Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/fasttext-0.9.2/scripts/kbcompletion/eval.cpp
Examining data/fasttext-0.9.2/src/dictionary.h
Examining data/fasttext-0.9.2/src/matrix.h
Examining data/fasttext-0.9.2/src/vector.h
Examining data/fasttext-0.9.2/src/real.h
Examining data/fasttext-0.9.2/src/densematrix.cc
Examining data/fasttext-0.9.2/src/utils.h
Examining data/fasttext-0.9.2/src/productquantizer.h
Examining data/fasttext-0.9.2/src/utils.cc
Examining data/fasttext-0.9.2/src/autotune.h
Examining data/fasttext-0.9.2/src/args.h
Examining data/fasttext-0.9.2/src/meter.h
Examining data/fasttext-0.9.2/src/args.cc
Examining data/fasttext-0.9.2/src/productquantizer.cc
Examining data/fasttext-0.9.2/src/fasttext.cc
Examining data/fasttext-0.9.2/src/fasttext.h
Examining data/fasttext-0.9.2/src/model.cc
Examining data/fasttext-0.9.2/src/matrix.cc
Examining data/fasttext-0.9.2/src/vector.cc
Examining data/fasttext-0.9.2/src/quantmatrix.h
Examining data/fasttext-0.9.2/src/autotune.cc
Examining data/fasttext-0.9.2/src/densematrix.h
Examining data/fasttext-0.9.2/src/dictionary.cc
Examining data/fasttext-0.9.2/src/meter.cc
Examining data/fasttext-0.9.2/src/quantmatrix.cc
Examining data/fasttext-0.9.2/src/main.cc
Examining data/fasttext-0.9.2/src/loss.cc
Examining data/fasttext-0.9.2/src/model.h
Examining data/fasttext-0.9.2/src/loss.h
Examining data/fasttext-0.9.2/webassembly/fasttext_wasm.cc
Examining data/fasttext-0.9.2/python/fasttext_module/fasttext/pybind/fasttext_pybind.cc
Examining data/fasttext-0.9.2/crawl/dedup.cc
Examining data/fasttext-0.9.2/crawl/filter_utf8.cc

FINAL RESULTS:

