| r4000) | security/nss/cmd/checkcert/checkcert.c:157 Medium: getc: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r4001) | security/nss/cmd/cmdlib/cmdline.c:179 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4002) | security/nss/cmd/cmdlib/cmdline.c:116 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4004) | security/nss/cmd/crmf-cgi/crmfcgi.c:121 High: vsprintf: Check to be sure that the format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle. Additionally, the format string could contain `%s' without precision that could result in a buffer overflow.
|
| r4005) | security/nss/cmd/crmf-cgi/crmfcgi.c:181 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4006) | security/nss/cmd/crmf-cgi/crmfcgi.c:1011 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4007) | security/nss/cmd/crmf-cgi/crmfcgi.c:201 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r4008) | security/nss/cmd/crmftest/testcrmf.c:1091 Medium: srand: Standard random number generators should not be used to generate randomness used for security reasons. For security sensitive randomness a crytographic randomness generator that provides sufficient entropy should be used.
|
| r4010) | security/nss/cmd/crmftest/testcrmf.c:1435 High: getopt: Truncate all input strings to a reasonable length before passing them to this function
|
| r4011) | security/nss/cmd/crmftest/testcrmf.c:112 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4012) | security/nss/cmd/crmftest/testcrmf.c:146 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4013) | security/nss/cmd/crmftest/testcrmf.c:284 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4014) | security/nss/cmd/crmftest/testcrmf.c:479 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4015) | security/nss/cmd/crmftest/testcrmf.c:550 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4016) | security/nss/cmd/crmftest/testcrmf.c:551 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4017) | security/nss/cmd/crmftest/testcrmf.c:622 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4018) | security/nss/cmd/crmftest/testcrmf.c:692 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4019) | security/nss/cmd/crmftest/testcrmf.c:871 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4020) | security/nss/cmd/crmftest/testcrmf.c:872 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4021) | security/nss/cmd/crmftest/testcrmf.c:1103 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4022) | security/nss/cmd/dbck/dbck.c:121 High: scanf: Check to be sure that the format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle. Additionally, the format string could contain `%s' without precision that could result in a buffer overflow.
|
| r4023) | security/nss/cmd/dbck/dbck.c:153 High: scanf: Check to be sure that the format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle. Additionally, the format string could contain `%s' without precision that could result in a buffer overflow.
|
| r4024) | security/nss/cmd/dbtest/dbtest.c:481 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4025) | security/nss/cmd/dbtest/dbtest.c:483 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4026) | security/nss/cmd/derdump/derdump.c:131 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4027) | security/nss/cmd/derdump/derdump.c:141 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4028) | security/nss/cmd/derdump/derdump.c:143 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4029) | security/nss/cmd/derdump/derdump.c:147 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4030) | security/nss/cmd/derdump/derdump.c:153 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4031) | security/nss/cmd/derdump/derdump.c:156 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4032) | security/nss/cmd/derdump/derdump.c:160 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4033) | security/nss/cmd/digest/digest.c:40 High: fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4036) | security/nss/cmd/keyutil/keyutil.c:123 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4038) | security/nss/cmd/lib/derprint.c:54 High: getopt: Truncate all input strings to a reasonable length before passing them to this function
|
| r4039) | security/nss/cmd/lib/derprint.c:242 High: getopt: Truncate all input strings to a reasonable length before passing them to this function
|
| r4041) | security/nss/cmd/lib/dongle.c:151 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4042) | security/nss/cmd/lib/dongle.c:63 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4043) | security/nss/cmd/lib/dongle.c:65 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4044) | security/nss/cmd/lib/dongle.c:71 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4045) | security/nss/cmd/lib/dongle.c:96 High: gethostbyname: DNS results can easily be forged by an attacker (or arbitrarily set to large values, etc), and should not be trusted.
|
| r4046) | security/nss/cmd/lib/filestub.c:193 Medium: read: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r4047) | security/nss/cmd/lib/filestub.c:284 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4048) | security/nss/cmd/lib/filestub.c:385 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4049) | security/nss/cmd/lib/filestub.c:573 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4050) | security/nss/cmd/lib/filestub.c:641 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4051) | security/nss/cmd/lib/filestub.c:1086 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4052) | security/nss/cmd/lib/secarb.c:705 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r4053) | security/nss/cmd/lib/secarb.c:707 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r4054) | security/nss/cmd/lib/secarb.c:769 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r4055) | security/nss/cmd/lib/secarb.c:790 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r4056) | security/nss/cmd/lib/secarb.c:806 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r4057) | security/nss/cmd/lib/secarb.c:834 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r4058) | security/nss/cmd/lib/secarb.c:859 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r4059) | security/nss/cmd/lib/secarb.c:893 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r4062) | security/nss/cmd/lib/seccnames.c:132 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4063) | security/nss/cmd/lib/seccnames.c:310 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4064) | security/nss/cmd/lib/seccnames.c:338 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4065) | security/nss/cmd/lib/secpwd.c:151 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4066) | security/nss/cmd/lib/secpwd.c:93 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4067) | security/nss/cmd/lib/secutil.c:180 Medium: getchar: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r4068) | security/nss/cmd/lib/secutil.c:88 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4069) | security/nss/cmd/lib/secutil.c:189 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4070) | security/nss/cmd/lib/secutil.c:225 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4071) | security/nss/cmd/lib/secutil.c:400 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4072) | security/nss/cmd/lib/secutil.c:417 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4073) | security/nss/cmd/lib/secutil.c:432 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4074) | security/nss/cmd/lib/secutil.c:502 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4075) | security/nss/cmd/lib/secutil.c:768 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4076) | security/nss/cmd/lib/secutil.c:1106 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4077) | security/nss/cmd/lib/secutil.c:1590 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4078) | security/nss/cmd/lib/secutil.c:1766 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4079) | security/nss/cmd/lib/secutil.c:1854 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4080) | security/nss/cmd/lib/secutil.c:1903 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4081) | security/nss/cmd/lib/secutil.c:1942 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4082) | security/nss/cmd/lib/secutil.c:2018 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4083) | security/nss/cmd/lib/secutil.c:2053 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4084) | security/nss/cmd/lib/secutil.c:2593 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4085) | security/nss/cmd/lib/secutil.c:103 High: vfprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4086) | security/nss/cmd/lib/secutil.c:119 High: vfprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4087) | security/nss/cmd/modutil/install-ds.c:887 High: fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4088) | security/nss/cmd/modutil/install-ds.c:1552 High: fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4089) | security/nss/cmd/modutil/install-ds.c:1916 High: fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4090) | security/nss/cmd/modutil/install-ds.c:220 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4091) | security/nss/cmd/modutil/install-ds.c:233 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4092) | security/nss/cmd/modutil/install-ds.c:247 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4093) | security/nss/cmd/modutil/install-ds.c:253 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4094) | security/nss/cmd/modutil/install-ds.c:275 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4095) | security/nss/cmd/modutil/install-ds.c:280 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4096) | security/nss/cmd/modutil/install-ds.c:284 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4097) | security/nss/cmd/modutil/install-ds.c:396 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4098) | security/nss/cmd/modutil/install-ds.c:406 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4099) | security/nss/cmd/modutil/install-ds.c:420 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4100) | security/nss/cmd/modutil/install-ds.c:441 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4101) | security/nss/cmd/modutil/install-ds.c:448 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4102) | security/nss/cmd/modutil/install-ds.c:456 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4103) | security/nss/cmd/modutil/install-ds.c:476 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4104) | security/nss/cmd/modutil/install-ds.c:786 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4105) | security/nss/cmd/modutil/install-ds.c:793 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4106) | security/nss/cmd/modutil/install-ds.c:804 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4107) | security/nss/cmd/modutil/install-ds.c:811 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4108) | security/nss/cmd/modutil/install-ds.c:824 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4109) | security/nss/cmd/modutil/install-ds.c:831 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4110) | security/nss/cmd/modutil/install-ds.c:837 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4111) | security/nss/cmd/modutil/install-ds.c:849 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4112) | security/nss/cmd/modutil/install-ds.c:856 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4113) | security/nss/cmd/modutil/install-ds.c:862 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4114) | security/nss/cmd/modutil/install-ds.c:872 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4115) | security/nss/cmd/modutil/install-ds.c:899 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4116) | security/nss/cmd/modutil/install-ds.c:906 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4117) | security/nss/cmd/modutil/install-ds.c:929 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4118) | security/nss/cmd/modutil/install-ds.c:934 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4119) | security/nss/cmd/modutil/install-ds.c:939 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4120) | security/nss/cmd/modutil/install-ds.c:944 