loader/pyloader.cpp:184 High: vsprintf: Check to be sure that the format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle. Additionally, the format string could contain `%s' without precision that could result in a buffer overflow.
|
| r0748) | extensions/transformiix/source/base/Double.cpp:322 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0749) | extensions/transformiix/source/base/Double.cpp:330 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0750) | extensions/transformiix/source/base/TxString.h:212 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0751) | extensions/transformiix/source/xml/parser/XMLParser.cpp:264 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0752) | extensions/transformiix/source/xml/parser/XMLParser.cpp:137 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0753) | extensions/transformiix/source/xslt/functions/GenerateIdFunctionCall.cpp:157 Medium: read: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r0754) | extensions/transformiix/source/xslt/functions/GenerateIdFunctionCall.cpp:96 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0756) | extensions/transformiix/source/xslt/functions/txFormatNumberFunctionCall.cpp:98 High: sprintf: Check to be sure that the format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle. Additionally, the format string could contain `%s' without precision that could result in a buffer overflow.
|
| r0757) | extensions/transformiix/source/xslt/functions/txFormatNumberFunctionCall.cpp:298 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0758) | extensions/transformiix/source/xslt/functions/txFormatNumberFunctionCall.cpp:308 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0759) | extensions/transformiix/source/xslt/functions/txFormatNumberFunctionCall.cpp:371 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0760) | extensions/transformiix/source/xslt/functions/txFormatNumberFunctionCall.cpp:311 High: sprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r0761) | extensions/universalchardet/src/nsBig5Prober.h:311 High: sprintf: Check to be sure that the format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle. Additionally, the format string could contain `%s' without precision that could result in a buffer overflow.
|
| r0762) | extensions/universalchardet/src/nsEUCJPProber.h:66 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0763) | extensions/universalchardet/src/nsEUCKRProber.h:71 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0764) | extensions/universalchardet/src/nsEUCTWProber.h:66 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0765) | extensions/universalchardet/src/nsGB2312Prober.h:66 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0766) | extensions/universalchardet/src/nsSJISProber.h:68 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0772) | extensions/wallet/src/singsign.cpp:148 Medium: read: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r0773) | extensions/wallet/src/singsign.cpp:2863 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0774) | extensions/wallet/src/singsign.cpp:3126 High: PL_strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0775) | extensions/wallet/src/wallet.cpp:3128 High: PL_strcat: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0776) | extensions/wallet/src/wallet.cpp:1184 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0777) | extensions/wallet/src/wallet.cpp:1332 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0778) | extensions/wallet/src/wallet.cpp:348 Medium: getchar: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r0779) | extensions/wallet/src/wallet.cpp:355 Medium: getchar: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r0780) | extensions/xmlextras/proxy/src/wspfactory.cpp:1189 Medium: read: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r0781) | extensions/xmlterm/base/mozXMLTermSession.cpp:271 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0782) | extensions/xmlterm/base/mozXMLTermUtils.cpp:4459 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0783) | extensions/xmlterm/base/mozXMLTermUtils.cpp:4476 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0784) | extensions/xmlterm/base/mozXMLTermSession.h:320 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0785) | extensions/xmlterm/base/mozXMLTermSession.h:373 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0786) | extensions/xmlterm/base/mozXMLTermSession.h:374 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0787) | extensions/xmlterm/lineterm/ltermEscape.c:577 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0788) | extensions/xmlterm/lineterm/ltermEscape.c:580 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0789) | extensions/xmlterm/lineterm/ltermEscape.c:583 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0790) | extensions/xmlterm/lineterm/ltermEscape.c:586 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0791) | extensions/xmlterm/lineterm/ltermEscape.c:589 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0792) | extensions/xmlterm/lineterm/ltermInput.c:804 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0793) | extensions/xmlterm/lineterm/ltermInput.c:1036 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0794) | extensions/xmlterm/lineterm/ltermInput.c:1147 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0795) | extensions/xmlterm/lineterm/ltermIO.c:787 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0796) | extensions/xmlterm/lineterm/ltermManager.c:485 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0797) | extensions/xmlterm/lineterm/ltermManager.c:248 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0799) | extensions/xmlterm/lineterm/ltermManager.c:579 High: sprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r0800) | extensions/xmlterm/lineterm/ltermOutput.c:579 High: sprintf: Check to be sure that the format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle. Additionally, the format string could contain `%s' without precision that could result in a buffer overflow.
