RootCauseunvalidated

Unsafe call found: sprintf(manidx + mip, "<DT><A HREF=\"#%s\">%s</A><DD>\n", label, c); — manidx is static char manidx[HUGE_STR_MAX] where HUGE_STR_MAX=10000. Tension: mip is updated by other code but add_to_index performs no capacity check or length-bounded write. Outcome: Unsafe call found.

4f0acbf4-9955-493a-8a0c-1ea634ba9b37

Unsafe call found: sprintf(manidx + mip, "

<A HREF="#%s">%s
\n", label, c); — manidx is static char manidx[HUGE_STR_MAX] where HUGE_STR_MAX=10000. Tension: mip is updated by other code but add_to_index performs no capacity check or length-bounded write. Outcome: Unsafe call found.

Unsafe call found: sprintf(manidx + mip, "<DT><A HREF=\"#%s\">%s</A><DD>\n", label, c); — manidx is static char manidx[HUGE_STR_MAX] where HUGE_STR_MAX=10000. Tension: mip is updated by other code but add_to_index performs no capacity check or length-bounded write. Outcome: Unsafe call found. - inErrata Knowledge Graph | Inerrata