The following issues were found
src/ccutil/errcode.cpp
9 issues
Line: 89
CWE codes:
476
# if defined(__GNUC__)
__builtin_trap();
# else
*reinterpret_cast<int *>(0) = 0;
# endif
#endif
abort();
default:
BADERRACTION.error("error", ABORT, nullptr);
Reported by Cppcheck.
Line: 49
Column: 15
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
if (caller != nullptr) {
// name of caller
msgptr += sprintf(msgptr, "%s:", caller);
}
// actual message
msgptr += sprintf(msgptr, "Error:%s", message);
if (format != nullptr) {
msgptr += sprintf(msgptr, ":");
Reported by FlawFinder.
Line: 52
Column: 13
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
msgptr += sprintf(msgptr, "%s:", caller);
}
// actual message
msgptr += sprintf(msgptr, "Error:%s", message);
if (format != nullptr) {
msgptr += sprintf(msgptr, ":");
va_start(args, format); // variable list
#ifdef _WIN32
// print remainder
Reported by FlawFinder.
Line: 63
Column: 15
CWE codes:
134
Suggestion:
Make format string constant
strcat(msg, "\n");
#else
// print remainder
msgptr += vsprintf(msgptr, format, args);
// no specific
msgptr += sprintf(msgptr, "\n");
#endif
va_end(args);
} else {
Reported by FlawFinder.
Line: 44
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
const char *format, ... // special message
) const {
va_list args; // variable args
char msg[MAX_MSG];
char *msgptr = msg;
if (caller != nullptr) {
// name of caller
msgptr += sprintf(msgptr, "%s:", caller);
Reported by FlawFinder.
Line: 54
Column: 15
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
// actual message
msgptr += sprintf(msgptr, "Error:%s", message);
if (format != nullptr) {
msgptr += sprintf(msgptr, ":");
va_start(args, format); // variable list
#ifdef _WIN32
// print remainder
msgptr += _vsnprintf(msgptr, MAX_MSG - 2 - (msgptr - msg), format, args);
msg[MAX_MSG - 2] = '\0'; // ensure termination
Reported by FlawFinder.
Line: 60
Column: 5
CWE codes:
120
Suggestion:
Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused)
// print remainder
msgptr += _vsnprintf(msgptr, MAX_MSG - 2 - (msgptr - msg), format, args);
msg[MAX_MSG - 2] = '\0'; // ensure termination
strcat(msg, "\n");
#else
// print remainder
msgptr += vsprintf(msgptr, format, args);
// no specific
msgptr += sprintf(msgptr, "\n");
Reported by FlawFinder.
Line: 65
Column: 15
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
// print remainder
msgptr += vsprintf(msgptr, format, args);
// no specific
msgptr += sprintf(msgptr, "\n");
#endif
va_end(args);
} else {
// no specific
msgptr += sprintf(msgptr, "\n");
Reported by FlawFinder.
Line: 70
Column: 15
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
va_end(args);
} else {
// no specific
msgptr += sprintf(msgptr, "\n");
}
// %s is needed here so msg is printed correctly!
fprintf(stderr, "%s", msg);
Reported by FlawFinder.
src/ccmain/paramsd.cpp
8 issues
Line: 326
Column: 5
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
// if file exists
if ((fp = fopen(filename, "rb")) != nullptr) {
fclose(fp);
sprintf(msg_str,
"Overwrite file "
"%s"
"? (Y/N)",
filename);
int a = sv_window_->ShowYesNoDialog(msg_str);
Reported by FlawFinder.
Line: 165
Column: 20
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
// (Quickly visible impacts?)
changed_ = true;
if (param_type_ == VT_INTEGER) {
iIt->set_value(atoi(val));
} else if (param_type_ == VT_BOOLEAN) {
bIt->set_value(atoi(val));
} else if (param_type_ == VT_DOUBLE) {
std::stringstream stream(val);
// Use "C" locale for reading double value.
Reported by FlawFinder.
Line: 167
Column: 20
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
if (param_type_ == VT_INTEGER) {
iIt->set_value(atoi(val));
} else if (param_type_ == VT_BOOLEAN) {
bIt->set_value(atoi(val));
} else if (param_type_ == VT_DOUBLE) {
std::stringstream stream(val);
// Use "C" locale for reading double value.
stream.imbue(std::locale::classic());
double d = 0;
Reported by FlawFinder.
