Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/arpack++-2.3/src/debug.cpp
Examining data/arpack++-2.3/src/arrseig.cpp
Examining data/arpack++-2.3/src/arerror.cpp
Examining data/arpack++-2.3/include/arlutil.h
Examining data/arpack++-2.3/include/arbnspen.h
Examining data/arpack++-2.3/include/arlnames.h
Examining data/arpack++-2.3/include/debug.h
Examining data/arpack++-2.3/include/ardfmat.h
Examining data/arpack++-2.3/include/arlcomp.h
Examining data/arpack++-2.3/include/aruspen.h
Examining data/arpack++-2.3/include/arrgeig.h
Examining data/arpack++-2.3/include/lapackc.h
Examining data/arpack++-2.3/include/saupp.h
Examining data/arpack++-2.3/include/naupp.h
Examining data/arpack++-2.3/include/arhbmat.h
Examining data/arpack++-2.3/include/arerror.h
Examining data/arpack++-2.3/include/arlsupm.h
Examining data/arpack++-2.3/include/blas1f.h
Examining data/arpack++-2.3/include/umfpackc.h
Examining data/arpack++-2.3/include/arbspen.h
Examining data/arpack++-2.3/include/arch.h
Examining data/arpack++-2.3/include/caupp.h
Examining data/arpack++-2.3/include/blas1c.h
Examining data/arpack++-2.3/include/armat.h
Examining data/arpack++-2.3/include/umfpackf.h
Examining data/arpack++-2.3/include/ardspen.h
Examining data/arpack++-2.3/include/arrseig.h
Examining data/arpack++-2.3/include/arpackf.h
Examining data/arpack++-2.3/include/lapackf.h
Examining data/arpack++-2.3/include/arcomp.h
Examining data/arpack++-2.3/include/arunspen.h
Examining data/arpack++-2.3/include/ardnspen.h
Examining data/arpack++-2.3/include/arbnsmat.h
Examining data/arpack++-2.3/include/arbsmat.h
Examining data/arpack++-2.3/include/ardnsmat.h
Examining data/arpack++-2.3/include/ardsmat.h
Examining data/arpack++-2.3/include/argeig.h
Examining data/arpack++-2.3/include/arlnsmat.h
Examining data/arpack++-2.3/include/arlnspen.h
Examining data/arpack++-2.3/include/arlsmat.h
Examining data/arpack++-2.3/include/arlspdef.h
Examining data/arpack++-2.3/include/arlspen.h
Examining data/arpack++-2.3/include/arunsmat.h
Examining data/arpack++-2.3/include/arusmat.h
Examining data/arpack++-2.3/include/ceupp.h
Examining data/arpack++-2.3/include/neupp.h
Examining data/arpack++-2.3/include/seupp.h
Examining data/arpack++-2.3/include/superluc.h
Examining data/arpack++-2.3/include/arbgcomp.h
Examining data/arpack++-2.3/include/arbgnsym.h
Examining data/arpack++-2.3/include/arbgsym.h
Examining data/arpack++-2.3/include/arbscomp.h
Examining data/arpack++-2.3/include/arbsnsym.h
Examining data/arpack++-2.3/include/arbssym.h
Examining data/arpack++-2.3/include/ardgcomp.h
Examining data/arpack++-2.3/include/ardgnsym.h
Examining data/arpack++-2.3/include/ardgsym.h
Examining data/arpack++-2.3/include/ardscomp.h
Examining data/arpack++-2.3/include/ardsnsym.h
Examining data/arpack++-2.3/include/ardssym.h
Examining data/arpack++-2.3/include/argcomp.h
Examining data/arpack++-2.3/include/argnsym.h
Examining data/arpack++-2.3/include/argsym.h
Examining data/arpack++-2.3/include/arlgcomp.h
Examining data/arpack++-2.3/include/arlgnsym.h
Examining data/arpack++-2.3/include/arlgsym.h
Examining data/arpack++-2.3/include/arlscomp.h
Examining data/arpack++-2.3/include/arlsnsym.h
Examining data/arpack++-2.3/include/arlssym.h
Examining data/arpack++-2.3/include/arrgcomp.h
Examining data/arpack++-2.3/include/arrgnsym.h
Examining data/arpack++-2.3/include/arrgsym.h
