[Dependency] update bzip2 1.0.6 -> 1.0.8 #1066
14 new issues (0 max.) of at least minor severity.
Issues
======
- Added 14
Complexity increasing per file
==============================
- dep/bzip2/src/decompress.c 2
Complexity decreasing per file
==============================
+ dep/bzip2/src/bzlib.c -4
See the complete overview on Codacy
Annotations
Check warning on line 908 in dep/bzip2/src/bzlib.c
codacy-production / Codacy Static Code Analysis
dep/bzip2/src/bzlib.c#L908
Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20).
Check failure on line 1417 in dep/bzip2/src/bzlib.c
codacy-production / Codacy Static Code Analysis
dep/bzip2/src/bzlib.c#L1417
Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused).
Check warning on line 1417 in dep/bzip2/src/bzlib.c
codacy-production / Codacy Static Code Analysis
dep/bzip2/src/bzlib.c#L1417
The `StrCat` family of functions do not guarantee the final string to be null terminated.
Check warning on line 1417 in dep/bzip2/src/bzlib.c
codacy-production / Codacy Static Code Analysis
dep/bzip2/src/bzlib.c#L1417
The `strcat` family of functions are unable to limit how many bytes are copied to the destination buffer.
Check failure on line 1418 in dep/bzip2/src/bzlib.c
codacy-production / Codacy Static Code Analysis
dep/bzip2/src/bzlib.c#L1418
Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character.
Check warning on line 1418 in dep/bzip2/src/bzlib.c
codacy-production / Codacy Static Code Analysis
dep/bzip2/src/bzlib.c#L1418
The `StrCat` family of functions do not guarantee the final string to be null terminated.
Check warning on line 1418 in dep/bzip2/src/bzlib.c
codacy-production / Codacy Static Code Analysis
dep/bzip2/src/bzlib.c#L1418
The `strcat` family of functions are unable to limit how many bytes are copied to the destination buffer.
Check failure on line 65 in dep/bzip2/src/bzlib_private.h
codacy-production / Codacy Static Code Analysis
dep/bzip2/src/bzlib_private.h#L65
If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification.
Check failure on line 74 in dep/bzip2/src/bzlib_private.h
codacy-production / Codacy Static Code Analysis
dep/bzip2/src/bzlib_private.h#L74
If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification.
Check failure on line 76 in dep/bzip2/src/bzlib_private.h
codacy-production / Codacy Static Code Analysis
dep/bzip2/src/bzlib_private.h#L76
If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification.
Check failure on line 78 in dep/bzip2/src/bzlib_private.h
codacy-production / Codacy Static Code Analysis
dep/bzip2/src/bzlib_private.h#L78
If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification.
Check failure on line 80 in dep/bzip2/src/bzlib_private.h
codacy-production / Codacy Static Code Analysis
dep/bzip2/src/bzlib_private.h#L80
If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification.
Check failure on line 82 in dep/bzip2/src/bzlib_private.h
codacy-production / Codacy Static Code Analysis
dep/bzip2/src/bzlib_private.h#L82
If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification.
Check failure on line 84 in dep/bzip2/src/bzlib_private.h
codacy-production / Codacy Static Code Analysis
dep/bzip2/src/bzlib_private.h#L84
If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification.