| Group |
Location |
Level |
Code |
Message |
| General Analysis |
stddef.h:62 |
Medium |
V677 |
Custom declaration of a standard 'size_t' type. The declaration from system header files should be used instead. |
| General Analysis |
stddef.h:90 |
Medium |
V677 |
Custom declaration of a standard 'wchar_t' type. The declaration from system header files should be used instead. |
| General Analysis |
stddef.h:51 |
Medium |
V677 |
Custom declaration of a standard 'ptrdiff_t' type. The declaration from system header files should be used instead. |
| General Analysis |
stdarg.h:30 |
Medium |
V677 |
Custom declaration of a standard 'va_list' type. The declaration from system header files should be used instead. |
| General Analysis |
typval.h:801 |
Medium |
V618 |
It's dangerous to call the 'emsgf' function in such a manner, as the line being passed could contain format specification. The example of the safe code: printf("%s", str); |
| General Analysis |
mark_extended_defs.h:38 |
High |
V512 |
A call of the 'memcpy' function will lead to underflow of the buffer 'z->key'. |
| General Analysis |
mark_extended_defs.h:47 |
High |
V512 |
A call of the 'memcpy' function will lead to underflow of the buffer 'z->key'. |
| General Analysis |
buffer.c:1034 |
Medium |
V618 |
It's dangerous to call the 'api_set_error' function in such a manner, as the line being passed could contain format specification. The example of the safe code: printf("%s", str); |
| General Analysis |
buffer.c:1101 |
Medium |
V618 |
It's dangerous to call the 'api_set_error' function in such a manner, as the line being passed could contain format specification. The example of the safe code: printf("%s", str); |
| General Analysis |
buffer.c:1196 |
Medium |
V618 |
It's dangerous to call the 'api_set_error' function in such a manner, as the line being passed could contain format specification. The example of the safe code: printf("%s", str); |
| General Analysis |
buffer.c:1226 |
Medium |
V618 |
It's dangerous to call the 'api_set_error' function in such a manner, as the line being passed could contain format specification. The example of the safe code: printf("%s", str); |
| General Analysis |
buffer.c:1255 |
Medium |
V618 |
It's dangerous to call the 'api_set_error' function in such a manner, as the line being passed could contain format specification. The example of the safe code: printf("%s", str); |
| General Analysis |
helpers.c:1527 |
Medium |
V618 |
It's dangerous to call the 'api_set_error' function in such a manner, as the line being passed could contain format specification. The example of the safe code: printf("%s", str); |
| General Analysis |
helpers.c:1535 |
Medium |
V618 |
It's dangerous to call the 'api_set_error' function in such a manner, as the line being passed could contain format specification. The example of the safe code: printf("%s", str); |
| General Analysis |
helpers.c:1542 |
Medium |
V618 |
It's dangerous to call the 'api_set_error' function in such a manner, as the line being passed could contain format specification. The example of the safe code: printf("%s", str); |
| General Analysis |
helpers.c:1548 |
Medium |
V618 |
It's dangerous to call the 'api_set_error' function in such a manner, as the line being passed could contain format specification. The example of the safe code: printf("%s", str); |
| General Analysis |
helpers.c:1559 |
Medium |
V618 |
It's dangerous to call the 'api_set_error' function in such a manner, as the line being passed could contain format specification. The example of the safe code: printf("%s", str); |
| General Analysis |
helpers.c:1599 |
Medium |
V618 |
It's dangerous to call the 'api_set_error' function in such a manner, as the line being passed could contain format specification. The example of the safe code: printf("%s", str); |
| General Analysis |
helpers.c:1609 |
Medium |
V618 |
It's dangerous to call the 'api_set_error' function in such a manner, as the line being passed could contain format specification. The example of the safe code: printf("%s", str); |