|
| r0801) | extensions/xmlterm/lineterm/ptystream.c:386 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0802) | extensions/xmlterm/lineterm/ptystream.c:615 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0804) | extensions/xmlterm/lineterm/ptystream.c:281 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0806) | extensions/xmlterm/lineterm/ptystream.c:185 Medium: signal: When setting signal handlers, do not use the same function to handle multiple signals. There exists the possibility a race condition will result if 2 or more different signals are sent to the process at nearly the same time. Also, when writing signal handlers, it is best to do as little as possible in them. The best strategy is to use the signal handler to set a flag, that another part of the program tests and performs the appropriate action(s) when it is set. See also: http://razor.bindview.com/publish/papers/signals.txt
|
| r0807) | extensions/xmlterm/lineterm/ptystream.c:186 Medium: signal: When setting signal handlers, do not use the same function to handle multiple signals. There exists the possibility a race condition will result if 2 or more different signals are sent to the process at nearly the same time. Also, when writing signal handlers, it is best to do as little as possible in them. The best strategy is to use the signal handler to set a flag, that another part of the program tests and performs the appropriate action(s) when it is set. See also: http://razor.bindview.com/publish/papers/signals.txt
|
| r0808) | extensions/xmlterm/lineterm/ptystream.c:187 Medium: signal: When setting signal handlers, do not use the same function to handle multiple signals. There exists the possibility a race condition will result if 2 or more different signals are sent to the process at nearly the same time. Also, when writing signal handlers, it is best to do as little as possible in them. The best strategy is to use the signal handler to set a flag, that another part of the program tests and performs the appropriate action(s) when it is set. See also: http://razor.bindview.com/publish/papers/signals.txt
|
| r0809) | extensions/xmlterm/lineterm/ptystream.c:190 Medium: signal: When setting signal handlers, do not use the same function to handle multiple signals. There exists the possibility a race condition will result if 2 or more different signals are sent to the process at nearly the same time. Also, when writing signal handlers, it is best to do as little as possible in them. The best strategy is to use the signal handler to set a flag, that another part of the program tests and performs the appropriate action(s) when it is set. See also: http://razor.bindview.com/publish/papers/signals.txt
|
| r0810) | extensions/xmlterm/lineterm/ptystream.c:191 Medium: signal: When setting signal handlers, do not use the same function to handle multiple signals. There exists the possibility a race condition will result if 2 or more different signals are sent to the process at nearly the same time. Also, when writing signal handlers, it is best to do as little as possible in them. The best strategy is to use the signal handler to set a flag, that another part of the program tests and performs the appropriate action(s) when it is set. See also: http://razor.bindview.com/publish/papers/signals.txt
|
| r0811) | extensions/xmlterm/lineterm/ptystream.c:192 Medium: signal: When setting signal handlers, do not use the same function to handle multiple signals. There exists the possibility a race condition will result if 2 or more different signals are sent to the process at nearly the same time. Also, when writing signal handlers, it is best to do as little as possible in them. The best strategy is to use the signal handler to set a flag, that another part of the program tests and performs the appropriate action(s) when it is set. See also: http://razor.bindview.com/publish/papers/signals.txt
|
| r0812) | extensions/xmlterm/lineterm/tracelog.c:169 Default: ttyname: The results are easy for an attacker to forge, and not reliable.
