Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/cbootimage-1.8/src/aes_ref.c
Examining data/cbootimage-1.8/src/bct_dump.c
Examining data/cbootimage-1.8/src/cbootimage.c
Examining data/cbootimage-1.8/src/cbootimage.h
Examining data/cbootimage-1.8/src/context.c
Examining data/cbootimage-1.8/src/context.h
Examining data/cbootimage-1.8/src/crypto.c
Examining data/cbootimage-1.8/src/crypto.h
Examining data/cbootimage-1.8/src/data_layout.c
Examining data/cbootimage-1.8/src/data_layout.h
Examining data/cbootimage-1.8/src/nvaes_ref.h
Examining data/cbootimage-1.8/src/parse.c
Examining data/cbootimage-1.8/src/parse.h
Examining data/cbootimage-1.8/src/set.c
Examining data/cbootimage-1.8/src/set.h
Examining data/cbootimage-1.8/src/t114/nvbctlib_t114.c
Examining data/cbootimage-1.8/src/t114/nvboot_bct_t114.h
Examining data/cbootimage-1.8/src/t114/nvboot_sdram_param_t114.h
Examining data/cbootimage-1.8/src/t114/parse_t114.c
Examining data/cbootimage-1.8/src/t124/nvbctlib_t124.c
Examining data/cbootimage-1.8/src/t124/nvboot_bct_t124.h
Examining data/cbootimage-1.8/src/t124/nvboot_sdram_param_t124.h
Examining data/cbootimage-1.8/src/t124/parse_t124.c
Examining data/cbootimage-1.8/src/t132/nvbctlib_t132.c
Examining data/cbootimage-1.8/src/t132/nvboot_bct_t132.h
Examining data/cbootimage-1.8/src/t132/nvboot_sdram_param_t132.h
Examining data/cbootimage-1.8/src/t132/parse_t132.c
Examining data/cbootimage-1.8/src/t20/nvbctlib_t20.c
Examining data/cbootimage-1.8/src/t20/nvboot_bct_t20.h
Examining data/cbootimage-1.8/src/t20/nvboot_sdram_param_t20.h
Examining data/cbootimage-1.8/src/t20/parse_t20.c
Examining data/cbootimage-1.8/src/t210/nvbctlib_t210.c
Examining data/cbootimage-1.8/src/t210/nvboot_bct_t210.h
Examining data/cbootimage-1.8/src/t210/nvboot_sdram_param_t210.h
Examining data/cbootimage-1.8/src/t210/parse_t210.c
Examining data/cbootimage-1.8/src/t30/nvbctlib_t30.c
Examining data/cbootimage-1.8/src/t30/nvboot_bct_t30.h
Examining data/cbootimage-1.8/src/t30/nvboot_sdram_param_t30.h
Examining data/cbootimage-1.8/src/t30/parse_t30.c

FINAL RESULTS:

data/cbootimage-1.8/src/cbootimage.c:96:14:  [3] (buffer) getopt_long:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
	while ((c = getopt_long(argc, argv, "hdg:t:o:s:u", cbootcmd, NULL)) != -1) {
data/cbootimage-1.8/src/aes_ref.c:247:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy (state, tmp, sizeof(tmp));
data/cbootimage-1.8/src/aes_ref.c:276:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(expkey, key, NVAES_KEYCOLS * 4);
data/cbootimage-1.8/src/aes_ref.c:312:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(state, in, NVAES_STATECOLS * 4);
data/cbootimage-1.8/src/aes_ref.c:325:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(out, state, sizeof(state));
data/cbootimage-1.8/src/bct_dump.c:111:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char uid_str[35] = "0x";
data/cbootimage-1.8/src/bct_dump.c:115:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		sprintf(s, "%02x", uid[byte_index]);
data/cbootimage-1.8/src/cbootimage.c:163:25:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	context->config_file = fopen(argv[optind++], "r");
data/cbootimage-1.8/src/cbootimage.c:221:21:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	context.raw_file = fopen(context.output_image_filename, "w+");
data/cbootimage-1.8/src/data_layout.c:230:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(page_ptr, data, context->page_size);
data/cbootimage-1.8/src/data_layout.c:284:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(buffer, context->bct, context->bct_size);
data/cbootimage-1.8/src/data_layout.c:605:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(buffer, image_storage, image_actual_size);
data/cbootimage-1.8/src/data_layout.c:791:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(context->bct, bct_storage, context->bct_size);
data/cbootimage-1.8/src/data_layout.c:1051:7:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	fp = fopen(context->input_image_filename, "r");
data/cbootimage-1.8/src/data_layout.c:1108:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(buffer, image, image_actual_size);
data/cbootimage-1.8/src/parse.c:202:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char byte_str[3];