Examining data/arpack++-2.3/include/arrscomp.h
Examining data/arpack++-2.3/include/arrsnsym.h
Examining data/arpack++-2.3/include/arrssym.h
Examining data/arpack++-2.3/include/arscomp.h
Examining data/arpack++-2.3/include/arseig.h
Examining data/arpack++-2.3/include/arsnsym.h
Examining data/arpack++-2.3/include/arssym.h
Examining data/arpack++-2.3/include/arugcomp.h
Examining data/arpack++-2.3/include/arugnsym.h
Examining data/arpack++-2.3/include/arugsym.h
Examining data/arpack++-2.3/include/aruscomp.h
Examining data/arpack++-2.3/include/arusnsym.h
Examining data/arpack++-2.3/include/arussym.h
Examining data/arpack++-2.3/examples/reverse/complex/rcompsol.h
Examining data/arpack++-2.3/examples/reverse/complex/rcompgsl.h
Examining data/arpack++-2.3/examples/reverse/complex/rcompgsh.cc
Examining data/arpack++-2.3/examples/reverse/complex/rcompreg.cc
Examining data/arpack++-2.3/examples/reverse/complex/rcompgre.cc
Examining data/arpack++-2.3/examples/reverse/complex/rcompshf.cc
Examining data/arpack++-2.3/examples/reverse/nonsym/rnsymgsh.cc
Examining data/arpack++-2.3/examples/reverse/nonsym/rnsymgsl.h
Examining data/arpack++-2.3/examples/reverse/nonsym/rsvd.cc
Examining data/arpack++-2.3/examples/reverse/nonsym/rnsymvsl.h
Examining data/arpack++-2.3/examples/reverse/nonsym/rnsymgsc.cc
Examining data/arpack++-2.3/examples/reverse/nonsym/rnsymsol.h
Examining data/arpack++-2.3/examples/reverse/nonsym/rnsymreg.cc
Examining data/arpack++-2.3/examples/reverse/nonsym/rnsymgre.cc
Examining data/arpack++-2.3/examples/reverse/nonsym/rnsymshf.cc
Examining data/arpack++-2.3/examples/reverse/sym/rsymgshf.cc
Examining data/arpack++-2.3/examples/reverse/sym/rsymgbkl.cc
Examining data/arpack++-2.3/examples/reverse/sym/rsymreg.cc
Examining data/arpack++-2.3/examples/reverse/sym/rsymgcay.cc
Examining data/arpack++-2.3/examples/reverse/sym/rsymgsol.h
Examining data/arpack++-2.3/examples/reverse/sym/rsymshf.cc
Examining data/arpack++-2.3/examples/reverse/sym/rsymgreg.cc
Examining data/arpack++-2.3/examples/reverse/sym/rsymsol.h
Examining data/arpack++-2.3/examples/product/complex/compgreg.cc
Examining data/arpack++-2.3/examples/product/complex/compgshf.cc
Examining data/arpack++-2.3/examples/product/complex/compsol.h
Examining data/arpack++-2.3/examples/product/complex/compgsol.h
Examining data/arpack++-2.3/examples/product/complex/compreg.cc
Examining data/arpack++-2.3/examples/product/complex/compshf.cc
Examining data/arpack++-2.3/examples/product/nonsym/nsymgsci.cc
Examining data/arpack++-2.3/examples/product/nonsym/nsymgreg.cc
Examining data/arpack++-2.3/examples/product/nonsym/nsymvsol.h
Examining data/arpack++-2.3/examples/product/nonsym/nsymshf.cc
Examining data/arpack++-2.3/examples/product/nonsym/nsymreg.cc
Examining data/arpack++-2.3/examples/product/nonsym/nsymsol.h
Examining data/arpack++-2.3/examples/product/nonsym/svd.cc
Examining data/arpack++-2.3/examples/product/nonsym/nsymgshf.cc
Examining data/arpack++-2.3/examples/product/nonsym/nsymgscr.cc
Examining data/arpack++-2.3/examples/product/nonsym/nsymgsol.h
Examining data/arpack++-2.3/examples/product/simple/symsimp.cc
Examining data/arpack++-2.3/examples/product/sym/symgreg.cc
Examining data/arpack++-2.3/examples/product/sym/symgcayl.cc
Examining data/arpack++-2.3/examples/product/sym/symreg.cc
Examining data/arpack++-2.3/examples/product/sym/symshft.cc
Examining data/arpack++-2.3/examples/product/sym/symgbklg.cc