|
| r0813) | extensions/xmlterm/lineterm/unistring.c:190 High: vfprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r0814) | extensions/xmlterm/lineterm/unistring.c:205 High: vfprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r0815) | extensions/xmlterm/lineterm/ltermPrivate.h:156 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0816) | extensions/xmlterm/lineterm/ltermPrivate.h:177 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0817) | extensions/xmlterm/lineterm/ptystream.h:401 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0818) | extensions/xmlterm/lineterm/ptystream.h:404 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0819) | extensions/xmlterm/lineterm/ptystream.h:509 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0820) | extensions/xmlterm/lineterm/ptystream.h:510 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0821) | extensions/xmlterm/lineterm/ptystream.h:526 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0822) | extensions/xmlterm/lineterm/tracelog.h:56 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0823) | extensions/xmlterm/lineterm/tracelog.h:57 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0824) | extensions/xmlterm/linetest/lterm.c:123 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0826) | extensions/xmlterm/linetest/lterm.c:374 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0827) | extensions/xmlterm/linetest/lterm.c:415 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0828) | extensions/xmlterm/linetest/lterm.c:630 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0829) | extensions/xmlterm/linetest/lterm.c:234 Medium: signal: When setting signal handlers, do not use the same function to handle multiple signals. There exists the possibility a race condition will result if 2 or more different signals are sent to the process at nearly the same time. Also, when writing signal handlers, it is best to do as little as possible in them. The best strategy is to use the signal handler to set a flag, that another part of the program tests and performs the appropriate action(s) when it is set. See also: http://razor.bindview.com/publish/papers/signals.txt
|
| r0830) | extensions/xmlterm/linetest/ptytest.c:463 Medium: getchar: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r0831) | extensions/xmlterm/linetest/ptytest.c:127 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0832) | extensions/xmlterm/linetest/ptytest.c:234 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0833) | extensions/xmlterm/linetest/ptytest.c:153 Medium: getchar: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r0834) | extensions/xmlterm/linetest/ptytest.c:297 Medium: getchar: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r0835) | extensions/xmlterm/linetest/utf8conv.c:171 Medium: read: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r0836) | extensions/xmlterm/linetest/utf8conv.c:312 Medium: read: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r0844) | gc/boehm/gc_fragments.cpp:16 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0845) | gc/boehm/gc_fragments.cpp:17 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0846) | gc/boehm/typeinfo.cpp:89 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0847) | gc/boehm/typeinfo.cpp:90 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0848) | gc/boehm/typeinfo.cpp:204 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0849) | gc/boehm/typeinfo.cpp:205 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0850) | gc/boehm/dyn_load.c:95 Medium: signal: When setting signal handlers, do not use the same function to handle multiple signals. There exists the possibility a race condition will result if 2 or more different signals are sent to the process at nearly the same time. Also, when writing signal handlers, it is best to do as little as possible in them. The best strategy is to use the signal handler to set a flag, that another part of the program tests and performs the appropriate action(s) when it is set. See also: http://razor.bindview.com/publish/papers/signals.txt
|
| r0851) | gc/boehm/dyn_load.c:101 Medium: signal: When setting signal handlers, do not use the same function to handle multiple signals. There exists the possibility a race condition will result if 2 or more different signals are sent to the process at nearly the same time. Also, when writing signal handlers, it is best to do as little as possible in them. The best strategy is to use the signal handler to set a flag, that another part of the program tests and performs the appropriate action(s) when it is set. See also: http://razor.bindview.com/publish/papers/signals.txt
|
| r0852) | gc/boehm/dyn_load.c:278 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0853) | gc/boehm/dyn_load.c:279 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0854) | gc/boehm/dyn_load.c:442 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0857) | gc/boehm/gcc_support.c:288 Medium: read: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r0858) | gc/boehm/malloc.c:74 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0859) | gc/boehm/misc.c:352 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r0860) | gc/boehm/misc.c:354 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r0861) | gc/boehm/misc.c:706 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0862) | gc/boehm/misc.c:719 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0863) | gc/boehm/misc.c:787 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0864) | gc/boehm/misc.c:825 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0867) | gc/boehm/os_dep.c:710 High: sprintf: Check to be sure that the format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle. Additionally, the format string could contain `%s' without precision that could result in a buffer overflow.
|
| r0868) | gc/boehm/os_dep.c:722 High: sprintf: Check to be sure that the format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle. Additionally, the format string could contain `%s' without precision that could result in a buffer overflow.