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4121) | security/nss/cmd/modutil/install-ds.c:958 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4122) | security/nss/cmd/modutil/install-ds.c:1145 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4123) | security/nss/cmd/modutil/install-ds.c:1163 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4124) | security/nss/cmd/modutil/install-ds.c:1172 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4125) | security/nss/cmd/modutil/install-ds.c:1198 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4126) | security/nss/cmd/modutil/install-ds.c:1207 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4127) | security/nss/cmd/modutil/install-ds.c:636 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4130) | security/nss/cmd/modutil/install.c:1321 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r4131) | security/nss/cmd/modutil/install.c:312 High: PR_vsmprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4132) | security/nss/cmd/modutil/install.c:315 High: PR_vsmprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4133) | security/nss/cmd/modutil/install.c:360 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4134) | security/nss/cmd/modutil/install.c:594 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4135) | security/nss/cmd/modutil/install.c:595 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4136) | security/nss/cmd/modutil/install.c:847 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4137) | security/nss/cmd/modutil/install.c:431 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4138) | security/nss/cmd/modutil/install.c:447 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4139) | security/nss/cmd/modutil/install.c:513 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4140) | security/nss/cmd/modutil/install.c:541 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4141) | security/nss/cmd/modutil/install.c:542 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4143) | security/nss/cmd/modutil/install.c:738 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4144) | security/nss/cmd/modutil/install.c:765 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4145) | security/nss/cmd/modutil/install.c:785 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4146) | security/nss/cmd/modutil/install.c:790 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4147) | security/nss/cmd/modutil/installparse.c:831 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r4150) | security/nss/cmd/modutil/lex.Pk11Install_yy.c:79 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4152) | security/nss/cmd/modutil/modutil.c:1620 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r4153) | security/nss/cmd/modutil/modutil.c:193 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4154) | security/nss/cmd/modutil/modutil.c:208 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4155) | security/nss/cmd/modutil/modutil.c:213 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4156) | security/nss/cmd/modutil/modutil.c:218 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4157) | security/nss/cmd/modutil/modutil.c:225 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4158) | security/nss/cmd/modutil/modutil.c:230 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4159) | security/nss/cmd/modutil/modutil.c:237 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4160) | security/nss/cmd/modutil/modutil.c:241 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4161) | security/nss/cmd/modutil/modutil.c:248 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4162) | security/nss/cmd/modutil/modutil.c:255 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4163) | security/nss/cmd/modutil/modutil.c:259 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4164) | security/nss/cmd/modutil/modutil.c:266 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4165) | security/nss/cmd/modutil/modutil.c:274 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4166) | security/nss/cmd/modutil/modutil.c:283 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4167) | security/nss/cmd/modutil/modutil.c:290 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4168) | security/nss/cmd/modutil/modutil.c:295 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4169) | security/nss/cmd/modutil/modutil.c:302 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4170) | security/nss/cmd/modutil/modutil.c:307 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4171) | security/nss/cmd/modutil/modutil.c:314 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4172) | security/nss/cmd/modutil/modutil.c:319 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4173) | security/nss/cmd/modutil/modutil.c:326 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4174) | security/nss/cmd/modutil/modutil.c:331 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4175) | security/nss/cmd/modutil/modutil.c:344 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4176) | security/nss/cmd/modutil/modutil.c:348 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4177) | security/nss/cmd/modutil/modutil.c:355 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4178) | security/nss/cmd/modutil/modutil.c:359 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4179) | security/nss/cmd/modutil/modutil.c:366 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4180) | security/nss/cmd/modutil/modutil.c:371 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4181) | security/nss/cmd/modutil/modutil.c:378 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4182) | security/nss/cmd/modutil/modutil.c:382 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4183) | security/nss/cmd/modutil/modutil.c:389 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4184) | security/nss/cmd/modutil/modutil.c:400 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4185) | security/nss/cmd/modutil/modutil.c:411 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4186) | security/nss/cmd/modutil/modutil.c:416 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4187) | security/nss/cmd/modutil/modutil.c:423 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4188) | security/nss/cmd/modutil/modutil.c:427 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4189) | security/nss/cmd/modutil/modutil.c:434 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4190) | security/nss/cmd/modutil/modutil.c:438 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4191) | security/nss/cmd/modutil/modutil.c:445 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4192) | security/nss/cmd/modutil/modutil.c:449 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4193) | security/nss/cmd/modutil/modutil.c:456 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4194) | security/nss/cmd/modutil/modutil.c:460 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4195) | security/nss/cmd/modutil/modutil.c:467 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4196) | security/nss/cmd/modutil/modutil.c:471 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4197) | security/nss/cmd/modutil/modutil.c:478 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4198) | security/nss/cmd/modutil/modutil.c:482 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4199) | security/nss/cmd/modutil/modutil.c:502 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4200) | security/nss/cmd/modutil/modutil.c:520 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4201) | security/nss/cmd/modutil/modutil.c:526 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4202) | security/nss/cmd/modutil/modutil.c:539 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4203) | security/nss/cmd/modutil/modutil.c:579 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4204) | security/nss/cmd/modutil/modutil.c:587 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4205) | security/nss/cmd/modutil/modutil.c:591 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4206) | security/nss/cmd/modutil/modutil.c:602 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4207) | security/nss/cmd/modutil/modutil.c:607 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4208) | security/nss/cmd/modutil/modutil.c:611 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4209) | security/nss/cmd/modutil/modutil.c:617 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4210) | security/nss/cmd/modutil/modutil.c:632 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4211) | security/nss/cmd/modutil/modutil.c:641 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4212) | security/nss/cmd/modutil/modutil.c:647 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4213) | security/nss/cmd/modutil/modutil.c:659 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4214) | security/nss/cmd/modutil/modutil.c:667 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4215) | security/nss/cmd/modutil/modutil.c:674 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4216) | security/nss/cmd/modutil/modutil.c:682 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4217) | security/nss/cmd/modutil/modutil.c:808 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4218) | security/nss/cmd/modutil/modutil.c:846 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4219) | security/nss/cmd/modutil/modutil.c:848 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4220) | security/nss/cmd/modutil/modutil.c:854 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4221) | security/nss/cmd/modutil/modutil.c:940 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4222) | security/nss/cmd/modutil/pk11.c:787 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4223) | security/nss/cmd/modutil/pk11.c:61 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4224) | security/nss/cmd/modutil/pk11.c:65 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4225) | security/nss/cmd/modutil/pk11.c:67 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4226) | security/nss/cmd/modutil/pk11.c:76 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4227) | security/nss/cmd/modutil/pk11.c:80 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4228) | security/nss/cmd/modutil/pk11.c:82 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4229) | security/nss/cmd/modutil/pk11.c:86 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4230) | security/nss/cmd/modutil/pk11.c:178 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4231) | security/nss/cmd/modutil/pk11.c:250 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4232) | security/nss/cmd/modutil/pk11.c:254 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4233) | security/nss/cmd/modutil/pk11.c:258 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4234) | security/nss/cmd/modutil/pk11.c:279 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4235) | security/nss/cmd/modutil/pk11.c:282 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4236) | security/nss/cmd/modutil/pk11.c:287 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4237) | security/nss/cmd/modutil/pk11.c:339 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4238) | security/nss/cmd/modutil/pk11.c:362 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4239) | security/nss/cmd/modutil/pk11.c:370 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4240) | security/nss/cmd/modutil/pk11.c:462 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4241) | security/nss/cmd/modutil/pk11.c:467 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4242) | security/nss/cmd/modutil/pk11.c:511 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4243) | security/nss/cmd/modutil/pk11.c:518 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4244) | security/nss/cmd/modutil/pk11.c:524 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4245) | security/nss/cmd/modutil/pk11.c:525 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4246) | security/nss/cmd/modutil/pk11.c:528 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4247) | security/nss/cmd/modutil/pk11.c:530 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4248) | security/nss/cmd/modutil/pk11.c:532 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4249) | security/nss/cmd/modutil/pk11.c:534 