Line: 322
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
// Write all (changed_) parameters to a config file.
void ParamsEditor::WriteParams(char *filename, bool changes_only) {
FILE *fp; // input file
char msg_str[255];
// if file exists
if ((fp = fopen(filename, "rb")) != nullptr) {
fclose(fp);
sprintf(msg_str,
"Overwrite file "
Reported by FlawFinder.
Line: 324
Column: 13
CWE codes:
362
FILE *fp; // input file
char msg_str[255];
// if file exists
if ((fp = fopen(filename, "rb")) != nullptr) {
fclose(fp);
sprintf(msg_str,
"Overwrite file "
"%s"
"? (Y/N)",
Reported by FlawFinder.
Line: 337
Column: 8
CWE codes:
362
} // don't write
}
fp = fopen(filename, "wb"); // can we write to it?
if (fp == nullptr) {
sv_window_->AddMessage(
"Can't write to file "
"%s"
"",
Reported by FlawFinder.
Line: 101
Column: 21
CWE codes:
126
int n, // number of words
char *t // target string
) {
int full_length = strlen(s);
int reqd_len = 0; // No. of chars requird
const char *next_word = s;
while ((n > 0) && reqd_len < full_length) {
reqd_len += strcspn(next_word, "_") + 1;
Reported by FlawFinder.
Line: 110
Column: 3
CWE codes:
120
next_word += reqd_len;
n--;
}
strncpy(t, s, reqd_len);
t[reqd_len] = '\0'; // ensure null terminal
}
// Getter for the name.
const char *ParamContent::GetName() const {
Reported by FlawFinder.
java/com/google/scrollview/ui/SVImageHandler.java
8 issues
Line: 29
*
* @author wanke@google.com
*/
public class SVImageHandler {
/* All methods are static, so we forbid to construct SVImageHandler objects */
private SVImageHandler() {
}
/**
Reported by PMD.
Line: 50
try {
newRead = in.read(charbuffer, numRead, size - numRead);
} catch (IOException e) {
System.out.println("Failed to read image data from socket:" + e.getMessage());
return null;
}
if (newRead < 0) {
return null;
}
Reported by PMD.
Line: 59
numRead += newRead;
}
if (numRead != size) {
System.out.println("Failed to read image data from socket");
return null;
}
// Convert the character data to binary.
byte[] binarydata = DatatypeConverter.parseBase64Binary(new String(charbuffer));
// Convert the binary data to a byte stream and parse to image.
Reported by PMD.
Line: 70
PImage img = new PImage(ImageIO.read(byteStream));
return img;
} catch (IOException e) {
System.out.println("Failed to decode image data from socket" + e.getMessage());
}
return null;
}
}
Reported by PMD.
Line: 46
char[] charbuffer = new char[size];
int numRead = 0;
while (numRead < size) {
int newRead = -1;
try {
newRead = in.read(charbuffer, numRead, size - numRead);
} catch (IOException e) {
System.out.println("Failed to read image data from socket:" + e.getMessage());
return null;
Reported by PMD.
Line: 43
* @param in The input stream from which to read the bytes.
*/
public static PImage readImage(int size, BufferedReader in) {
char[] charbuffer = new char[size];
int numRead = 0;
while (numRead < size) {
int newRead = -1;
try {
newRead = in.read(charbuffer, numRead, size - numRead);
Reported by PMD.
Line: 46
char[] charbuffer = new char[size];
int numRead = 0;
while (numRead < size) {
int newRead = -1;
try {
newRead = in.read(charbuffer, numRead, size - numRead);
} catch (IOException e) {
System.out.println("Failed to read image data from socket:" + e.getMessage());
return null;
Reported by PMD.
Line: 48
while (numRead < size) {
int newRead = -1;
try {
newRead = in.read(charbuffer, numRead, size - numRead);
} catch (IOException e) {
System.out.println("Failed to read image data from socket:" + e.getMessage());
return null;
}
if (newRead < 0) {
Reported by PMD.
src/lstm/networkio.cpp
8 issues
Line: 397
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
void NetworkIO::CopyTimeStepFrom(int dest_t, const NetworkIO &src, int src_t) {
ASSERT_HOST(int_mode_ == src.int_mode_);
if (int_mode_) {
memcpy(i_[dest_t], src.i_[src_t], i_.dim2() * sizeof(i_[0][0]));
} else {
memcpy(f_[dest_t], src.f_[src_t], f_.dim2() * sizeof(f_[0][0]));
}
}
Reported by FlawFinder.