|
| r0869) | gc/boehm/os_dep.c:187 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0870) | gc/boehm/os_dep.c:1983 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0871) | gc/boehm/os_dep.c:529 Medium: signal: When setting signal handlers, do not use the same function to handle multiple signals. There exists the possibility a race condition will result if 2 or more different signals are sent to the process at nearly the same time. Also, when writing signal handlers, it is best to do as little as possible in them. The best strategy is to use the signal handler to set a flag, that another part of the program tests and performs the appropriate action(s) when it is set. See also: http://razor.bindview.com/publish/papers/signals.txt
|
| r0872) | gc/boehm/os_dep.c:531 Medium: signal: When setting signal handlers, do not use the same function to handle multiple signals. There exists the possibility a race condition will result if 2 or more different signals are sent to the process at nearly the same time. Also, when writing signal handlers, it is best to do as little as possible in them. The best strategy is to use the signal handler to set a flag, that another part of the program tests and performs the appropriate action(s) when it is set. See also: http://razor.bindview.com/publish/papers/signals.txt
|
| r0873) | gc/boehm/os_dep.c:544 Medium: signal: When setting signal handlers, do not use the same function to handle multiple signals. There exists the possibility a race condition will result if 2 or more different signals are sent to the process at nearly the same time. Also, when writing signal handlers, it is best to do as little as possible in them. The best strategy is to use the signal handler to set a flag, that another part of the program tests and performs the appropriate action(s) when it is set. See also: http://razor.bindview.com/publish/papers/signals.txt
|
| r0874) | gc/boehm/os_dep.c:546 Medium: signal: When setting signal handlers, do not use the same function to handle multiple signals. There exists the possibility a race condition will result if 2 or more different signals are sent to the process at nearly the same time. Also, when writing signal handlers, it is best to do as little as possible in them. The best strategy is to use the signal handler to set a flag, that another part of the program tests and performs the appropriate action(s) when it is set. See also: http://razor.bindview.com/publish/papers/signals.txt
|
| r0875) | gc/boehm/os_dep.c:1657 Medium: signal: When setting signal handlers, do not use the same function to handle multiple signals. There exists the possibility a race condition will result if 2 or more different signals are sent to the process at nearly the same time. Also, when writing signal handlers, it is best to do as little as possible in them. The best strategy is to use the signal handler to set a flag, that another part of the program tests and performs the appropriate action(s) when it is set. See also: http://razor.bindview.com/publish/papers/signals.txt
|
| r0876) | gc/boehm/os_dep.c:1724 Medium: signal: When setting signal handlers, do not use the same function to handle multiple signals. There exists the possibility a race condition will result if 2 or more different signals are sent to the process at nearly the same time. Also, when writing signal handlers, it is best to do as little as possible in them. The best strategy is to use the signal handler to set a flag, that another part of the program tests and performs the appropriate action(s) when it is set. See also: http://razor.bindview.com/publish/papers/signals.txt
|
| r0877) | gc/boehm/os_dep.c:1736 Medium: signal: When setting signal handlers, do not use the same function to handle multiple signals. There exists the possibility a race condition will result if 2 or more different signals are sent to the process at nearly the same time. Also, when writing signal handlers, it is best to do as little as possible in them. The best strategy is to use the signal handler to set a flag, that another part of the program tests and performs the appropriate action(s) when it is set. See also: http://razor.bindview.com/publish/papers/signals.txt
|
| r0878) | gc/boehm/solaris_threads.c:1872 Medium: read: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r0879) | gc/boehm/solaris_threads.c:1875 Medium: read: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r0880) | gc/boehm/test.c:227 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0881) | gc/boehm/gc_priv.h:461 High: EnterCriticalSection: This function can throw exceptions in low memory conditions. Use InitialCriticalSectionAndSpinCount instead.
|
| r0882) | gc/boehm/gc_priv.h:540 High: EnterCriticalSection: This function can throw exceptions in low memory conditions. Use InitialCriticalSectionAndSpinCount instead.
|
| r0883) | gc/boehm/cord/cordbscs.c:1074 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0884) | gc/boehm/cord/cordbscs.c:1078 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0885) | gc/boehm/cord/cordbscs.c:69 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0886) | gc/boehm/cord/cordbscs.c:275 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0887) | gc/boehm/cord/cordbscs.c:420 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0888) | gc/boehm/cord/cordprnt.c:286 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0889) | gc/boehm/cord/cordprnt.c:436 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0890) | gc/boehm/cord/cordprnt.c:167 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0892) | gc/boehm/cord/cordtest.c:306 High: vsprintf: Check to be sure that the format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle. Additionally, the format string could contain `%s' without precision that could result in a buffer overflow.