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4250) | security/nss/cmd/modutil/pk11.c:539 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4251) | security/nss/cmd/modutil/pk11.c:542 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4252) | security/nss/cmd/modutil/pk11.c:545 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4253) | security/nss/cmd/modutil/pk11.c:549 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4254) | security/nss/cmd/modutil/pk11.c:556 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4255) | security/nss/cmd/modutil/pk11.c:558 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4256) | security/nss/cmd/modutil/pk11.c:560 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4257) | security/nss/cmd/modutil/pk11.c:561 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4258) | security/nss/cmd/modutil/pk11.c:563 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4259) | security/nss/cmd/modutil/pk11.c:565 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4260) | security/nss/cmd/modutil/pk11.c:568 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4261) | security/nss/cmd/modutil/pk11.c:570 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4262) | security/nss/cmd/modutil/pk11.c:573 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4263) | security/nss/cmd/modutil/pk11.c:575 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4264) | security/nss/cmd/modutil/pk11.c:579 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4265) | security/nss/cmd/modutil/pk11.c:581 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4266) | security/nss/cmd/modutil/pk11.c:603 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4267) | security/nss/cmd/modutil/pk11.c:614 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4268) | security/nss/cmd/modutil/pk11.c:624 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4269) | security/nss/cmd/modutil/pk11.c:638 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4270) | security/nss/cmd/modutil/pk11.c:648 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4271) | security/nss/cmd/modutil/pk11.c:654 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4272) | security/nss/cmd/modutil/pk11.c:660 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4273) | security/nss/cmd/modutil/pk11.c:698 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4274) | security/nss/cmd/modutil/pk11.c:710 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4275) | security/nss/cmd/modutil/pk11.c:715 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4276) | security/nss/cmd/modutil/pk11.c:720 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4277) | security/nss/cmd/modutil/pk11.c:725 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4278) | security/nss/cmd/modutil/pk11.c:732 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4279) | security/nss/cmd/modutil/pk11.c:738 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4280) | security/nss/cmd/modutil/pk11.c:765 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4281) | security/nss/cmd/modutil/pk11.c:793 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4282) | security/nss/cmd/modutil/pk11.c:800 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4283) | security/nss/cmd/modutil/pk11.c:806 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4284) | security/nss/cmd/modutil/pk11.c:831 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4285) | security/nss/cmd/modutil/pk11.c:851 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4286) | security/nss/cmd/modutil/pk11.c:857 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4287) | security/nss/cmd/modutil/pk11.c:862 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4289) | security/nss/cmd/modutil/pk11.c:198 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4290) | security/nss/cmd/ocspclnt/ocspclnt.c:209 High: strcat: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r4291) | security/nss/cmd/oidcalc/oidcalc.c:532 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4292) | security/nss/cmd/p7content/p7content.c:46 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4293) | security/nss/cmd/p7env/p7env.c:57 High: fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4295) | security/nss/cmd/p7sign/p7sign.c:132 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4297) | security/nss/cmd/p7verify/p7verify.c:132 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4299) | security/nss/cmd/pk12util/pk12util.c:89 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4300) | security/nss/cmd/pk12util/pk12util.c:165 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4301) | security/nss/cmd/pp/pp.c:519 High: fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4302) | security/nss/cmd/pp/pp.c:523 High: fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4303) | security/nss/cmd/rsaperf/rsaperf.c:44 High: fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4304) | security/nss/cmd/selfserv/selfserv.c:246 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4305) | security/nss/cmd/selfserv/selfserv.c:247 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4306) | security/nss/cmd/selfserv/selfserv.c:701 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4307) | security/nss/cmd/selfserv/selfserv.c:787 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4308) | security/nss/cmd/selfserv/selfserv.c:788 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4309) | security/nss/cmd/selfserv/selfserv.c:789 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4314) | security/nss/cmd/signtool/javascript.c:73 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4315) | security/nss/cmd/signtool/javascript.c:128 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4316) | security/nss/cmd/signtool/javascript.c:129 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4317) | security/nss/cmd/signtool/sign.c:109 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4318) | security/nss/cmd/signtool/sign.c:223 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4319) | security/nss/cmd/signtool/sign.c:1649 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4320) | security/nss/cmd/signtool/sign.c:1732 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4321) | security/nss/cmd/signtool/sign.c:70 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4322) | security/nss/cmd/signtool/sign.c:219 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4323) | security/nss/cmd/signtool/sign.c:220 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4324) | security/nss/cmd/signtool/sign.c:330 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4325) | security/nss/cmd/signtool/sign.c:427 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4326) | security/nss/cmd/signtool/sign.c:510 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4327) | security/nss/cmd/signtool/sign.c:577 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4328) | security/nss/cmd/signtool/sign.c:677 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4331) | security/nss/cmd/signtool/signtool.c:358 High: strcat: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r4332) | security/nss/cmd/signtool/signtool.c:403 High: strcat: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r4333) | security/nss/cmd/signtool/signtool.c:160 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4334) | security/nss/cmd/signtool/util.c:481 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4335) | security/nss/cmd/signtool/util.c:486 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4336) | security/nss/cmd/signtool/util.c:495 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4337) | security/nss/cmd/signtool/util.c:499 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4338) | security/nss/cmd/signtool/util.c:509 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4339) | security/nss/cmd/signtool/util.c:514 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4340) | security/nss/cmd/signtool/util.c:523 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4341) | security/nss/cmd/signtool/util.c:534 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4342) | security/nss/cmd/signtool/util.c:540 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4343) | security/nss/cmd/signtool/util.c:550 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4344) | security/nss/cmd/signtool/util.c:556 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4345) | security/nss/cmd/signtool/util.c:566 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4346) | security/nss/cmd/signtool/util.c:572 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4347) | security/nss/cmd/signtool/util.c:591 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4348) | security/nss/cmd/signtool/util.c:597 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4349) | security/nss/cmd/signtool/util.c:613 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4350) | security/nss/cmd/signtool/util.c:619 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4351) | security/nss/cmd/signtool/util.c:629 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4352) | security/nss/cmd/signtool/util.c:635 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4353) | security/nss/cmd/signtool/util.c:645 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4354) | security/nss/cmd/signtool/util.c:651 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4355) | security/nss/cmd/signtool/util.c:661 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4356) | security/nss/cmd/signtool/util.c:678 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4357) | security/nss/cmd/signtool/util.c:684 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4358) | security/nss/cmd/signtool/util.c:694 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4359) | security/nss/cmd/signtool/util.c:700 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4360) | security/nss/cmd/signtool/util.c:713 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4361) | security/nss/cmd/signtool/util.c:719 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4362) | security/nss/cmd/signtool/util.c:728 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4363) | security/nss/cmd/signtool/util.c:734 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4364) | security/nss/cmd/signtool/util.c:743 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4365) | security/nss/cmd/signtool/util.c:748 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4366) | security/nss/cmd/signtool/util.c:763 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4367) | security/nss/cmd/signtool/util.c:773 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4368) | security/nss/cmd/signtool/util.c:786 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4369) | security/nss/cmd/signtool/util.c:790 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4370) | security/nss/cmd/signtool/util.c:140 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4371) | security/nss/cmd/signtool/util.c:287 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4373) | security/nss/cmd/signtool/util.c:387 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4375) | security/nss/cmd/signtool/util.c:521 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4376) | security/nss/cmd/signtool/util.c:864 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4377) | security/nss/cmd/signtool/util.c:351 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r4379) | security/nss/cmd/signtool/util.c:389 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r4380) | security/nss/cmd/signtool/util.c:404 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r4381) | security/nss/cmd/signtool/util.c:354 High: strcat: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r4382) | security/nss/cmd/signtool/util.c:381 High: strcat: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r4383) | security/nss/cmd/signtool/util.c:384 High: strcat: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r4384) | security/nss/cmd/signtool/util.c:392 High: strcat: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r4385) | security/nss/cmd/signtool/util.c:408 High: strcat: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r4388) | security/nss/cmd/signver/pk7print.c:174 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4408) | security/nss/cmd/signver/pk7print.c:458 High: fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4409) | security/nss/cmd/signver/pk7print.c:460 High: fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4410) | security/nss/cmd/signver/pk7print.c:557 High: fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4411) | security/nss/cmd/signver/pk7print.c:560 High: fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4413) | security/nss/cmd/signver/pk7print.c:630 High: fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4414) | security/nss/cmd/signver/signver.c:179 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4415) | security/nss/cmd/signver/signver.c:290 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4416) | security/nss/cmd/signver/signver.c:309 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4417) | security/nss/cmd/signver/signver.c:350 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4418) | security/nss/cmd/signver/signver.c:452 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4419) | security/nss/cmd/signver/signver.c:486 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4420) | security/nss/cmd/signver/signver.c:581 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4421) | security/nss/cmd/signver/signver.c:665 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4422) | security/nss/cmd/signver/signver.c:700 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4423) | security/nss/cmd/smimetools/cmsutil.c:342 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4424) | security/nss/cmd/SSLsample/client.c:991 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4425) | security/nss/cmd/SSLsample/client.c:255 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4426) | security/nss/cmd/SSLsample/client.c:338 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4428) | security/nss/cmd/SSLsample/sslsample.h:361 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4429) | security/nss/cmd/sslstrength/sslstrength.c:76 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4430) | security/nss/cmd/sslstrength/sslstrength.c:208 High: PR_fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4431) | security/nss/cmd/ssltap/ssltap.c:245 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4432) | security/nss/cmd/ssltap/ssltap.c:246 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4433) | security/nss/cmd/ssltap/ssltap.c:467 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4434) | security/nss/cmd/ssltap/ssltap.c:530 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4435) | security/nss/cmd/ssltap/ssltap.c:662 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4436) | security/nss/cmd/ssltap/ssltap.c:784 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4437) | security/nss/cmd/ssltap/ssltap.c:977 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4438) | security/nss/cmd/ssltap/ssltap.c:1063 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4439) | security/nss/cmd/ssltap/ssltap.c:1218 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4440) | security/nss/cmd/strsclnt/strsclnt.c:1010 High: strcat: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r4441) | security/nss/cmd/swfort/instinit/instinit.c:797 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4442) | security/nss/cmd/swfort/instinit/instinit.c:79 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4443) | security/nss/cmd/swfort/instinit/instinit.c:118 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4447) | security/nss/cmd/swfort/newuser/mktst.c:130 High: strcat: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r4448) | security/nss/cmd/swfort/newuser/mktst.c:138 High: strcat: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r4449) | security/nss/cmd/swfort/newuser/newuser.c:160 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4450) | security/nss/cmd/swfort/newuser/newuser.c:163 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4451) | security/nss/cmd/swfort/newuser/newuser.c:164 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4452) | security/nss/cmd/swfort/newuser/newuser.c:168 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4453) | security/nss/cmd/tstclnt/tstclnt.c:294 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4454) | security/nss/cmd/tstclnt/tstclnt.c:626 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4455) | security/nss/cmd/tstclnt/tstclnt.c:627 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4456) | security/nss/cmd/tstclnt/tstclnt.c:628 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4457) | security/nss/cmd/tstclnt/tstclnt.c:629 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4458) | security/nss/cmd/tstclnt/tstclnt.c:630 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4459) | security/nss/cmd/tstclnt/tstclnt.c:631 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4460) | security/nss/cmd/tstclnt/tstclnt.c:632 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4461) | security/nss/cmd/tstclnt/tstclnt.c:637 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4462) | security/nss/cmd/tstclnt/tstclnt.c:650 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4463) | security/nss/cmd/vfyserv/vfyserv.c:306 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4464) | security/nss/cmd/vfyserv/vfyserv.c:625 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4465) | security/nss/cmd/vfyserv/vfyserv.h:238 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4466) | security/nss/cmd/vfyserv/vfyserv.h:329 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4467) | security/nss/cmd/zlib/gzio.c:76 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4468) | security/nss/cmd/zlib/gzio.c:70 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4469) | security/nss/cmd/zlib/gzio.c:168 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4472) | security/nss/cmd/zlib/minigzip.c:535 High: strcat: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r4473) | security/nss/cmd/zlib/minigzip.c:89 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4474) | security/nss/cmd/zlib/minigzip.c:114 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4475) | security/nss/cmd/zlib/minigzip.c:140 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4476) | security/nss/cmd/zlib/minigzip.c:169 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4479) | security/nss/lib/base/whatnspr.c:145 High: strcat: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r4480) | security/nss/lib/base/whatnspr.c:184 High: strcat: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r4481) | security/nss/lib/certdb/alg1485.c:68 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4482) | security/nss/lib/certdb/certdb.c:395 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4483) | security/nss/lib/certdb/certdb.c:396 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4484) | security/nss/lib/certdb/certdb.c:623 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4485) | security/nss/lib/certdb/certt.h:1373 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4486) | security/nss/lib/certdb/certt.h:2063 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4487) | security/nss/lib/certdb/certt.h:2064 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4488) | security/nss/lib/certdb/certt.h:2065 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4489) | security/nss/lib/certhigh/certhtml.c:729 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4490) | security/nss/lib/certhigh/ocsp.c:408 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4491) | security/nss/lib/ckfw/nsprstub.c:2323 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4492) | security/nss/lib/ckfw/dbm/db.c:83 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r4493) | security/nss/lib/ckfw/dbm/db.c:309 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r4494) | security/nss/lib/crmf/challcli.c:46 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4495) | security/nss/lib/crmf/challcli.c:116 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4496) | security/nss/lib/cryptohi/dsautil.c:126 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4497) | security/nss/lib/cryptohi/secsign.c:136 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4498) | security/nss/lib/cryptohi/secsign.c:137 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4499) | security/nss/lib/cryptohi/secvfy.c:187 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4500) | security/nss/lib/cryptohi/secvfy.c:313 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4501) | security/nss/lib/cryptohi/keythi.h:116 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4502) | security/nss/lib/cryptohi/keythi.h:322 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4503) | security/nss/lib/cryptohi/keythi.h:454 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4504) | security/nss/lib/fortcrypt/fortpk11.c:127 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4507) | security/nss/lib/fortcrypt/replace.c:505 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4508) | security/nss/lib/fortcrypt/replace.c:857 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4509) | security/nss/lib/fortcrypt/replace.c:2076 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4510) | security/nss/lib/fortcrypt/replace.c:2158 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4511) | security/nss/lib/fortcrypt/replace.c:39 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4512) | security/nss/lib/fortcrypt/cryptint.h:76 Medium: fgetc: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r4513) | security/nss/lib/fortcrypt/maci.h:294 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4514) | security/nss/lib/fortcrypt/maci.h:296 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4515) | security/nss/lib/fortcrypt/maci.h:298 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4516) | security/nss/lib/fortcrypt/maci.h:302 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4517) | security/nss/lib/fortcrypt/maci.h:304 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4518) | security/nss/lib/fortcrypt/maci.h:306 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4519) | security/nss/lib/fortcrypt/maci.h:308 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4520) | security/nss/lib/fortcrypt/maci.h:310 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4521) | security/nss/lib/fortcrypt/maci.h:312 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4522) | security/nss/lib/fortcrypt/maci.h:314 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4523) | security/nss/lib/fortcrypt/maci.h:316 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4524) | security/nss/lib/fortcrypt/maci.h:318 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4525) | security/nss/lib/fortcrypt/maci.h:320 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4526) | security/nss/lib/fortcrypt/maci.h:322 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4527) | security/nss/lib/fortcrypt/maci.h:324 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4528) | security/nss/lib/fortcrypt/maci.h:326 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4529) | security/nss/lib/fortcrypt/maci.h:328 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4530) | security/nss/lib/fortcrypt/maci.h:330 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4531) | security/nss/lib/fortcrypt/maci.h:332 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4532) | security/nss/lib/fortcrypt/maci.h:334 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4533) | security/nss/lib/fortcrypt/maci.h:338 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4534) | security/nss/lib/fortcrypt/maci.h:340 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4535) | security/nss/lib/fortcrypt/maci.h:342 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4536) | security/nss/lib/fortcrypt/maci.h:344 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4537) | security/nss/lib/fortcrypt/maci.h:346 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4538) | security/nss/lib/fortcrypt/maci.h:351 