Line: 399
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (int_mode_) {
memcpy(i_[dest_t], src.i_[src_t], i_.dim2() * sizeof(i_[0][0]));
} else {
memcpy(f_[dest_t], src.f_[src_t], f_.dim2() * sizeof(f_[0][0]));
}
}
// Copies a part of single time step from src.
void NetworkIO::CopyTimeStepGeneral(int dest_t, int dest_offset, int num_features,
Reported by FlawFinder.
Line: 408
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
const NetworkIO &src, int src_t, int src_offset) {
ASSERT_HOST(int_mode_ == src.int_mode_);
if (int_mode_) {
memcpy(i_[dest_t] + dest_offset, src.i_[src_t] + src_offset, num_features * sizeof(i_[0][0]));
} else {
memcpy(f_[dest_t] + dest_offset, src.f_[src_t] + src_offset, num_features * sizeof(f_[0][0]));
}
}
Reported by FlawFinder.
Line: 410
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (int_mode_) {
memcpy(i_[dest_t] + dest_offset, src.i_[src_t] + src_offset, num_features * sizeof(i_[0][0]));
} else {
memcpy(f_[dest_t] + dest_offset, src.f_[src_t] + src_offset, num_features * sizeof(f_[0][0]));
}
}
// Zeroes a single time step.
void NetworkIO::ZeroTimeStepGeneral(int t, int offset, int num_features) {
Reported by FlawFinder.
Line: 945
Column: 7
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
ASSERT_HOST(num_features + feature_offset <= NumFeatures());
if (int_mode_) {
for (int t = 0; t < width; ++t) {
memcpy(i_[t] + feature_offset, src.i_[t], num_features * sizeof(i_[t][0]));
}
for (int t = width; t < i_.dim1(); ++t) {
memset(i_[t], 0, num_features * sizeof(i_[t][0]));
}
} else {
Reported by FlawFinder.
Line: 952
Column: 7
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
} else {
for (int t = 0; t < width; ++t) {
memcpy(f_[t] + feature_offset, src.f_[t], num_features * sizeof(f_[t][0]));
}
for (int t = width; t < f_.dim1(); ++t) {
memset(f_[t], 0, num_features * sizeof(f_[t][0]));
}
}
Reported by FlawFinder.
Line: 969
Column: 7
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
ASSERT_HOST(num_features + feature_offset <= src.NumFeatures());
if (int_mode_) {
for (int t = 0; t < width; ++t) {
memcpy(i_[t], src.i_[t] + feature_offset, num_features * sizeof(i_[t][0]));
}
} else {
for (int t = 0; t < width; ++t) {
memcpy(f_[t], src.f_[t] + feature_offset, num_features * sizeof(f_[t][0]));
}
Reported by FlawFinder.
Line: 973
Column: 7
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
} else {
for (int t = 0; t < width; ++t) {
memcpy(f_[t], src.f_[t] + feature_offset, num_features * sizeof(f_[t][0]));
}
}
}
// Transposes the float part of *this into dest.
Reported by FlawFinder.
java/com/google/scrollview/events/SVEvent.java
8 issues
Line: 22
* @author wanke@google.com
*/
public class SVEvent {
SVEventType type; // What kind of event.
SVWindow window; // Window event relates to.
int x; // Coords of click or selection.
int y;
int xSize; // Size of selection.
int ySize;
Reported by PMD.
Line: 23
*/
public class SVEvent {
SVEventType type; // What kind of event.
SVWindow window; // Window event relates to.
int x; // Coords of click or selection.
int y;
int xSize; // Size of selection.
int ySize;
int commandId;
Reported by PMD.
Line: 24
public class SVEvent {
SVEventType type; // What kind of event.
SVWindow window; // Window event relates to.
int x; // Coords of click or selection.
int y;
int xSize; // Size of selection.
int ySize;
int commandId;
String parameter; // Any string that might have been passed as argument.
Reported by PMD.
Line: 25
SVEventType type; // What kind of event.
SVWindow window; // Window event relates to.
int x; // Coords of click or selection.
int y;
int xSize; // Size of selection.
int ySize;
int commandId;
String parameter; // Any string that might have been passed as argument.
Reported by PMD.
Line: 26
SVWindow window; // Window event relates to.
int x; // Coords of click or selection.
int y;
int xSize; // Size of selection.
int ySize;
int commandId;
String parameter; // Any string that might have been passed as argument.
/**
Reported by PMD.
Line: 27
int x; // Coords of click or selection.
int y;
int xSize; // Size of selection.
int ySize;
int commandId;
String parameter; // Any string that might have been passed as argument.
/**
* A "normal" SVEvent.
Reported by PMD.
Line: 28
int y;
int xSize; // Size of selection.
int ySize;
int commandId;
String parameter; // Any string that might have been passed as argument.
/**
* A "normal" SVEvent.
*
Reported by PMD.
Line: 29
int xSize; // Size of selection.
int ySize;
int commandId;
String parameter; // Any string that might have been passed as argument.
/**
* A "normal" SVEvent.
*
* @param t The type of the event as specified in SVEventType (e.g.
Reported by PMD.
src/training/common/commontraining.cpp
8 issues
Line: 372
Column: 5
CWE codes:
120
20
Suggestion:
Specify a limit to %s, or use a different input function
continue;
}
sscanf(buffer, "%*s %s", unichar);
if (unicharset != nullptr && !unicharset->contains_unichar(unichar)) {
unicharset->unichar_insert(unichar);
if (unicharset->size() > MAX_NUM_CLASSES) {
tprintf(
"Error: Size of unicharset in training is "
Reported by FlawFinder.
Line: 173
Column: 14
CWE codes:
362
void WriteShapeTable(const std::string &file_prefix, const ShapeTable &shape_table) {
std::string shape_table_file = file_prefix;
shape_table_file += kShapeTableFileSuffix;
FILE *fp = fopen(shape_table_file.c_str(), "wb");
if (fp != nullptr) {
if (!shape_table.Serialize(fp)) {
fprintf(stderr, "Error writing shape table: %s\n", shape_table_file.c_str());
}
fclose(fp);
Reported by FlawFinder.
Line: 251
Column: 5
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
int pagename_len = strlen(page_name);
char *fontinfo_file_name = new char[pagename_len + 7];
strncpy(fontinfo_file_name, page_name, pagename_len - 2); // remove "tr"
strcpy(fontinfo_file_name + pagename_len - 2, "fontinfo"); // +"fontinfo"
trainer->AddSpacingInfo(fontinfo_file_name);
delete[] fontinfo_file_name;
// Load the images into memory if required by the classifier.
if (FLAGS_load_images) {
Reported by FlawFinder.
Line: 267
Column: 16
CWE codes:
362
trainer->PostLoadCleanup();
// Write the master trainer if required.
if (!FLAGS_output_trainer.empty()) {
FILE *fp = fopen(FLAGS_output_trainer.c_str(), "wb");
if (fp == nullptr) {
tprintf("Can't create saved trainer data!\n");
} else {
trainer->Serialize(fp);
fclose(fp);
Reported by FlawFinder.
Line: 354
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
void ReadTrainingSamples(const FEATURE_DEFS_STRUCT &feature_definitions, const char *feature_name,
int max_samples, UNICHARSET *unicharset, FILE *file,
LIST *training_samples) {
char buffer[2048];
char unichar[UNICHAR_LEN + 1];
LABELEDLIST char_sample;
FEATURE_SET feature_samples;
uint32_t feature_type = ShortNameToFeatureType(feature_definitions, feature_name);
Reported by FlawFinder.
Line: 355
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int max_samples, UNICHARSET *unicharset, FILE *file,
LIST *training_samples) {
char buffer[2048];
char unichar[UNICHAR_LEN + 1];
LABELEDLIST char_sample;
FEATURE_SET feature_samples;
uint32_t feature_type = ShortNameToFeatureType(feature_definitions, feature_name);
// Zero out the font_sample_count for all the classes.
Reported by FlawFinder.
Line: 248
Column: 24
CWE codes:
126
// If there is a file with [lang].[fontname].exp[num].fontinfo present,
// read font spacing information in to fontinfo_table.
int pagename_len = strlen(page_name);
char *fontinfo_file_name = new char[pagename_len + 7];
strncpy(fontinfo_file_name, page_name, pagename_len - 2); // remove "tr"
strcpy(fontinfo_file_name + pagename_len - 2, "fontinfo"); // +"fontinfo"
trainer->AddSpacingInfo(fontinfo_file_name);
delete[] fontinfo_file_name;
Reported by FlawFinder.