data/cbootimage-1.8/src/parse.c:393:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char filename[MAX_BUFFER];
data/cbootimage-1.8/src/parse.c:394:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char e_state[MAX_STR_LEN];
data/cbootimage-1.8/src/parse.c:448:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char filename[MAX_BUFFER];
data/cbootimage-1.8/src/parse.c:449:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char e_state[MAX_STR_LEN];
data/cbootimage-1.8/src/parse.c:503:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char filename[MAX_BUFFER];
data/cbootimage-1.8/src/parse.c:675:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char   filename[MAX_BUFFER];
data/cbootimage-1.8/src/parse.c:885:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buffer[MAX_BUFFER];
data/cbootimage-1.8/src/set.c:56:7:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	fp = fopen(filename, "rb");
data/cbootimage-1.8/src/set.c:300:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(context->unique_chip_id, value, 16);
data/cbootimage-1.8/src/t114/nvbctlib_t114.c:83:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(data, &(bct_ptr->id), size);   \
data/cbootimage-1.8/src/t114/nvbctlib_t114.c:90:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&(bct_ptr->id), data, size);   \
data/cbootimage-1.8/src/t114/nvbctlib_t114.c:871:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(data,
data/cbootimage-1.8/src/t114/nvbctlib_t114.c:906:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(&(bct_ptr->bootloader[set].signature.crypto_hash),
data/cbootimage-1.8/src/t114/nvbctlib_t114.c:964:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(data,
data/cbootimage-1.8/src/t114/nvbctlib_t114.c:1057:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy( &bct_ptr->signature.crypto_hash, data, sizeof(nvboot_hash) );
data/cbootimage-1.8/src/t124/nvbctlib_t124.c:85:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(data, &(bct_ptr->id), size);   \
data/cbootimage-1.8/src/t124/nvbctlib_t124.c:93:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&(bct_ptr->id), data, size);   \
data/cbootimage-1.8/src/t124/nvbctlib_t124.c:877:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(data,
data/cbootimage-1.8/src/t124/nvbctlib_t124.c:918:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(&(bct_ptr->bootloader[set].signature.crypto_hash),
data/cbootimage-1.8/src/t124/nvbctlib_t124.c:977:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(data,
data/cbootimage-1.8/src/t124/nvbctlib_t124.c:983:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(data, &(bct_ptr->unique_chip_id), sizeof(nvboot_ecid));
data/cbootimage-1.8/src/t124/nvbctlib_t124.c:1086:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(&bct_ptr->unique_chip_id, data, sizeof(nvboot_ecid));
data/cbootimage-1.8/src/t124/nvbctlib_t124.c:1132:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(&bct_ptr->signature.crypto_hash, data, sizeof(nvboot_hash));
data/cbootimage-1.8/src/t132/nvbctlib_t132.c:85:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(data, &(bct_ptr->id), size);   \
data/cbootimage-1.8/src/t132/nvbctlib_t132.c:93:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&(bct_ptr->id), data, size);   \
data/cbootimage-1.8/src/t132/nvbctlib_t132.c:886:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(data,
data/cbootimage-1.8/src/t132/nvbctlib_t132.c:921:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(&(bct_ptr->bootloader[set].signature.crypto_hash),
data/cbootimage-1.8/src/t132/nvbctlib_t132.c:987:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(data,
data/cbootimage-1.8/src/t132/nvbctlib_t132.c:993:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(data, &(bct_ptr->unique_chip_id), sizeof(nvboot_ecid));
data/cbootimage-1.8/src/t132/nvbctlib_t132.c:1063:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(&bct_ptr->unique_chip_id, data, sizeof(nvboot_ecid));
data/cbootimage-1.8/src/t132/nvbctlib_t132.c:1093:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(&bct_ptr->signature.crypto_hash, data, sizeof(nvboot_hash));
data/cbootimage-1.8/src/t20/nvbctlib_t20.c:83:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(data, &(bct_ptr->id), size);   \
data/cbootimage-1.8/src/t20/nvbctlib_t20.c:90:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&(bct_ptr->id), data, size);   \