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4539) | security/nss/lib/fortcrypt/maci.h:352 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4540) | security/nss/lib/fortcrypt/maci.h:353 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4541) | security/nss/lib/fortcrypt/maci.h:384 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4542) | security/nss/lib/fortcrypt/swfort/swfalg.c:308 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4543) | security/nss/lib/fortcrypt/swfort/swfalg.c:310 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4544) | security/nss/lib/fortcrypt/swfort/swfalg.c:312 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4545) | security/nss/lib/fortcrypt/swfort/swfalg.c:316 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4546) | security/nss/lib/fortcrypt/swfort/swfalg.c:318 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4547) | security/nss/lib/fortcrypt/swfort/swfalg.c:320 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4548) | security/nss/lib/fortcrypt/swfort/swfalg.c:322 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4549) | security/nss/lib/fortcrypt/swfort/swfalg.c:324 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4550) | security/nss/lib/fortcrypt/swfort/swfalg.c:326 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4551) | security/nss/lib/fortcrypt/swfort/swfalg.c:328 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4552) | security/nss/lib/fortcrypt/swfort/swfalg.c:330 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4553) | security/nss/lib/fortcrypt/swfort/swfalg.c:332 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4554) | security/nss/lib/fortcrypt/swfort/swfalg.c:334 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4555) | security/nss/lib/fortcrypt/swfort/swfalg.c:336 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4556) | security/nss/lib/fortcrypt/swfort/swfalg.c:338 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4557) | security/nss/lib/fortcrypt/swfort/swfalg.c:340 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4558) | security/nss/lib/fortcrypt/swfort/swfalg.c:342 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4559) | security/nss/lib/fortcrypt/swfort/swfalg.c:344 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4560) | security/nss/lib/fortcrypt/swfort/swfalg.c:346 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4561) | security/nss/lib/fortcrypt/swfort/swfalg.c:348 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4562) | security/nss/lib/fortcrypt/swfort/swfalg.c:352 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4563) | security/nss/lib/fortcrypt/swfort/swfalg.c:354 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4564) | security/nss/lib/fortcrypt/swfort/swfalg.c:356 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4565) | security/nss/lib/fortcrypt/swfort/swfalg.c:358 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4566) | security/nss/lib/fortcrypt/swfort/swfalg.c:360 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4567) | security/nss/lib/fortcrypt/swfort/swfalg.c:365 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4568) | security/nss/lib/fortcrypt/swfort/swfalg.c:366 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4569) | security/nss/lib/fortcrypt/swfort/swfalg.c:367 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4570) | security/nss/lib/fortcrypt/swfort/swfalg.c:398 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4571) | security/nss/lib/fortcrypt/swfort/swflib.c:237 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4572) | security/nss/lib/fortcrypt/swfort/swflib.c:265 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4573) | security/nss/lib/fortcrypt/swfort/swflib.c:313 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4574) | security/nss/lib/fortcrypt/swfort/swflib.c:312 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4575) | security/nss/lib/fortcrypt/swfort/swflib.c:386 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4576) | security/nss/lib/fortcrypt/swfort/swflib.c:454 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4577) | security/nss/lib/fortcrypt/swfort/swflib.c:97 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4578) | security/nss/lib/fortcrypt/swfort/swflib.c:187 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4579) | security/nss/lib/fortcrypt/swfort/swflib.c:421 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4580) | security/nss/lib/fortcrypt/swfort/swflib.c:586 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4582) | security/nss/lib/fortcrypt/swfort/swfparse.c:746 Medium: read: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r4583) | security/nss/lib/fortcrypt/swfort/swfutl.c:188 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4584) | security/nss/lib/fortcrypt/swfort/swfutl.c:193 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4585) | security/nss/lib/fortcrypt/swfort/swfutl.c:247 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4586) | security/nss/lib/fortcrypt/swfort/swfutl.c:252 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4587) | security/nss/lib/fortcrypt/swfort/swfutl.c:402 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4588) | security/nss/lib/fortcrypt/swfort/swfutl.c:382 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4589) | security/nss/lib/fortcrypt/swfort/swfutl.c:560 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4590) | security/nss/lib/fortcrypt/swfort/swfutl.c:708 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4595) | security/nss/lib/fortcrypt/swfort/pkcs11/stub.c:171 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4596) | security/nss/lib/freebl/dsa.c:81 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r4597) | security/nss/lib/freebl/fblstdlib.c:154 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4598) | security/nss/lib/freebl/fblstdlib.c:277 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4599) | security/nss/lib/freebl/loader.c:113 High: PL_strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r4600) | security/nss/lib/freebl/mac_rand.c:53 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4601) | security/nss/lib/freebl/mac_rand.c:67 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4602) | security/nss/lib/freebl/md2.c:57 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4603) | security/nss/lib/freebl/md2.c:84 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4604) | security/nss/lib/freebl/os2_rand.c:50 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4605) | security/nss/lib/freebl/os2_rand.c:51 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4606) | security/nss/lib/freebl/os2_rand.c:114 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4607) | security/nss/lib/freebl/os2_rand.c:115 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4608) | security/nss/lib/freebl/os2_rand.c:116 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4609) | security/nss/lib/freebl/os2_rand.c:208 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4610) | security/nss/lib/freebl/os2_rand.c:209 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4611) | security/nss/lib/freebl/os2_rand.c:216 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4612) | security/nss/lib/freebl/os2_rand.c:300 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4615) | security/nss/lib/freebl/os2_rand.c:255 High: strcat: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r4616) | security/nss/lib/freebl/pqg.c:305 Medium: stat: A potential TOCTOU (Time Of Check, Time Of Use) vulnerability exists. This is the first line where a check has occured. The following line(s) contain uses that may match up with this check: 310 (fopen)
|
| r4617) | security/nss/lib/freebl/prng_fips1861.c:177 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4618) | security/nss/lib/freebl/prng_fips1861.c:178 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4619) | security/nss/lib/freebl/prng_fips1861.c:179 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4620) | security/nss/lib/freebl/prng_fips1861.c:226 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4621) | security/nss/lib/freebl/rijndael.c:227 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4622) | security/nss/lib/freebl/rijndael.c:278 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4623) | security/nss/lib/freebl/rijndael.c:441 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4624) | security/nss/lib/freebl/sha.c:870 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4625) | security/nss/lib/freebl/sha.c:929 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4626) | security/nss/lib/freebl/sha_fast.c:80 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4627) | security/nss/lib/freebl/unix_rand.c:130 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4628) | security/nss/lib/freebl/unix_rand.c:396 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4629) | security/nss/lib/freebl/unix_rand.c:62 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4631) | security/nss/lib/freebl/unix_rand.c:228 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4632) | security/nss/lib/freebl/unix_rand.c:291 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4633) | security/nss/lib/freebl/unix_rand.c:316 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4634) | security/nss/lib/freebl/unix_rand.c:349 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4635) | security/nss/lib/freebl/unix_rand.c:470 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4636) | security/nss/lib/freebl/unix_rand.c:510 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4637) | security/nss/lib/freebl/unix_rand.c:614 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4638) | security/nss/lib/freebl/unix_rand.c:668 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4639) | security/nss/lib/freebl/unix_rand.c:775 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4640) | security/nss/lib/freebl/unix_rand.c:888 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4641) | security/nss/lib/freebl/unix_rand.c:952 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4644) | security/nss/lib/freebl/win_rand.c:955 Medium: stat: A potential TOCTOU (Time Of Check, Time Of Use) vulnerability exists. This is the first line where a check has occured. The following line(s) contain uses that may match up with this check: 959 (fopen)
|
| r4645) | security/nss/lib/freebl/win_rand.c:206 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4646) | security/nss/lib/freebl/win_rand.c:242 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4647) | security/nss/lib/freebl/win_rand.c:243 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4648) | security/nss/lib/freebl/win_rand.c:338 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4649) | security/nss/lib/freebl/win_rand.c:347 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4650) | security/nss/lib/freebl/win_rand.c:469 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4651) | security/nss/lib/freebl/win_rand.c:509 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4652) | security/nss/lib/freebl/win_rand.c:256 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r4653) | security/nss/lib/freebl/rijndael.h:518 Medium: stat: A potential TOCTOU (Time Of Check, Time Of Use) vulnerability exists. This is the first line where a check has occured. The following line(s) contain uses that may match up with this check: 523 (fopen)
|
| r4654) | security/nss/lib/freebl/mpi/mdxptest.c:67 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4655) | security/nss/lib/freebl/mpi/mpi-test.c:128 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4656) | security/nss/lib/freebl/mpi/mpi-test.c:158 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4657) | security/nss/lib/freebl/mpi/mpi-test.c:272 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4658) | security/nss/lib/freebl/mpi/mpi-test.c:273 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4666) | security/nss/lib/freebl/mpi/mpi.c:418 Medium: srand: Standard random number generators should not be used to generate randomness used for security reasons. For security sensitive randomness a crytographic randomness generator that provides sufficient entropy should be used.