Examining data/arpack++-2.3/examples/product/sym/symgsol.h
Examining data/arpack++-2.3/examples/product/sym/symgshft.cc
Examining data/arpack++-2.3/examples/product/sym/symsol.h
Examining data/arpack++-2.3/examples/matrices/complex/bcmatrxb.h
Examining data/arpack++-2.3/examples/matrices/complex/lcmatrxb.h
Examining data/arpack++-2.3/examples/matrices/complex/dcmatrxb.h
Examining data/arpack++-2.3/examples/matrices/complex/dcmatrxc.h
Examining data/arpack++-2.3/examples/matrices/complex/lcmatrxa.h
Examining data/arpack++-2.3/examples/matrices/complex/lcmatrxe.h
Examining data/arpack++-2.3/examples/matrices/complex/bcmatrxc.h
Examining data/arpack++-2.3/examples/matrices/complex/dcmatrxa.h
Examining data/arpack++-2.3/examples/matrices/complex/bcmatrxa.h
Examining data/arpack++-2.3/examples/matrices/complex/lcmatrxf.h
Examining data/arpack++-2.3/examples/matrices/complex/lcompsol.h
Examining data/arpack++-2.3/examples/matrices/nonsym/dnmatrxc.h
Examining data/arpack++-2.3/examples/matrices/nonsym/dnmatrxa.h
Examining data/arpack++-2.3/examples/matrices/nonsym/lnmatrxe.h
Examining data/arpack++-2.3/examples/matrices/nonsym/lnmatrxf.h
Examining data/arpack++-2.3/examples/matrices/nonsym/dnmatrxb.h
Examining data/arpack++-2.3/examples/matrices/nonsym/lnmatrxw.h
Examining data/arpack++-2.3/examples/matrices/nonsym/bnmatrxc.h
Examining data/arpack++-2.3/examples/matrices/nonsym/bnmatrxb.h
Examining data/arpack++-2.3/examples/matrices/nonsym/bnmatrxw.h
Examining data/arpack++-2.3/examples/matrices/nonsym/lnmatrxv.h
Examining data/arpack++-2.3/examples/matrices/nonsym/lnmatrxc.h
Examining data/arpack++-2.3/examples/matrices/nonsym/dnmatrxe.h
Examining data/arpack++-2.3/examples/matrices/nonsym/lnmatrxa.h
Examining data/arpack++-2.3/examples/matrices/nonsym/bnmatrxd.h
Examining data/arpack++-2.3/examples/matrices/nonsym/dnmatrxw.h
Examining data/arpack++-2.3/examples/matrices/nonsym/bnmatrxe.h
Examining data/arpack++-2.3/examples/matrices/nonsym/bnmatrxa.h
Examining data/arpack++-2.3/examples/matrices/nonsym/lnsymsol.h
Examining data/arpack++-2.3/examples/matrices/nonsym/lnmatrxb.h
Examining data/arpack++-2.3/examples/matrices/nonsym/lnmatrxd.h
Examining data/arpack++-2.3/examples/matrices/nonsym/lsvdsol.h
Examining data/arpack++-2.3/examples/matrices/nonsym/dnmatrxd.h
Examining data/arpack++-2.3/examples/matrices/sym/lsmatrxd.h
Examining data/arpack++-2.3/examples/matrices/sym/dsmatrxb.h
Examining data/arpack++-2.3/examples/matrices/sym/lsmatrxb.h
Examining data/arpack++-2.3/examples/matrices/sym/lsmatrxa.h
Examining data/arpack++-2.3/examples/matrices/sym/bsmatrxb.h
Examining data/arpack++-2.3/examples/matrices/sym/bsmatrxc.h
Examining data/arpack++-2.3/examples/matrices/sym/lsymsol.h
Examining data/arpack++-2.3/examples/matrices/sym/bsmatrxa.h
Examining data/arpack++-2.3/examples/matrices/sym/dsmatrxc.h
Examining data/arpack++-2.3/examples/matrices/sym/dsmatrxa.h
Examining data/arpack++-2.3/examples/matrices/sym/lsmatrxc.h
Examining data/arpack++-2.3/examples/band/complex/bcompshf.cc
Examining data/arpack++-2.3/examples/band/complex/bcompgsh.cc
Examining data/arpack++-2.3/examples/band/complex/bcompgre.cc
Examining data/arpack++-2.3/examples/band/complex/bcompreg.cc
Examining data/arpack++-2.3/examples/band/nonsym/bnsymshf.cc
Examining data/arpack++-2.3/examples/band/nonsym/bnsymgsc.cc
Examining data/arpack++-2.3/examples/band/nonsym/bnsymgre.cc
Examining data/arpack++-2.3/examples/band/nonsym/bnsymreg.cc
Examining data/arpack++-2.3/examples/band/nonsym/bsvd.cc
Examining data/arpack++-2.3/examples/band/nonsym/bnsymgsh.cc
Examining data/arpack++-2.3/examples/band/sym/bsymgshf.cc
Examining data/arpack++-2.3/examples/band/sym/bsymshf.cc
Examining data/arpack++-2.3/examples/band/sym/bsymgreg.cc
Examining data/arpack++-2.3/examples/band/sym/bsymreg.cc
Examining data/arpack++-2.3/examples/band/sym/bsymgbkl.cc
Examining data/arpack++-2.3/examples/band/sym/bsymgcay.cc
Examining data/arpack++-2.3/examples/dense/complex/dcompgre.cc
Examining data/arpack++-2.3/examples/dense/complex/dcompreg.cc
Examining data/arpack++-2.3/examples/dense/complex/dcompshf.cc
Examining data/arpack++-2.3/examples/dense/complex/dcompgsh.cc
Examining data/arpack++-2.3/examples/dense/nonsym/dnsymgre.cc
Examining data/arpack++-2.3/examples/dense/nonsym/dnsymshf.cc
Examining data/arpack++-2.3/examples/dense/nonsym/dnsymgsh.cc
Examining data/arpack++-2.3/examples/dense/nonsym/dnsymgsc.cc
Examining data/arpack++-2.3/examples/dense/nonsym/dsvd.cc
Examining data/arpack++-2.3/examples/dense/nonsym/dnsymreg.cc
Examining data/arpack++-2.3/examples/dense/sym/dsymgreg.cc
Examining data/arpack++-2.3/examples/dense/sym/dsymgbkl.cc
Examining data/arpack++-2.3/examples/dense/sym/dsymgcay.cc
Examining data/arpack++-2.3/examples/dense/sym/dsymshf.cc
Examining data/arpack++-2.3/examples/dense/sym/dsymgshf.cc
Examining data/arpack++-2.3/examples/dense/sym/dsymreg.cc
Examining data/arpack++-2.3/examples/matprod/complex/cmatrixa.h
Examining data/arpack++-2.3/examples/matprod/complex/cmatrixb.h
Examining data/arpack++-2.3/examples/matprod/complex/cmatrixd.h
Examining data/arpack++-2.3/examples/matprod/complex/cgenprbb.h
Examining data/arpack++-2.3/examples/matprod/complex/cmatrixe.h
Examining data/arpack++-2.3/examples/matprod/complex/cmatrixc.h
Examining data/arpack++-2.3/examples/matprod/complex/cmatrixf.h
Examining data/arpack++-2.3/examples/matprod/complex/cgenprba.h
Examining data/arpack++-2.3/examples/matprod/nonsym/nmatrixf.h
Examining data/arpack++-2.3/examples/matprod/nonsym/ngenprbb.h
Examining data/arpack++-2.3/examples/matprod/nonsym/nmatrixd.h
Examining data/arpack++-2.3/examples/matprod/nonsym/nmatrixe.h
Examining data/arpack++-2.3/examples/matprod/nonsym/ngenprba.h
Examining data/arpack++-2.3/examples/matprod/nonsym/nmatrixb.h
Examining data/arpack++-2.3/examples/matprod/nonsym/nmatrixv.h
Examining data/arpack++-2.3/examples/matprod/nonsym/nmatrixc.h
Examining data/arpack++-2.3/examples/matprod/nonsym/ngenprbc.h
Examining data/arpack++-2.3/examples/matprod/nonsym/nmatrixa.h
Examining data/arpack++-2.3/examples/matprod/sym/sgenprbb.h
Examining data/arpack++-2.3/examples/matprod/sym/sgenprba.h
Examining data/arpack++-2.3/examples/matprod/sym/smatrixd.h
Examining data/arpack++-2.3/examples/matprod/sym/smatrixc.h
Examining data/arpack++-2.3/examples/matprod/sym/smatrixa.h
Examining data/arpack++-2.3/examples/matprod/sym/smatrixb.h
Examining data/arpack++-2.3/examples/matprod/matprod.h
FINAL RESULTS:
data/arpack++-2.3/include/arrscomp.h:59:58: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
cTraceOn(digit, getv0, aupd, aup2, aitr, eigt, apps, gets, eupd);
data/arpack++-2.3/include/arrsnsym.h:102:58: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