|
| r0893) | gc/boehm/cord/cordxtra.c:195 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0894) | gc/boehm/cord/cordxtra.c:486 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0895) | gc/boehm/cord/cordxtra.c:575 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0896) | gc/boehm/cord/de.c:448 Medium: getc: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r0897) | gc/boehm/cord/de.c:456 Medium: getc: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r0898) | gc/boehm/cord/de_win.c:582 Medium: getchar: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r0899) | gc/boehm/cord/ec.h:68 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0900) | gc/boehm/cord/ec.h:103 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0901) | gc/boehm/cord/private/cord_pos.h:40 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0902) | gc/boehm/xSYM/SymFiles.cpp:51 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0903) | gfx/public/nsNameValuePairDB.h:68 Medium: read: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r0904) | gfx/public/nsNameValuePairDB.h:142 Medium: read: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r0905) | gfx/public/nsNameValuePairDB.h:197 Medium: read: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r0906) | gfx/public/nsNameValuePairDB.h:227 Medium: read: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r0907) | gfx/public/nsNameValuePairDB.h:241 Medium: read: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r0908) | gfx/public/nsNameValuePairDB.h:272 Medium: read: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r0909) | gfx/src/nsNameValuePairDB.cpp:86 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0910) | gfx/src/nsNameValuePairDB.cpp:365 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0911) | gfx/src/nsPrintOptionsImpl.cpp:181 Medium: getc: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r0912) | gfx/src/beos/nsDeviceContextSpecB.cpp:1081 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0913) | gfx/src/beos/nsFontMetricsBeOS.cpp:215 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0914) | gfx/src/beos/nsFontMetricsBeOS.cpp:216 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0915) | gfx/src/beos/nsFontMetricsBeOS.cpp:219 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0916) | gfx/src/beos/nsPrintdBeOS.h:181 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0917) | gfx/src/freetype/nsFT2FontCatalog.cpp:76 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0918) | gfx/src/freetype/nsFT2FontCatalog.cpp:77 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0919) | gfx/src/freetype/nsFT2FontCatalog.cpp:78 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0920) | gfx/src/freetype/nsFT2FontCatalog.cpp:277 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0921) | gfx/src/freetype/nsFT2FontCatalog.cpp:923 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0922) | gfx/src/freetype/nsFT2FontCatalog.cpp:972 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0923) | gfx/src/freetype/nsFT2FontCatalog.cpp:982 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0924) | gfx/src/freetype/nsFT2FontCatalog.cpp:1264 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0925) | gfx/src/freetype/nsFT2FontCatalog.cpp:1276 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0926) | gfx/src/freetype/nsFT2FontCatalog.cpp:2116 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0927) | gfx/src/freetype/nsFT2FontCatalog.cpp:2117 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0928) | gfx/src/freetype/nsFT2FontCatalog.cpp:2177 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0929) | gfx/src/freetype/nsFT2FontCatalog.cpp:2197 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0930) | gfx/src/freetype/nsFT2FontCatalog.cpp:2198 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0931) | gfx/src/freetype/nsFT2FontCatalog.cpp:2286 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0932) | gfx/src/freetype/nsFT2FontCatalog.h:230 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r0933) | gfx/src/freetype/nsFT2FontCatalog.h:299 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r0934) | gfx/src/gtk/nsDeviceContextSpecG.cpp:123 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0935) | gfx/src/gtk/nsFontMetricsGTK.cpp:321 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0936) | gfx/src/gtk/nsFontMetricsGTK.cpp:323 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0937) | gfx/src/gtk/nsFontMetricsGTK.cpp:325 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0938) | gfx/src/gtk/nsFontMetricsGTK.cpp:327 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0939) | gfx/src/gtk/nsFontMetricsGTK.cpp:2986 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0940) | gfx/src/gtk/nsFontMetricsGTK.cpp:3008 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0941) | gfx/src/gtk/nsFontMetricsGTK.cpp:3043 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0942) | gfx/src/gtk/nsFontMetricsGTK.cpp:5109 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0943) | gfx/src/gtk/nsFontMetricsGTK.cpp:5120 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0944) | gfx/src/gtk/nsFontMetricsGTK.cpp:5249 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0945) | gfx/src/gtk/nsFontMetricsGTK.cpp:5457 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0946) | gfx/src/gtk/nsFontMetricsGTK.cpp:3354 