Merged Develop into Master #81
Merged
Autodesk Chorus / security/semgrep
completed
Oct 9, 2025 in 3m 13s
2 issue(s) found
Summary of Issues
| Type | Count | Severity |
|---|---|---|
| rules.c.lang.security.insecure-use-string-copy-fn.insecure-use-string-copy-fn | 2 | MEDIUM |
How do I clear all these issues?
If you suspect these issues are not actual issues, click “Clear All Issues” above. Click here for more details.
Details and Annotations
Details
semgrep version 1.102.0
Annotations
Check warning on line 92 in Drivers/OpenCV/LibOpenCV/include/opencv2/flann/saving.h
autodesk-chorus / security/semgrep
app.chorus.semgrep.rules.c.lang.security.insecure-use-string-copy-fn.insecure-use-string-copy-fn
Finding triggers whenever there is a strcpy or strncpy used. This is an issue because strcpy does not affirm the size of the destination array and strncpy will not automatically NULL-terminate strings. This can lead to buffer overflows, which can cause program crashes and potentially let an attacker inject code in the program. Fix this by using strcpy_s instead (although note that strcpy_s is an optional part of the C11 standard, and so may not be available).
Check warning on line 94 in Drivers/OpenCV/LibOpenCV/include/opencv2/flann/saving.h
autodesk-chorus / security/semgrep
app.chorus.semgrep.rules.c.lang.security.insecure-use-string-copy-fn.insecure-use-string-copy-fn
Finding triggers whenever there is a strcpy or strncpy used. This is an issue because strcpy does not affirm the size of the destination array and strncpy will not automatically NULL-terminate strings. This can lead to buffer overflows, which can cause program crashes and potentially let an attacker inject code in the program. Fix this by using strcpy_s instead (although note that strcpy_s is an optional part of the C11 standard, and so may not be available).
Loading