| General Analysis |
helpers.c:1619 |
Medium |
V618 |
It's dangerous to call the 'api_set_error' function in such a manner, as the line being passed could contain format specification. The example of the safe code: printf("%s", str); |
| General Analysis |
helpers.c:1629 |
Medium |
V618 |
It's dangerous to call the 'api_set_error' function in such a manner, as the line being passed could contain format specification. The example of the safe code: printf("%s", str); |
| General Analysis |
vim.c:329 |
Medium |
V1048 |
The 'code' variable was assigned the same value. |
| General Analysis |
stddef.h:132 |
Medium |
V677 |
Custom declaration of a standard 'wint_t' type. The declaration from system header files should be used instead. |
| General Analysis |
charset.c:1090 |
Medium |
V1048 |
The 'added' variable was assigned the same value. |
| General Analysis |
edit.c:4001 |
Medium |
V618 |
It's dangerous to call the 'vim_snprintf' function in such a manner, as the line being passed could contain format specification. The example of the safe code: printf("%s", str); |
| General Analysis |
eval.c:6630 |
Medium |
V1048 |
The 'error' variable was assigned the same value. |
| General Analysis |
eval.c:7312 |
High |
V576 |
Incorrect format. Consider checking the fourth actual argument of the 'vim_snprintf' function. The memsize type argument is expected. |
| General Analysis |
eval.c:7312 |
High |
V576 |
Incorrect format. Consider checking the fifth actual argument of the 'vim_snprintf' function. The memsize type argument is expected. |
| General Analysis |
eval.c:11799 |
Medium |
V1048 |
The 'rettv->vval.v_number' variable was assigned the same value. |
| General Analysis |
eval.c:11920 |
Medium |
V1048 |
The 'i' variable was assigned the same value. |
| General Analysis |
eval.c:17732 |
Medium |
V1048 |
The 'rettv->vval.v_number' variable was assigned the same value. |
| General Analysis |
typval_encode.c.h:326 |
High |
V576 |
Incorrect format. Consider checking the fourth actual argument of the 'vim_snprintf' function. The memsize type argument is expected. |
| General Analysis |
typval_encode.c.h:484 |
High |
V576 |
Incorrect format. Consider checking the fourth actual argument of the 'vim_snprintf' function. The memsize type argument is expected. |
| General Analysis |
typval_encode.c.h:482 |
High |
V576 |
Incorrect format. Consider checking the fourth actual argument of the 'vim_snprintf' function. The memsize type argument is expected. |
| General Analysis |
ex_cmds.c:4950 |
High |
V781 |
The value of the 'offset' index is checked after it was used. Perhaps there is a mistake in program logic. |
| General Analysis |
ex_cmds2.c:3064 |
Medium |
V507 |
Pointer to local array 'sourcing_name_buf' is stored outside the scope of this array. Such a pointer will become invalid. |
| General Analysis |
ex_docmd.c:2810 |
High |
V781 |
The value of the 'j' index is checked after it was used. Perhaps there is a mistake in program logic. |
| General Analysis |
ex_getln.c:2705 |
Medium |
V618 |
It's dangerous to call the 'msg_printf_attr' function in such a manner, as the line being passed could contain format specification. The example of the safe code: printf("%s", str); |
| General Analysis |
ex_getln.c:3570 |
High |
V781 |
The value of the 'spos' index is checked after it was used. Perhaps there is a mistake in program logic. |
| General Analysis |
getchar.c:3109 |
Medium |
V1048 |
The 'result' variable was assigned the same value. |
| General Analysis |
hardcopy.c:2309 |
Medium |
V1048 |
The 'psettings->n_collated_copies' variable was assigned the same value. |
| General Analysis |
hardcopy.c:2314 |
Medium |
V1048 |
The 'prt_num_copies' variable was assigned the same value. |
| General Analysis |
indent_c.c:3409 |
Medium |
V1048 |
The 'n' variable was assigned the same value. |
| General Analysis |
mark_extended.c:278 |
Medium |
V547 |
Expression 'extmark->col > extmarkline_u_col' is always false. |
| General Analysis |
mark_extended.c:849 |
Medium |
V547 |
Expression 'extmark->col > extmarkline_u_col' is always false. |
| General Analysis |
memline.c:1015 |
Medium |
V1048 |
The 'buf->b_ml.ml_stack_top' variable was assigned the same value. |
| General Analysis |
memline.c:1017 |
Medium |
V1048 |
The 'buf->b_ml.ml_stack_size' variable was assigned the same value. |
| General Analysis |
misc1.c:280 |
High |
V781 |
The value of the 'j' index is checked after it was used. Perhaps there is a mistake in program logic. |
| General Analysis |
normal.c:3136 |
High |
V781 |
The value of the 'col' index is checked after it was used. Perhaps there is a mistake in program logic. |
| General Analysis |
ops.c:4500 |
Medium |
V1048 |
The 'bdp->endspaces' variable was assigned the same value. |
| General Analysis |
option.c:3584 |
High |
V502 |
Perhaps the '?:' operator works in a different way than it was expected. The '?:' operator has a lower priority than the '<=' operator. |
| General Analysis |
env.c:270 |
High |
V781 |
The value of the 'i' index is checked after it was used. Perhaps there is a mistake in program logic. |
| General Analysis |
input.c:431 |
Medium |
V1044 |
Loop break conditions do not depend on the number of iterations. |
| General Analysis |
os_unix.c:476 |
Medium |
V1048 |
The 'i' variable was assigned the same value. |
| General Analysis |
quickfix.c:1511 |
Medium |
V1048 |
The 'status' variable was assigned the same value. |
| General Analysis |
quickfix.c:3801 |
Medium |
V557 |
Array overrun is possible. The value of 'len ++' index could reach 4094. |
| General Analysis |
quickfix.c:3802 |
Medium |
V557 |
Array overrun is possible. The value of 'len ++' index could reach 4095. |
| General Analysis |
screen.c:2384 |
Medium |
V1048 |
The 'tocol' variable was assigned the same value. |
| General Analysis |
screen.c:4927 |
Medium |
V512 |
A call of the 'strcpy' function will lead to overflow of the buffer '(char *)(p + len)'. |
| General Analysis |
search.c:2188 |
Medium |
V1048 |
The 'p' variable was assigned the same value. |
| General Analysis |
sha256.c:7 |
High |
V1042 |
This file is marked with copyleft license, which requires you to open the derived source code. |
| General Analysis |
spell.c:5997 |
High |
V781 |
The value of the 'i' index is checked after it was used. Perhaps there is a mistake in program logic. |
| General Analysis |
spell.c:6250 |
High |
V781 |
The value of the 'i' index is checked after it was used. Perhaps there is a mistake in program logic. |
| General Analysis |
spellfile.c:628 |
Medium |
V618 |
It's dangerous to call the 'emsgf' function in such a manner, as the line being passed could contain format specification. The example of the safe code: printf("%s", str); |
| General Analysis |
spellfile.c:1247 |
Medium |
V1048 |
The 'smp->sm_leadlen' variable was assigned the same value. |
| General Analysis |
spellfile.c:1716 |
Medium |
V1048 |
The 'c' variable was assigned the same value. |
| General Analysis |
spellfile.c:2662 |
Medium |
V618 |
It's dangerous to call the 'smsg' function in such a manner, as the line being passed could contain format specification. The example of the safe code: printf("%s", str); |
| General Analysis |
tag.c:2541 |
Medium |
V1048 |
The 'tagp->command_end' variable was assigned the same value. |
| General Analysis |
input.c:555 |
Medium |
V1044 |
Loop break conditions do not depend on the number of iterations. |
| General Analysis |
input.c:567 |
Medium |
V1044 |
Loop break conditions do not depend on the number of iterations. |
| General Analysis |
undo.c:1060 |
Medium |
V618 |
It's dangerous to call the 'smsg' function in such a manner, as the line being passed could contain format specification. The example of the safe code: printf("%s", str); |
| General Analysis |
rbuffer.c:10 |
Medium |
V1044 |
Loop break conditions do not depend on the number of iterations. |
| General Analysis |
rbuffer.c:18 |
Medium |
V1044 |
Loop break conditions do not depend on the number of iterations. |