data/fasttext-0.9.2/scripts/kbcompletion/eval.cpp:49:24:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
  if (argc == 5) { k = atoi(argv[4]);}
data/fasttext-0.9.2/src/main.cc:234:9:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    ifs.open(infile);
data/fasttext-0.9.2/src/productquantizer.cc:123:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(centroids + k * d, centroids + m * d, sizeof(real) * d);
data/fasttext-0.9.2/src/productquantizer.cc:140:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&c[i * d], x + perm[i] * d, d * sizeof(real));
data/fasttext-0.9.2/src/productquantizer.cc:168:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(
data/fasttext-0.9.2/src/args.cc:342:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  in.read((char*)&(dim), sizeof(int));
data/fasttext-0.9.2/src/args.cc:343:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  in.read((char*)&(ws), sizeof(int));
data/fasttext-0.9.2/src/args.cc:344:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  in.read((char*)&(epoch), sizeof(int));
data/fasttext-0.9.2/src/args.cc:345:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  in.read((char*)&(minCount), sizeof(int));
data/fasttext-0.9.2/src/args.cc:346:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  in.read((char*)&(neg), sizeof(int));
data/fasttext-0.9.2/src/args.cc:347:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  in.read((char*)&(wordNgrams), sizeof(int));
data/fasttext-0.9.2/src/args.cc:348:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  in.read((char*)&(loss), sizeof(loss_name));
data/fasttext-0.9.2/src/args.cc:349:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  in.read((char*)&(model), sizeof(model_name));
data/fasttext-0.9.2/src/args.cc:350:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  in.read((char*)&(bucket), sizeof(int));
data/fasttext-0.9.2/src/args.cc:351:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  in.read((char*)&(minn), sizeof(int));
data/fasttext-0.9.2/src/args.cc:352:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  in.read((char*)&(maxn), sizeof(int));
data/fasttext-0.9.2/src/args.cc:353:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  in.read((char*)&(lrUpdateRate), sizeof(int));
data/fasttext-0.9.2/src/args.cc:354:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  in.read((char*)&(t), sizeof(double));
data/fasttext-0.9.2/src/densematrix.cc:156:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  in.read((char*)&m_, sizeof(int64_t));
data/fasttext-0.9.2/src/densematrix.cc:157:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  in.read((char*)&n_, sizeof(int64_t));
data/fasttext-0.9.2/src/densematrix.cc:159:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  in.read((char*)data_.data(), m_ * n_ * sizeof(real));
data/fasttext-0.9.2/src/dictionary.cc:452:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  in.read((char*)&size_, sizeof(int32_t));
data/fasttext-0.9.2/src/dictionary.cc:453:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  in.read((char*)&nwords_, sizeof(int32_t));
data/fasttext-0.9.2/src/dictionary.cc:454:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  in.read((char*)&nlabels_, sizeof(int32_t));
data/fasttext-0.9.2/src/dictionary.cc:455:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  in.read((char*)&ntokens_, sizeof(int64_t));
data/fasttext-0.9.2/src/dictionary.cc:456:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  in.read((char*)&pruneidx_size_, sizeof(int64_t));
data/fasttext-0.9.2/src/dictionary.cc:463:8:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    in.read((char*)&e.count, sizeof(int64_t));
data/fasttext-0.9.2/src/dictionary.cc:464:8:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    in.read((char*)&e.type, sizeof(entry_type));
data/fasttext-0.9.2/src/dictionary.cc:471:8:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    in.read((char*)&first, sizeof(int32_t));
data/fasttext-0.9.2/src/dictionary.cc:472:8:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    in.read((char*)&second, sizeof(int32_t));
data/fasttext-0.9.2/src/fasttext.cc:174:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  in.read((char*)&(magic), sizeof(int32_t));
data/fasttext-0.9.2/src/fasttext.cc:178:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  in.read((char*)&(version), sizeof(int32_t));
data/fasttext-0.9.2/src/fasttext.cc:251:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  in.read((char*)&quant_input, sizeof(bool));
data/fasttext-0.9.2/src/fasttext.cc:265:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  in.read((char*)&args_->qout, sizeof(bool));
data/fasttext-0.9.2/src/productquantizer.cc:241:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  in.read((char*)&dim_, sizeof(dim_));
data/fasttext-0.9.2/src/productquantizer.cc:242:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  in.read((char*)&nsubq_, sizeof(nsubq_));
data/fasttext-0.9.2/src/productquantizer.cc:243:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  in.read((char*)&dsub_, sizeof(dsub_));
data/fasttext-0.9.2/src/productquantizer.cc:244:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  in.read((char*)&lastdsub_, sizeof(lastdsub_));
data/fasttext-0.9.2/src/productquantizer.cc:247:8:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    in.read((char*)&centroids_[i], sizeof(real));
data/fasttext-0.9.2/src/quantmatrix.cc:97:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  in.read((char*)&qnorm_, sizeof(qnorm_));
data/fasttext-0.9.2/src/quantmatrix.cc:98:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  in.read((char*)&m_, sizeof(m_));
data/fasttext-0.9.2/src/quantmatrix.cc:99:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  in.read((char*)&n_, sizeof(n_));
data/fasttext-0.9.2/src/quantmatrix.cc:100:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  in.read((char*)&codesize_, sizeof(codesize_));
data/fasttext-0.9.2/src/quantmatrix.cc:102:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  in.read((char*)codes_.data(), codesize_ * sizeof(uint8_t));
data/fasttext-0.9.2/src/quantmatrix.cc:107:8:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    in.read((char*)norm_codes_.data(), m_ * sizeof(uint8_t));

ANALYSIS SUMMARY:

Hits = 45
Lines analyzed = 6484 in approximately 0.21 seconds (30840 lines/second)
Physical Source Lines of Code (SLOC) = 5458
Hits@level = [0]   0 [1]  40 [2]   5 [3]   0 [4]   0 [5]   0
Hits@level+ = [0+]  45 [1+]  45 [2+]   5 [3+]   0 [4+]   0 [5+]   0
Hits/KSLOC@level+ = [0+] 8.24478 [1+] 8.24478 [2+] 0.916086 [3+]   0 [4+]   0 [5+]   0
Dot directories skipped = 2 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.