A strcpy does not overflows a stack buffer because a check is made to avoid an overflow condition.

malloc\'d data is freed only once.

malloc\'d data is freed in the caller.

malloc\'d data is freed.

integer overflow results in a short malloc and an overflow. A guard is put in place to protect against the overflow.

fgets is called with a correct bound.

fgets is used in place of gets with a proper bounds check.

Printf is called with a static format string. This is not a defect.

A strcpy does not overflows a stack buffer because a check is made to avoid an overflow condition.

A strcpy is used to copy a string into a stack buffer. The caller shortens the string to prevent a buffer overflow from occuring.

A strcpy is used to copy a string into a stack buffer. Because the string is shortened first no buffer overflow occurs.

A strncpy safely copies a string into a stack buffer.

A file is accessed only once by name with all futher accesses being through the file descriptor.

Tainted input allows command execution. (fixed version)

A read generates a string that may not have a NUL termination. A NUL character is added to ensure termination.

A strncpy generates a string with a missing NUL termination. A NUL is explicitely added to ensure that the string is NUL terminated.

Memory resources are referenced indefinitely but never used, resulting in a memory leak. (fixed version 2)

Memory resources are referenced indefinitely but never used, resulting in a memory leak. (fixed version)

Tainted output allows log entries to be forged. (fixed version)

Tainted output allows log entries to be forged. (fixed version)

integer overflow results in a short malloc and an overflow. A guard in the caller is used to protect against the overflow.

integer overflow results in a short malloc and an overflow. A guard is put in place to protect against the overflow.

An exception leaks internal path information to the user. (fixed version)

The credentials for connecting to the database are hard-wired into the sourcecode. (fixed version 2)

The credentials for connecting to the database are hard-wired into the sourcecode. (fixed version)