The following issues were found
deps/jansson/src/hashtable.h
1 issues
Line: 27
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct hashtable_list ordered_list;
size_t hash;
json_t *value;
char key[1];
};
struct hashtable_bucket {
struct hashtable_list *first;
struct hashtable_list *last;
Reported by FlawFinder.
deps/jansson/test/suites/api/test_load.c
1 issues
Line: 114
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
json_int_t expected;
#endif
char big[311];
json = json_loads("42", JSON_DECODE_INT_AS_REAL | JSON_DECODE_ANY, &error);
if (!json || !json_is_real(json) || json_real_value(json) != 42.0)
fail("json_load decode int as real failed - int");
json_decref(json);
Reported by FlawFinder.
deps/jansson/test/suites/api/test_pack.c
1 issues
Line: 24
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
json_t *value;
int i;
char buffer[4] = {'t', 'e', 's', 't'};
json_error_t error;
/*
* Simple, valid json_pack cases
*/
Reported by FlawFinder.
deps/libcaption/src/eia608.c
1 issues
Line: 199
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
eia608_style_t style;
const char* text = 0;
char char1[5], char2[5];
char1[0] = char2[0] = 0;
int row, col, chan, underline;
if (!eia608_parity_varify(cc_data)) {
text = "parity failed";
Reported by FlawFinder.
deps/lzma/common/tuklib_mbstr_width.c
1 issues
Line: 23
Column: 21
CWE codes:
126
extern size_t
tuklib_mbstr_width(const char *str, size_t *bytes)
{
const size_t len = strlen(str);
if (bytes != NULL)
*bytes = len;
#if !(defined(HAVE_MBRTOWC) && defined(HAVE_WCWIDTH))
// In single-byte mode, the width of the string is the same
Reported by FlawFinder.
deps/lzma/common/tuklib_open_stdxxx.c
1 issues
Line: 38
Column: 19
CWE codes:
362
// writing to stdin would fail. However, /dev/full
// is Linux specific, and if the program tries to
// write to stdin, there's already a problem anyway.
const int fd = open("/dev/null", O_NOCTTY
| (i == 0 ? O_WRONLY : O_RDONLY));
if (fd != i) {
if (fd != -1)
(void)close(fd);
Reported by FlawFinder.
deps/lzma/common/tuklib_progname.c
1 issues
Line: 31
Column: 22
CWE codes:
126
// We modify argv[0] to make it nicer to read.
// Strip the leading path.
char *p = argv[0] + strlen(argv[0]);
while (argv[0] < p && p[-1] != '/' && p[-1] != '\\')
--p;
argv[0] = p;
Reported by FlawFinder.
deps/lzma/liblzma/common/block_encoder.c
1 issues
Line: 126
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (coder->pos < check_size)
return LZMA_OK;
memcpy(coder->block->raw_check, coder->check.buffer.u8,
check_size);
return LZMA_STREAM_END;
}
}
Reported by FlawFinder.
deps/lzma/liblzma/common/common.c
1 issues
Line: 81
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
const size_t out_avail = out_size - *out_pos;
const size_t copy_size = my_min(in_avail, out_avail);
memcpy(out + *out_pos, in + *in_pos, copy_size);
*in_pos += copy_size;
*out_pos += copy_size;
return copy_size;
Reported by FlawFinder.
deps/lzma/liblzma/common/filter_common.c
1 issues
Line: 170
Column: 4
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
goto error;
}
memcpy(dest[i].options, src[i].options,
features[j].options_size);
}
}
// Terminate the filter array.
Reported by FlawFinder.