Line: 250
Column: 5
CWE codes:
120
// read font spacing information in to fontinfo_table.
int pagename_len = strlen(page_name);
char *fontinfo_file_name = new char[pagename_len + 7];
strncpy(fontinfo_file_name, page_name, pagename_len - 2); // remove "tr"
strcpy(fontinfo_file_name + pagename_len - 2, "fontinfo"); // +"fontinfo"
trainer->AddSpacingInfo(fontinfo_file_name);
delete[] fontinfo_file_name;
// Load the images into memory if required by the classifier.
Reported by FlawFinder.
src/classify/trainingsample.cpp
8 issues
Line: 44
CWE codes:
590
TrainingSample::~TrainingSample() {
delete[] features_;
delete[] micro_features_;
}
// WARNING! Serialize/DeSerialize do not save/restore the "cache" data
// members, which is mostly the mapped features, and the weight.
// It is assumed these can all be reconstructed from what is saved.
Reported by Cppcheck.
Line: 142
CWE codes:
590
if (fread(features_, sizeof(*features_), num_features_, fp) != num_features_) {
return false;
}
delete[] micro_features_;
micro_features_ = new MicroFeature[num_micro_features_];
if (fread(micro_features_, sizeof(*micro_features_), num_micro_features_, fp) !=
num_micro_features_) {
return false;
}
Reported by Cppcheck.
Line: 256
CWE codes:
590
}
}
// Extract the Micro features.
delete[] micro_features_;
char_features = char_desc->FeatureSets[micro_type];
if (char_features == nullptr) {
tprintf("Error: no features to train on of type %s\n", kMicroFeatureType);
num_micro_features_ = 0;
micro_features_ = nullptr;
Reported by Cppcheck.
Line: 166
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
sample->num_features_ = num_features;
sample->features_ = new INT_FEATURE_STRUCT[num_features];
sample->outline_length_ = fx_info.Length;
memcpy(sample->features_, features, num_features * sizeof(features[0]));
sample->geo_feature_[GeoBottom] = bounding_box.bottom();
sample->geo_feature_[GeoTop] = bounding_box.top();
sample->geo_feature_[GeoWidth] = bounding_box.width();
// Generate the cn_feature_ from the fx_info.
Reported by FlawFinder.
Line: 222
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
sample->num_features_ = num_features_;
if (num_features_ > 0) {
sample->features_ = new INT_FEATURE_STRUCT[num_features_];
memcpy(sample->features_, features_, num_features_ * sizeof(features_[0]));
}
sample->num_micro_features_ = num_micro_features_;
if (num_micro_features_ > 0) {
sample->micro_features_ = new MicroFeature[num_micro_features_];
memcpy(sample->micro_features_, micro_features_,
Reported by FlawFinder.
Line: 227
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
sample->num_micro_features_ = num_micro_features_;
if (num_micro_features_ > 0) {
sample->micro_features_ = new MicroFeature[num_micro_features_];
memcpy(sample->micro_features_, micro_features_,
num_micro_features_ * sizeof(micro_features_[0]));
}
memcpy(sample->cn_feature_, cn_feature_, sizeof(*cn_feature_) * kNumCNParams);
memcpy(sample->geo_feature_, geo_feature_, sizeof(*geo_feature_) * GeoCount);
return sample;
Reported by FlawFinder.
Line: 230
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
memcpy(sample->micro_features_, micro_features_,
num_micro_features_ * sizeof(micro_features_[0]));
}
memcpy(sample->cn_feature_, cn_feature_, sizeof(*cn_feature_) * kNumCNParams);
memcpy(sample->geo_feature_, geo_feature_, sizeof(*geo_feature_) * GeoCount);
return sample;
}
// Extracts the needed information from the CHAR_DESC_STRUCT.
Reported by FlawFinder.
Line: 231
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
num_micro_features_ * sizeof(micro_features_[0]));
}
memcpy(sample->cn_feature_, cn_feature_, sizeof(*cn_feature_) * kNumCNParams);
memcpy(sample->geo_feature_, geo_feature_, sizeof(*geo_feature_) * GeoCount);
return sample;
}
// Extracts the needed information from the CHAR_DESC_STRUCT.
void TrainingSample::ExtractCharDesc(int int_feature_type, int micro_type, int cn_type,
Reported by FlawFinder.
src/ccmain/pgedit.cpp
8 issues
Line: 144
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
PAGE_RES_IT pr_it(page_res);
const int kBufsize = 512;
char msg[kBufsize];
char *msg_ptr = msg;
msg_ptr += sprintf(msg_ptr, "Pt:(%0.3f, %0.3f) ", x, y);
for (WERD_RES *word = pr_it.word(); word != nullptr; word = pr_it.forward()) {
Reported by FlawFinder.