nTraceOn(digit, getv0, aupd, aup2, aitr, eigt, apps, gets, eupd);
data/arpack++-2.3/include/arrssym.h:67:58: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
sTraceOn(digit, getv0, aupd, aup2, aitr, eigt, apps, gets, eupd);
data/arpack++-2.3/include/debug.h:63:52: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
const ARint apps, const ARint gets, const ARint eupd)
data/arpack++-2.3/include/debug.h:80:27: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
F77NAME(debug).msgets = gets;
data/arpack++-2.3/include/debug.h:88:52: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
const ARint apps, const ARint gets, const ARint eupd)
data/arpack++-2.3/include/debug.h:105:27: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
F77NAME(debug).mngets = gets;
data/arpack++-2.3/include/debug.h:113:52: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
const ARint apps, const ARint gets, const ARint eupd)
data/arpack++-2.3/include/debug.h:130:27: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
F77NAME(debug).mcgets = gets;
data/arpack++-2.3/include/arlutil.h:25:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%s at line %d in file %s\n",err_msg,__LINE__, __FILE__);\
data/arpack++-2.3/include/ardfmat.h:152:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[LINELEN];
data/arpack++-2.3/include/ardfmat.h:187:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[LINELEN];
data/arpack++-2.3/include/ardfmat.h:211:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[LINELEN];
data/arpack++-2.3/include/ardfmat.h:234:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[LINELEN];
data/arpack++-2.3/include/ardfmat.h:335:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[LINELEN];
data/arpack++-2.3/include/ardfmat.h:340:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file.open(datafile);
data/arpack++-2.3/include/arhbmat.h:40:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[73]; // Title.
data/arpack++-2.3/include/arhbmat.h:41:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[9]; // Name.
data/arpack++-2.3/include/arhbmat.h:42:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[4]; // Matrix type.
data/arpack++-2.3/include/arhbmat.h:140:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[81];
data/arpack++-2.3/include/arhbmat.h:177:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[81], img[81];
data/arpack++-2.3/include/arhbmat.h:209:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[81], img[81];
data/arpack++-2.3/include/arhbmat.h:267:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[81];
data/arpack++-2.3/include/arhbmat.h:330:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pcol[i++] = atoi((char*)num)-1;
data/arpack++-2.3/include/arhbmat.h:345:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
irow[i++] = atoi((char*)num)-1;
data/arpack++-2.3/include/arlutil.h:24:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char msg[256];\
ANALYSIS SUMMARY:
Hits = 26
Lines analyzed = 39357 in approximately 0.99 seconds (39564 lines/second)
Physical Source Lines of Code (SLOC) = 18924
Hits@level = [0] 1 [1] 0 [2] 16 [3] 0 [4] 1 [5] 9
Hits@level+ = [0+] 27 [1+] 26 [2+] 26 [3+] 10 [4+] 10 [5+] 9
Hits/KSLOC@level+ = [0+] 1.42676 [1+] 1.37392 [2+] 1.37392 [3+] 0.52843 [4+] 0.52843 [5+] 0.475587
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.