|
| r4667) | security/nss/lib/freebl/mpi/mpi_sparc.c:2418 High: fprintf: Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4668) | security/nss/lib/freebl/mpi/mpprime.c:263 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4669) | security/nss/lib/freebl/mpi/mpprime.c:277 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4670) | security/nss/lib/freebl/mpi/mulsqr.c:438 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4683) | security/nss/lib/freebl/mpi/utils/identest.c:58 Medium: srand: Standard random number generators should not be used to generate randomness used for security reasons. For security sensitive randomness a crytographic randomness generator that provides sufficient entropy should be used.
|
| r4684) | security/nss/lib/freebl/mpi/utils/isprime.c:70 Medium: srand: Standard random number generators should not be used to generate randomness used for security reasons. For security sensitive randomness a crytographic randomness generator that provides sufficient entropy should be used.
|
| r4686) | security/nss/lib/freebl/mpi/utils/metime.c:69 Medium: signal: When setting signal handlers, do not use the same function to handle multiple signals. There exists the possibility a race condition will result if 2 or more different signals are sent to the process at nearly the same time. Also, when writing signal handlers, it is best to do as little as possible in them. The best strategy is to use the signal handler to set a flag, that another part of the program tests and performs the appropriate action(s) when it is set. See also: http://razor.bindview.com/publish/papers/signals.txt
|
| r4687) | security/nss/lib/freebl/mpi/utils/metime.c:71 Medium: signal: When setting signal handlers, do not use the same function to handle multiple signals. There exists the possibility a race condition will result if 2 or more different signals are sent to the process at nearly the same time. Also, when writing signal handlers, it is best to do as little as possible in them. The best strategy is to use the signal handler to set a flag, that another part of the program tests and performs the appropriate action(s) when it is set. See also: http://razor.bindview.com/publish/papers/signals.txt
|
| r4688) | security/nss/lib/freebl/mpi/utils/metime.c:73 Medium: signal: When setting signal handlers, do not use the same function to handle multiple signals. There exists the possibility a race condition will result if 2 or more different signals are sent to the process at nearly the same time. Also, when writing signal handlers, it is best to do as little as possible in them. The best strategy is to use the signal handler to set a flag, that another part of the program tests and performs the appropriate action(s) when it is set. See also: http://razor.bindview.com/publish/papers/signals.txt
|
| r4691) | security/nss/lib/freebl/mpi/utils/primegen.c:96 Medium: srand: Standard random number generators should not be used to generate randomness used for security reasons. For security sensitive randomness a crytographic randomness generator that provides sufficient entropy should be used.
|
| r4693) | security/nss/lib/freebl/mpi/utils/prng.c:90 Medium: srand: Standard random number generators should not be used to generate randomness used for security reasons. For security sensitive randomness a crytographic randomness generator that provides sufficient entropy should be used.
|
| r4694) | security/nss/lib/freebl/mpi/utils/prng.c:92 Medium: srand: Standard random number generators should not be used to generate randomness used for security reasons. For security sensitive randomness a crytographic randomness generator that provides sufficient entropy should be used.
|
| r4695) | security/nss/lib/jar/jarfile.c:67 Medium: srand: Standard random number generators should not be used to generate randomness used for security reasons. For security sensitive randomness a crytographic randomness generator that provides sufficient entropy should be used.
|
| r4696) | security/nss/lib/jar/jarjart.c:770 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4697) | security/nss/lib/jar/jarjart.c:772 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4698) | security/nss/lib/jar/jarjart.c:773 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4699) | security/nss/lib/jar/jarsign.c:251 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4700) | security/nss/lib/jar/jarsign.c:254 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4701) | security/nss/lib/jar/jarver.c:255 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4702) | security/nss/lib/jar/jar.h:420 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4703) | security/nss/lib/jar/jar.h:421 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4704) | security/nss/lib/jar/jarfile.h:99 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4705) | security/nss/lib/jar/jarfile.h:101 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4706) | security/nss/lib/pk11wrap/debug_module.c:45 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4707) | security/nss/lib/pk11wrap/debug_module.c:46 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4708) | security/nss/lib/pk11wrap/debug_module.c:47 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4709) | security/nss/lib/pk11wrap/debug_module.c:48 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4710) | security/nss/lib/pk11wrap/debug_module.c:49 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4711) | security/nss/lib/pk11wrap/debug_module.c:50 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4712) | security/nss/lib/pk11wrap/debug_module.c:51 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4713) | security/nss/lib/pk11wrap/debug_module.c:52 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4714) | security/nss/lib/pk11wrap/debug_module.c:53 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4715) | security/nss/lib/pk11wrap/debug_module.c:54 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4716) | security/nss/lib/pk11wrap/debug_module.c:55 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4717) | security/nss/lib/pk11wrap/debug_module.c:60 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4718) | security/nss/lib/pk11wrap/debug_module.c:61 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4719) | security/nss/lib/pk11wrap/debug_module.c:62 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4720) | security/nss/lib/pk11wrap/debug_module.c:63 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4721) | security/nss/lib/pk11wrap/debug_module.c:64 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4722) | security/nss/lib/pk11wrap/debug_module.c:65 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4723) | security/nss/lib/pk11wrap/debug_module.c:66 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4724) | security/nss/lib/pk11wrap/debug_module.c:67 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4725) | security/nss/lib/pk11wrap/debug_module.c:68 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4726) | security/nss/lib/pk11wrap/debug_module.c:69 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4727) | security/nss/lib/pk11wrap/debug_module.c:70 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4728) | security/nss/lib/pk11wrap/debug_module.c:71 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4729) | security/nss/lib/pk11wrap/debug_module.c:72 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4730) | security/nss/lib/pk11wrap/debug_module.c:73 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4731) | security/nss/lib/pk11wrap/debug_module.c:74 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4732) | security/nss/lib/pk11wrap/debug_module.c:75 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4733) | security/nss/lib/pk11wrap/debug_module.c:76 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4734) | security/nss/lib/pk11wrap/debug_module.c:81 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4735) | security/nss/lib/pk11wrap/debug_module.c:82 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4736) | security/nss/lib/pk11wrap/debug_module.c:83 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4737) | security/nss/lib/pk11wrap/debug_module.c:84 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4738) | security/nss/lib/pk11wrap/debug_module.c:85 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4739) | security/nss/lib/pk11wrap/debug_module.c:86 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4740) | security/nss/lib/pk11wrap/debug_module.c:87 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4741) | security/nss/lib/pk11wrap/debug_module.c:88 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4742) | security/nss/lib/pk11wrap/debug_module.c:101 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4743) | security/nss/lib/pk11wrap/debug_module.c:102 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4744) | security/nss/lib/pk11wrap/debug_module.c:103 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4745) | security/nss/lib/pk11wrap/debug_module.c:104 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4746) | security/nss/lib/pk11wrap/debug_module.c:105 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4747) | security/nss/lib/pk11wrap/debug_module.c:106 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4748) | security/nss/lib/pk11wrap/debug_module.c:107 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4749) | security/nss/lib/pk11wrap/debug_module.c:109 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4750) | security/nss/lib/pk11wrap/debug_module.c:113 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4751) | security/nss/lib/pk11wrap/pk11cert.c:193 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4752) | security/nss/lib/pk11wrap/pk11cert.c:194 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4753) | security/nss/lib/pk11wrap/pk11pbe.c:122 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4754) | security/nss/lib/pk11wrap/pk11pbe.c:489 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4755) | security/nss/lib/pk11wrap/pk11skey.c:509 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4756) | security/nss/lib/pk11wrap/pk11slot.c:1112 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4757) | security/nss/lib/pk11wrap/pk11slot.c:1113 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4758) | security/nss/lib/pk11wrap/pk11slot.c:1428 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4759) | security/nss/lib/pk11wrap/pk11slot.c:3861 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4760) | security/nss/lib/pk11wrap/pk11slot.c:4091 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4761) | security/nss/lib/pk11wrap/secmodti.h:1482 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4762) | security/nss/lib/pk11wrap/secmodti.h:1483 