Line: 147
Column: 14
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
char msg[kBufsize];
char *msg_ptr = msg;
msg_ptr += sprintf(msg_ptr, "Pt:(%0.3f, %0.3f) ", x, y);
for (WERD_RES *word = pr_it.word(); word != nullptr; word = pr_it.forward()) {
if (pr_it.row() != pr_it.prev_row() && pr_it.row()->row->bounding_box().contains(pt)) {
msg_ptr += sprintf(msg_ptr, "BL(x)=%0.3f ", pr_it.row()->row->base_line(x));
}
Reported by FlawFinder.
Line: 151
Column: 18
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
for (WERD_RES *word = pr_it.word(); word != nullptr; word = pr_it.forward()) {
if (pr_it.row() != pr_it.prev_row() && pr_it.row()->row->bounding_box().contains(pt)) {
msg_ptr += sprintf(msg_ptr, "BL(x)=%0.3f ", pr_it.row()->row->base_line(x));
}
if (word->word->bounding_box().contains(pt)) {
TBOX box = word->word->bounding_box();
msg_ptr += sprintf(msg_ptr, "Wd(%d, %d)/(%d, %d) ", box.left(), box.bottom(), box.right(),
box.top());
Reported by FlawFinder.
Line: 155
Column: 18
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
}
if (word->word->bounding_box().contains(pt)) {
TBOX box = word->word->bounding_box();
msg_ptr += sprintf(msg_ptr, "Wd(%d, %d)/(%d, %d) ", box.left(), box.bottom(), box.right(),
box.top());
C_BLOB_IT cblob_it(word->word->cblob_list());
for (cblob_it.mark_cycle_pt(); !cblob_it.cycled_list(); cblob_it.forward()) {
C_BLOB *cblob = cblob_it.data();
box = cblob->bounding_box();
Reported by FlawFinder.
Line: 162
Column: 22
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
C_BLOB *cblob = cblob_it.data();
box = cblob->bounding_box();
if (box.contains(pt)) {
msg_ptr += sprintf(msg_ptr, "CBlb(%d, %d)/(%d, %d) ", box.left(), box.bottom(),
box.right(), box.top());
}
}
}
}
Reported by FlawFinder.
Line: 394
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int32_t cmd_event, // which menu item?
char *new_value // any prompt data
) {
char msg[160];
bool exit = false;
color_mode = CM_RAINBOW;
// Run recognition on the full page if needed.
Reported by FlawFinder.
Line: 573
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static ICOORD down;
ICOORD up;
TBOX selection_box;
char msg[80];
switch (event.type) {
case SVET_SELECTION:
if (event.type == SVET_SELECTION) {
down.set_x(event.x + event.x_size);
Reported by FlawFinder.
Line: 625
Column: 11
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
break;
default:
sprintf(msg, "Mode %d not yet implemented", mode);
image_win->AddMessage(msg);
break;
}
default:
break;
Reported by FlawFinder.
unittest/fileio_test.cc
8 issues
Line: 26
EXPECT_EQ("def", File::JoinPath("", "def"));
}
TEST(OutputBufferTest, WriteString) {
const int kMaxBufSize = 128;
char buffer[kMaxBufSize];
for (char &i : buffer) {
i = '\0';
}
Reported by Cppcheck.
Line: 28
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
TEST(OutputBufferTest, WriteString) {
const int kMaxBufSize = 128;
char buffer[kMaxBufSize];
for (char &i : buffer) {
i = '\0';
}
FILE *fp = tmpfile();
CHECK(fp != nullptr);
Reported by FlawFinder.
Line: 32
Column: 14
CWE codes:
377
for (char &i : buffer) {
i = '\0';
}
FILE *fp = tmpfile();
CHECK(fp != nullptr);
auto output = std::make_unique<OutputBuffer>(fp);
output->WriteString("Hello ");
output->WriteString("world!");
Reported by FlawFinder.
Line: 47
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
TEST(InputBufferTest, Read) {
const int kMaxBufSize = 128;
char buffer[kMaxBufSize];
auto s = "Hello\n world!";
strncpy(buffer, s, kMaxBufSize);
EXPECT_STREQ(s, buffer);
FILE *fp = tmpfile();
CHECK(fp != nullptr);
Reported by FlawFinder.