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r0947) | gfx/src/gtk/nsFontMetricsXft.cpp:5110 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0948) | gfx/src/gtk/nsImageGTK.cpp:1153 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0949) | gfx/src/gtk/nsImageGTK.cpp:1236 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0950) | gfx/src/gtk/nsPrintdGTK.c:1046 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0951) | gfx/src/gtk/nsDeviceContextSpecG.h:94 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0952) | gfx/src/gtk/nsDeviceContextSpecG.h:96 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0953) | gfx/src/gtk/nsDeviceContextSpecG.h:142 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0954) | gfx/src/gtk/nsPrintdGTK.h:107 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0955) | gfx/src/gtk/nsPrintdGTK.h:108 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0956) | gfx/src/gtk/nsPrintdGTK.h:109 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0957) | gfx/src/gtk/nsPrintdGTK.h:110 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0958) | gfx/src/gtk/nsRenderingContextGTK.h:77 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0959) | gfx/src/gtk/nsRenderingContextGTK.h:78 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0960) | gfx/src/gtk/nsRenderingContextGTK.h:79 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0961) | gfx/src/mac/nsCoreGraphicsGlue.cpp:275 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0962) | gfx/src/mac/nsRenderingContextMac.cpp:99 High: printf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r0963) | gfx/src/mac/nsUnicodeFontMappingMac.cpp:1208 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0964) | gfx/src/mac/nsUnicodeRenderingToolkit.cpp:350 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0965) | gfx/src/mac/nsUnicodeRenderingToolkit.cpp:351 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0966) | gfx/src/os2/nsDeviceContextOS2.cpp:179 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0967) | gfx/src/os2/nsDeviceContextOS2.cpp:258 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0968) | gfx/src/os2/nsDeviceContextOS2.cpp:323 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0969) | gfx/src/os2/nsDeviceContextOS2.cpp:882 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0970) | gfx/src/os2/nsDeviceContextOS2.cpp:905 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0971) | gfx/src/os2/nsDeviceContextOS2.cpp:926 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0972) | gfx/src/os2/nsDeviceContextOS2.cpp:945 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0973) | gfx/src/os2/nsDeviceContextOS2.cpp:1075 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0974) | gfx/src/os2/nsDeviceContextOS2.cpp:1257 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0975) | gfx/src/os2/nsDeviceContextOS2.cpp:1446 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0976) | gfx/src/os2/nsDeviceContextOS2.cpp:1595 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0977) | gfx/src/os2/nsDeviceContextOS2.cpp:1612 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0978) | gfx/src/os2/nsDeviceContextSpecOS2.cpp:379 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0979) | gfx/src/os2/nsDeviceContextSpecOS2.cpp:588 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0980) | gfx/src/os2/nsDeviceContextSpecOS2.cpp:1067 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0981) | gfx/src/os2/nsDeviceContextSpecOS2.cpp:294 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0982) | gfx/src/os2/nsDeviceContextSpecOS2.cpp:297 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0983) | gfx/src/os2/nsDeviceContextSpecOS2.cpp:597 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0984) | gfx/src/os2/nsDeviceContextSpecOS2.cpp:598 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0985) | gfx/src/os2/nsDeviceContextSpecOS2.cpp:599 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0986) | gfx/src/os2/nsDeviceContextSpecOS2.cpp:617 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0987) | gfx/src/os2/nsDeviceContextSpecOS2.cpp:618 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0988) | gfx/src/os2/nsDeviceContextSpecOS2.cpp:622 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0989) | gfx/src/os2/nsDeviceContextSpecOS2.cpp:632 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0990) | gfx/src/os2/nsDeviceContextSpecOS2.cpp:636 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r0991) | gfx/src/os2/nsFontMetricsOS2.cpp:575 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0992) | gfx/src/os2/nsFontMetricsOS2.cpp:576 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0993) | gfx/src/os2/nsFontMetricsOS2.cpp:577 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0994) | gfx/src/os2/nsFontMetricsOS2.cpp:188 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0995) | gfx/src/os2/nsFontMetricsOS2.cpp:193 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0996) | gfx/src/os2/nsFontMetricsOS2.cpp:220 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0997) | gfx/src/os2/nsFontMetricsOS2.cpp:225 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0998) | gfx/src/os2/nsFontMetricsOS2.cpp:525 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r0999) | gfx/src/os2/nsFontMetricsOS2.cpp:632 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|