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4763) | security/nss/lib/pk11wrap/secmodti.h:1549 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4764) | security/nss/lib/pk11wrap/secmodti.h:1550 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4765) | security/nss/lib/pk11wrap/secmodti.h:1816 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4766) | security/nss/lib/pk11wrap/secmodti.h:4413 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4767) | security/nss/lib/pkcs12/p12d.c:123 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4768) | security/nss/lib/pkcs12/p12d.c:126 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4769) | security/nss/lib/pkcs12/p12d.c:127 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4770) | security/nss/lib/pkcs7/p7local.c:1280 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4771) | security/nss/lib/pki/certificate.c:76 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4772) | security/nss/lib/pki/tdcache.c:971 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4773) | security/nss/lib/pki/tdcache.c:972 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4774) | security/nss/lib/pki1/atav.c:75 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4775) | security/nss/lib/smime/cmscipher.c:804 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4776) | security/nss/lib/softoken/alghmac.c:67 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4777) | security/nss/lib/softoken/dbinit.c:44 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4778) | security/nss/lib/softoken/dbinit.c:45 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4779) | security/nss/lib/softoken/dbinit.c:65 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4780) | security/nss/lib/softoken/dbmshim.c:76 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4781) | security/nss/lib/softoken/dbmshim.c:108 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4782) | security/nss/lib/softoken/dbmshim.c:160 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4783) | security/nss/lib/softoken/dbmshim.c:195 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4784) | security/nss/lib/softoken/dbmshim.c:139 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4785) | security/nss/lib/softoken/dbmshim.c:140 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4786) | security/nss/lib/softoken/keydb.c:188 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4787) | security/nss/lib/softoken/pcertdb.c:525 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4788) | security/nss/lib/softoken/pcertdb.c:1155 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4789) | security/nss/lib/softoken/pk11db.c:1046 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4790) | security/nss/lib/softoken/pk11db.c:4547 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4791) | security/nss/lib/softoken/pk11db.c:282 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4792) | security/nss/lib/softoken/pk11db.c:779 High: PR_smprintf: Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle.
|
| r4793) | security/nss/lib/softoken/pkcs11.c:322 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4794) | security/nss/lib/softoken/pkcs11.c:323 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4795) | security/nss/lib/softoken/pkcs11.c:326 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4796) | security/nss/lib/softoken/pkcs11.c:327 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4797) | security/nss/lib/softoken/pkcs11.c:328 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4798) | security/nss/lib/softoken/pkcs11.c:333 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4799) | security/nss/lib/softoken/pkcs11.c:334 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4800) | security/nss/lib/softoken/pkcs11.c:338 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4801) | security/nss/lib/softoken/pkcs11.c:339 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4802) | security/nss/lib/softoken/pkcs11.c:340 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4803) | security/nss/lib/softoken/pkcs11.c:343 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4804) | security/nss/lib/softoken/pkcs11c.c:1062 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4805) | security/nss/lib/softoken/pkcs11c.c:1206 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4806) | security/nss/lib/softoken/pkcs11c.c:1980 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4807) | security/nss/lib/softoken/pkcs11c.c:2090 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4808) | security/nss/lib/softoken/pkcs11c.c:2109 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4809) | security/nss/lib/softoken/pkcs11c.c:2914 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4810) | security/nss/lib/softoken/pkcs11c.c:2990 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4811) | security/nss/lib/softoken/pkcs11c.c:3224 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4812) | security/nss/lib/softoken/pkcs11c.c:3733 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4813) | security/nss/lib/softoken/pkcs11u.c:130 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4814) | security/nss/lib/softoken/pkcs11u.c:131 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4815) | security/nss/lib/softoken/pkcs11u.c:132 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4816) | security/nss/lib/softoken/pkcs11u.c:133 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4817) | security/nss/lib/softoken/pkcs11u.c:472 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4818) | security/nss/lib/softoken/pkcs11u.c:1362 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4819) | security/nss/lib/softoken/pkcs11u.c:1379 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4820) | security/nss/lib/softoken/pkcs11u.c:1452 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4821) | security/nss/lib/softoken/pkcs11u.c:1625 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4822) | security/nss/lib/softoken/pkcs11u.c:2077 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4823) | security/nss/lib/softoken/pkcs11u.c:2450 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4824) | security/nss/lib/softoken/pkcs11u.c:2892 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4825) | security/nss/lib/softoken/pkcs11u.c:3597 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4826) | security/nss/lib/softoken/pkcs11u.c:3920 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4827) | security/nss/lib/softoken/pkcs11u.c:4149 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4828) | security/nss/lib/softoken/pkcs11u.c:4150 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4829) | security/nss/lib/softoken/pkcs11u.c:4311 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4830) | security/nss/lib/softoken/pkcs11u.c:4312 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4831) | security/nss/lib/softoken/pkcs11u.c:4313 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4832) | security/nss/lib/softoken/pkcs11u.c:4450 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4833) | security/nss/lib/softoken/pkcs11u.c:4583 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4834) | security/nss/lib/softoken/pkcs11u.c:4776 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4835) | security/nss/lib/softoken/rsawrapr.c:480 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4836) | security/nss/lib/softoken/rsawrapr.c:511 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4837) | security/nss/lib/softoken/rsawrapr.c:550 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4838) | security/nss/lib/softoken/rsawrapr.c:688 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4839) | security/nss/lib/softoken/rsawrapr.c:727 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4840) | security/nss/lib/softoken/rsawrapr.c:765 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4841) | security/nss/lib/softoken/rsawrapr.c:885 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4842) | security/nss/lib/softoken/rsawrapr.c:1021 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4843) | security/nss/lib/softoken/rsawrapr.c:2619 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4844) | security/nss/lib/softoken/pcertt.h:65 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4845) | security/nss/lib/softoken/pcertt.h:117 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4846) | security/nss/lib/softoken/pcertt.h:155 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4847) | security/nss/lib/softoken/pk11pars.h:119 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4848) | security/nss/lib/softoken/pk11pars.h:155 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4849) | security/nss/lib/softoken/pk11pars.h:156 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4850) | security/nss/lib/softoken/pk11pars.h:256 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4851) | security/nss/lib/softoken/pk11pars.h:257 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4852) | security/nss/lib/softoken/pkcs11i.h:255 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4853) | security/nss/lib/ssl/ssl3con.c:208 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4854) | security/nss/lib/ssl/ssl3con.c:310 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4855) | security/nss/lib/ssl/ssl3con.c:311 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4856) | security/nss/lib/ssl/ssl3con.c:387 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4857) | security/nss/lib/ssl/ssl3con.c:388 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4858) | security/nss/lib/ssl/ssl3con.c:412 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4859) | security/nss/lib/ssl/ssldef.c:349 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4860) | security/nss/lib/ssl/ssldef.c:373 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4861) | security/nss/lib/ssl/ssldef.c:1263 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4862) | security/nss/lib/ssl/ssldef.c:2429 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4863) | security/nss/lib/ssl/ssldef.c:2430 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4864) | security/nss/lib/ssl/ssldef.c:2431 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4865) | security/nss/lib/ssl/ssldef.c:3410 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4866) | security/nss/lib/ssl/ssldef.c:5913 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4867) | security/nss/lib/ssl/sslgathr.c:155 Medium: read: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r4868) | security/nss/lib/ssl/sslmutex.c:243 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4869) | security/nss/lib/ssl/sslmutex.c:285 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4870) | security/nss/lib/ssl/sslsnce.c:251 Medium: read: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r4871) | security/nss/lib/ssl/sslsnce.c:316 Medium: read: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r4872) | security/nss/lib/ssl/sslsnce.c:1159 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4875) | security/nss/lib/ssl/sslsock.c:1464 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4878) | security/nss/lib/ssl/preenc.h:69 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4879) | security/nss/lib/ssl/preenc.h:130 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4880) | security/nss/lib/ssl/preenc.h:261 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4881) | security/nss/lib/ssl/sslimpl.h:61 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4882) | security/nss/lib/ssl/sslimpl.h:62 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4883) | security/nss/lib/ssl/sslimpl.h:63 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4884) | security/nss/lib/ssl/sslimpl.h:64 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4885) | security/nss/lib/ssl/sslimpl.h:69 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4886) | security/nss/lib/ssl/sslimpl.h:70 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4887) | security/nss/lib/ssl/sslimpl.h:71 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4888) | security/nss/lib/ssl/sslimpl.h:72 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4889) | security/nss/lib/ssl/sslimpl.h:73 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4890) | security/nss/lib/ssl/sslimpl.h:77 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4891) | security/nss/lib/ssl/sslimpl.h:78 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4892) | security/nss/lib/ssl/sslimpl.h:79 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4893) | security/nss/lib/ssl/sslimpl.h:80 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4894) | security/nss/lib/ssl/sslimpl.h:81 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4895) | security/nss/lib/ssl/sslimpl.h:82 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4896) | security/nss/lib/ssl/sslimpl.h:86 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4897) | security/nss/lib/ssl/sslimpl.h:87 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4898) | security/nss/lib/ssl/sslimpl.h:88 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4899) | security/nss/lib/ssl/sslimpl.h:89 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4900) | security/nss/lib/ssl/sslimpl.h:90 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4901) | security/nss/lib/ssl/sslimpl.h:91 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4902) | security/nss/lib/ssl/sslimpl.h:108 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4903) | security/nss/lib/ssl/sslimpl.h:109 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4904) | security/nss/lib/ssl/sslimpl.h:110 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4905) | security/nss/lib/ssl/sslimpl.h:111 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4906) | security/nss/lib/util/dersubr.c:370 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4907) | security/nss/lib/util/dersubr.c:495 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4908) | security/nss/lib/util/dersubr.c:652 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4909) | security/nss/lib/util/dersubr.c:770 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4910) | security/nss/lib/util/dersubr.c:773 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4911) | security/nss/lib/util/dersubr.c:776 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4912) | security/nss/lib/util/dersubr.c:779 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4913) | security/nss/lib/util/dersubr.c:780 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4914) | security/nss/lib/util/nssb64d.c:63 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4915) | security/nss/lib/util/nssb64d.c:110 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4916) | security/nss/lib/util/nssb64d.c:161 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4917) | security/nss/lib/util/nssb64e.c:100 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4918) | security/nss/lib/util/nssilock.c:60 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4919) | security/nss/lib/util/nssilock.c:95 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4920) | security/nss/lib/util/nssrwlk.c:153 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r4921) | security/nss/lib/util/secasn1e.c:127 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r4922) | security/nss/lib/util/secport.c:431 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4923) | security/nss/lib/util/secport.c:456 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4924) | security/nss/lib/util/secport.c:568 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r4925) | security/nss/lib/util/utf8.c:570 High: strcat: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r4926) | security/nss/lib/util/utf8.c:1523 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4927) | security/nss/lib/util/utf8.c:1580 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4928) | security/nss/lib/util/utf8.c:1638 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4929) | security/nss/lib/util/utf8.c:1745 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4930) | security/nss/lib/util/nssilckt.h:1863 High: strcat: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r4931) | security/nss/lib/util/nssilckt.h:1868 High: strcat: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r4932) | security/nss/lib/util/secplcy.h:195 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4941) | string/obsolete/nsString.cpp:1191 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4942) | string/obsolete/nsString.cpp:1262 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4943) | string/obsolete/nsString2.cpp:467 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4944) | string/obsolete/nsString2.cpp:757 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4945) | string/obsolete/nsString.h:539 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4946) | string/obsolete/nsString.h:786 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4947) | string/public/nsAlgorithm.h:435 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4948) | string/public/nsCharTraits.h:90 Medium: read: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r4949) | tools/leaky/bfd.cpp:410 Medium: read: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r4950) | tools/leaky/bfd.cpp:456 Medium: read: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r4951) | tools/leaky/bfd.cpp:502 Medium: read: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r4952) | tools/leaky/bfd.cpp:547 Medium: read: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r4953) | tools/leaky/coff.cpp:82 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r4954) | tools/leaky/coff.cpp:39 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4955) | tools/leaky/elf.cpp:90 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r4956) | tools/leaky/leaky.cpp:124 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r4958) | tools/leaky/leaky.cpp:208 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4959) | tools/leaky/leaky.cpp:714 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4960) | tools/leaky/libmalloc.cpp:216 Medium: read: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r4961) | tools/leaky/libmalloc.cpp:218 Medium: read: Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space.
|
| r4964) | tools/leaky/strset.cpp:480 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r4965) | tools/leaky/TestLeaky.cpp:26 Medium: realloc: Don't use on memory intended to be secure, because the old structure will not be zeroed out.
|
| r4966) | tools/leaky/libmalloc.h:37 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4967) | tools/preloader/preloader.cpp:35 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4973) | tools/preloader/preloader.cpp:1096 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r4974) | tools/preloader/preloader.cpp:1394 High: strcpy: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r4975) | tools/preloader/preloader.cpp:145 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4976) | tools/preloader/preloader.cpp:462 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4977) | tools/preloader/preloader.cpp:590 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4978) | tools/preloader/preloader.cpp:725 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4979) | tools/preloader/preloader.cpp:741 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4980) | tools/preloader/preloader.cpp:749 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4981) | tools/preloader/preloader.cpp:752 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4982) | tools/preloader/preloader.cpp:758 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4983) | tools/preloader/preloader.cpp:1040 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4984) | tools/preloader/preloader.cpp:1080 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4985) | tools/preloader/preloader.cpp:1081 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4986) | tools/preloader/preloader.cpp:1082 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4987) | tools/preloader/preloader.cpp:1089 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4988) | tools/preloader/preloader.cpp:1093 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4989) | tools/preloader/preloader.cpp:1110 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4990) | tools/preloader/preloader.cpp:1121 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4991) | tools/preloader/preloader.cpp:1153 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4992) | tools/preloader/preloader.cpp:1299 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4993) | tools/preloader/preloader.cpp:1362 High: fixed size local buffer: Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks.
|
| r4994) | tools/preloader/preloader.cpp:541 High: LoadLibrary: LoadLibrary will search several places for a library if no path is specified, allowing trojan DLL's to be inserted elsewhere even if the intended DLL is correctly protected from overwriting. Make sure to specify the full path.
|
| r4995) | uriloader/exthandler/nsExternalHelperAppService.cpp:578 High: strcat: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r4996) | uriloader/exthandler/nsExternalHelperAppService.cpp:1097 High: strcat: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r4997) | uriloader/exthandler/nsExternalHelperAppService.cpp:1098 High: strcat: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r4998) | uriloader/exthandler/nsExternalHelperAppService.cpp:1130 High: strcat: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|
| r4999) | uriloader/exthandler/nsExternalHelperAppService.cpp:1131 High: strcat: Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow.
|