Line: 51
Column: 14
CWE codes:
377
auto s = "Hello\n world!";
strncpy(buffer, s, kMaxBufSize);
EXPECT_STREQ(s, buffer);
FILE *fp = tmpfile();
CHECK(fp != nullptr);
fwrite(buffer, strlen(s), 1, fp);
rewind(fp);
std::string str;
Reported by FlawFinder.
Line: 41
Column: 17
CWE codes:
126
rewind(fp);
auto s = "Hello world!";
fread(buffer, strlen(s), 1, fp);
EXPECT_STREQ(s, buffer);
}
TEST(InputBufferTest, Read) {
const int kMaxBufSize = 128;
Reported by FlawFinder.
Line: 49
Column: 3
CWE codes:
120
const int kMaxBufSize = 128;
char buffer[kMaxBufSize];
auto s = "Hello\n world!";
strncpy(buffer, s, kMaxBufSize);
EXPECT_STREQ(s, buffer);
FILE *fp = tmpfile();
CHECK(fp != nullptr);
fwrite(buffer, strlen(s), 1, fp);
rewind(fp);
Reported by FlawFinder.
Line: 53
Column: 18
CWE codes:
126
EXPECT_STREQ(s, buffer);
FILE *fp = tmpfile();
CHECK(fp != nullptr);
fwrite(buffer, strlen(s), 1, fp);
rewind(fp);
std::string str;
auto input = std::make_unique<InputBuffer>(fp);
EXPECT_TRUE(input->Read(&str));
Reported by FlawFinder.
src/ccutil/unicharset.h
7 issues
Line: 148
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static CHAR_FRAGMENT *parse_from_string(const char *str);
private:
char unichar[UNICHAR_LEN + 1];
// True if the fragment was a separate component to begin with,
// ie did not need chopping to be isolated, but may have been separated
// out from a multi-outline blob.
bool natural;
int16_t pos; // fragment position in the character
Reported by FlawFinder.
Line: 168
Column: 16
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static const char *kCustomLigatures[][2];
// List of strings for the SpecialUnicharCodes. Keep in sync with the enum.
static const char *kSpecialUnicharCodes[SPECIAL_UNICHAR_CODES_COUNT];
// ICU 2.0 UCharDirection enum (from icu/include/unicode/uchar.h)
enum Direction {
U_LEFT_TO_RIGHT = 0,
U_RIGHT_TO_LEFT = 1,
Reported by FlawFinder.
Line: 355
Column: 18
CWE codes:
362
// Opens the file indicated by filename and saves unicharset to that file.
// Returns true if the operation is successful.
bool save_to_file(const char *const filename) const {
FILE *file = fopen(filename, "w+b");
if (file == nullptr) {
return false;
}
bool result = save_to_file(file);
fclose(file);
Reported by FlawFinder.
Line: 384
Column: 18
CWE codes:
362
// from the given file. The previous data is lost.
// Returns true if the operation is successful.
bool load_from_file(const char *const filename, bool skip_fragments) {
FILE *file = fopen(filename, "rb");
if (file == nullptr) {
return false;
}
bool result = load_from_file(file, skip_fragments);
fclose(file);
Reported by FlawFinder.
Line: 1007
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
};
struct UNICHAR_SLOT {
char representation[UNICHAR_LEN + 1];
UNICHAR_PROPERTIES properties;
};
// Internal recursive version of encode_string above.
// str is the start of the whole string.
Reported by FlawFinder.
Line: 67
Column: 5
CWE codes:
120
set_natural(natural);
}
inline void set_unichar(const char *uch) {
strncpy(this->unichar, uch, sizeof(this->unichar));
this->unichar[UNICHAR_LEN] = '\0';
}
inline void set_pos(int p) {
this->pos = p;
}
Reported by FlawFinder.
Line: 260
Column: 36
CWE codes:
126
// Removes/replaces content that belongs in rendered text, but not in the
// unicharset.
static std::string CleanupString(const char *utf8_str) {
return CleanupString(utf8_str, strlen(utf8_str));
}
static std::string CleanupString(const char *utf8_str, size_t length);
// Return a string containing debug information on the unichar, including
// the id_to_unichar, its hex unicodes and the properties.
Reported by FlawFinder.