data/cbootimage-1.8/src/t20/nvbctlib_t20.c:460:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(data,
data/cbootimage-1.8/src/t20/nvbctlib_t20.c:495:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(&(bct_ptr->bootloader[set].crypto_hash),
data/cbootimage-1.8/src/t210/nvbctlib_t210.c:85:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(data, &(bct_ptr->id), size);   \
data/cbootimage-1.8/src/t210/nvbctlib_t210.c:93:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&(bct_ptr->id), data, size);   \
data/cbootimage-1.8/src/t210/nvbctlib_t210.c:2034:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(data,
data/cbootimage-1.8/src/t210/nvbctlib_t210.c:2075:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(&(bct_ptr->bootloader[set].signature.crypto_hash),
data/cbootimage-1.8/src/t210/nvbctlib_t210.c:2132:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(data,
data/cbootimage-1.8/src/t210/nvbctlib_t210.c:2138:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(data, &(bct_ptr->unique_chip_id), sizeof(nvboot_ecid));
data/cbootimage-1.8/src/t210/nvbctlib_t210.c:2242:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(&bct_ptr->unique_chip_id, data, sizeof(nvboot_ecid));
data/cbootimage-1.8/src/t210/nvbctlib_t210.c:2288:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(&bct_ptr->signature.crypto_hash, data, sizeof(nvboot_hash));
data/cbootimage-1.8/src/t30/nvbctlib_t30.c:83:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(data, &(bct_ptr->id), size);   \
data/cbootimage-1.8/src/t30/nvbctlib_t30.c:90:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&(bct_ptr->id), data, size);   \
data/cbootimage-1.8/src/t30/nvbctlib_t30.c:667:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(data,
data/cbootimage-1.8/src/t30/nvbctlib_t30.c:702:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(&(bct_ptr->bootloader[set].crypto_hash),
data/cbootimage-1.8/src/bct_dump.c:169:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		int length = strlen(table[i].name);
data/cbootimage-1.8/src/parse.c:210:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	paddings = strlen(str) % 2;
data/cbootimage-1.8/src/parse.c:211:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	byte_index = strlen(str) / 2 + paddings;
data/cbootimage-1.8/src/parse.c:221:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
		strncpy(byte_str, str, 2 - paddings);
data/cbootimage-1.8/src/parse.c:291:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		if ((strlen(field_table[i].name) == field_name_len) &&
data/cbootimage-1.8/src/parse.c:370:4:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			strlen(table[i].name))) {
data/cbootimage-1.8/src/parse.c:372:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			rest = str + strlen(table[i].name);
data/cbootimage-1.8/src/parse.c:428:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if (strncmp(e_state, "Complete", strlen("Complete")))
data/cbootimage-1.8/src/parse.c:483:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if (strncmp(e_state, "Complete", strlen("Complete")))
data/cbootimage-1.8/src/parse.c:754:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			rest, strlen(g_soc_config->device_type_table[i].prefix))) {
data/cbootimage-1.8/src/parse.c:757:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			rest = rest + strlen(g_soc_config->device_type_table[i].prefix);
data/cbootimage-1.8/src/parse.c:864:4:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			strlen(cfg_parse_item[i].prefix))) {
data/cbootimage-1.8/src/parse.c:865:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			rest = str + strlen(cfg_parse_item[i].prefix);
data/cbootimage-1.8/src/parse.c:896:20:  [1] (buffer) fgetc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	while ((current = fgetc(context->config_file)) != EOF) {

ANALYSIS SUMMARY:

Hits = 77
Lines analyzed = 22571 in approximately 0.57 seconds (39748 lines/second)
Physical Source Lines of Code (SLOC) = 14830
Hits@level = [0] 126 [1]  14 [2]  62 [3]   1 [4]   0 [5]   0
Hits@level+ = [0+] 203 [1+]  77 [2+]  63 [3+]   1 [4+]   0 [5+]   0
Hits/KSLOC@level+ = [0+] 13.6885 [1+] 5.19218 [2+] 4.24815 [3+] 0.0674309 [4+]   0 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.