Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/gluegen2-2.3.2/test/junit/com/jogamp/gluegen/struct.h
Examining data/gluegen2-2.3.2/test/native/cross-android-armv7-tst1/arm-gcc-test.c
Examining data/gluegen2-2.3.2/test/native/cross-android-armv7-tst1/hello-java.c
Examining data/gluegen2-2.3.2/test/native/cross-android-armv7-tst1/hello-fp.c
Examining data/gluegen2-2.3.2/test/native/sizeof_dump.c
Examining data/gluegen2-2.3.2/test/native/alignment_test.c
Examining data/gluegen2-2.3.2/test/native/cross-ubuntu-armv7-tst1/arm-gcc-test.c
Examining data/gluegen2-2.3.2/test/issue7.h
Examining data/gluegen2-2.3.2/src/junit/com/jogamp/gluegen/test/junit/generation/pcpptest.h
Examining data/gluegen2-2.3.2/src/junit/com/jogamp/gluegen/test/junit/generation/test1.c
Examining data/gluegen2-2.3.2/src/junit/com/jogamp/gluegen/test/junit/generation/test1-gluegen.c
Examining data/gluegen2-2.3.2/src/junit/com/jogamp/gluegen/test/junit/generation/test1.h
Examining data/gluegen2-2.3.2/src/junit/com/jogamp/gluegen/test/junit/structgen/TestStruct02.h
Examining data/gluegen2-2.3.2/src/junit/com/jogamp/gluegen/test/junit/structgen/TestStruct01.h
Examining data/gluegen2-2.3.2/src/native/windows/WindowsDynamicLinkerImpl_JNI.c
Examining data/gluegen2-2.3.2/src/native/common/JVMUtil.c
Examining data/gluegen2-2.3.2/src/native/common/JarUtil.c
Examining data/gluegen2-2.3.2/src/native/common/PointerBuffer.c
Examining data/gluegen2-2.3.2/src/native/common/MachineDataInfoRuntime.c
Examining data/gluegen2-2.3.2/src/native/common/Platforms.c
Examining data/gluegen2-2.3.2/src/native/unix/UnixDynamicLinkerImpl_JNI.c
Examining data/gluegen2-2.3.2/src/native/tinype/tiny.c
Examining data/gluegen2-2.3.2/src/native/tinype/tiny2.c
Examining data/gluegen2-2.3.2/doc/manual/example4/function.c
Examining data/gluegen2-2.3.2/doc/manual/example4/function.h
Examining data/gluegen2-2.3.2/doc/manual/example5/function.c
Examining data/gluegen2-2.3.2/doc/manual/example5/function.h
Examining data/gluegen2-2.3.2/doc/manual/example3/function.h
Examining data/gluegen2-2.3.2/doc/manual/example2/function.c
Examining data/gluegen2-2.3.2/doc/manual/example2/function.h
Examining data/gluegen2-2.3.2/doc/manual/example6/function.h
Examining data/gluegen2-2.3.2/doc/manual/example7/function.h
Examining data/gluegen2-2.3.2/doc/manual/example1/function.c
Examining data/gluegen2-2.3.2/doc/manual/example1/function.h
Examining data/gluegen2-2.3.2/make/stub_includes/platform/gluegen_types.h
Examining data/gluegen2-2.3.2/make/stub_includes/platform/gluegen_inttypes.h
Examining data/gluegen2-2.3.2/make/stub_includes/platform/gluegen_stdint.h
Examining data/gluegen2-2.3.2/make/stub_includes/platform/gluegen_stddef.h
Examining data/gluegen2-2.3.2/make/stub_includes/platform/glibc-compat-symbols.h
Examining data/gluegen2-2.3.2/make/stub_includes/gluegen/stdarg.h
Examining data/gluegen2-2.3.2/make/stub_includes/gluegen/inttypes.h
Examining data/gluegen2-2.3.2/make/stub_includes/gluegen/stdio.h
Examining data/gluegen2-2.3.2/make/stub_includes/gluegen/gluegen_types.h
Examining data/gluegen2-2.3.2/make/stub_includes/gluegen/gluegen_inttypes.h
Examining data/gluegen2-2.3.2/make/stub_includes/gluegen/stddef.h
Examining data/gluegen2-2.3.2/make/stub_includes/gluegen/stdint.h
Examining data/gluegen2-2.3.2/make/stub_includes/gluegen/gluegen_stdint.h
Examining data/gluegen2-2.3.2/make/stub_includes/gluegen/gluegen_stddef.h
Examining data/gluegen2-2.3.2/make/stub_includes/os/elf_header.h
Examining data/gluegen2-2.3.2/make/stub_includes/os/elf_sh_const.h
Examining data/gluegen2-2.3.2/make/stub_includes/os/elf_eh_const.h
Examining data/gluegen2-2.3.2/make/stub_includes/jni/jni.h
Examining data/gluegen2-2.3.2/make/stub_includes/jni/macosx/jni_md.h
Examining data/gluegen2-2.3.2/make/stub_includes/jni/macosx/jawt_md.h
Examining data/gluegen2-2.3.2/make/stub_includes/jni/x11/jni_md.h
Examining data/gluegen2-2.3.2/make/stub_includes/jni/x11/jawt_md.h
Examining data/gluegen2-2.3.2/make/stub_includes/jni/win32/jni_md.h
Examining data/gluegen2-2.3.2/make/stub_includes/jni/win32/jawt_md.h
Examining data/gluegen2-2.3.2/make/stub_includes/jni/jawt.h
Examining data/gluegen2-2.3.2/jcpp/src/test/resources/once.c
Examining data/gluegen2-2.3.2/jcpp/src/test/resources/trigraph.c
Examining data/gluegen2-2.3.2/jcpp/src/test/resources/varargs.c
Examining data/gluegen2-2.3.2/jcpp/src/test/resources/test0.c
Examining data/gluegen2-2.3.2/jcpp/src/test/resources/test1.c
Examining data/gluegen2-2.3.2/jcpp/src/test/resources/absolute.h
Examining data/gluegen2-2.3.2/jcpp/src/test/resources/test0.h
Examining data/gluegen2-2.3.2/jcpp/src/test/resources/once.h
Examining data/gluegen2-2.3.2/jcpp/src/test/resources/test1.h

FINAL RESULTS:

data/gluegen2-2.3.2/src/native/unix/UnixDynamicLinkerImpl_JNI.c:30:33:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
        #define  DBG_PRINT(...) fprintf(stderr, __VA_ARGS__); fflush(stderr)
data/gluegen2-2.3.2/make/stub_includes/os/elf_header.h:14:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char   e_ident[16];
data/gluegen2-2.3.2/make/stub_includes/platform/glibc-compat-symbols.h:20:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
GLIBC_COMPAT_SYMBOL(memcpy)
data/gluegen2-2.3.2/src/junit/com/jogamp/gluegen/test/junit/generation/test1.c:275:12:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    return atoi(str);
data/gluegen2-2.3.2/src/junit/com/jogamp/gluegen/test/junit/generation/test1.c:279:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char singleton[200];
data/gluegen2-2.3.2/src/junit/com/jogamp/gluegen/test/junit/generation/test1.c:620:38:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
MYAPI int MYAPIENTRY rgbaToInt(const char rgba[4]) {
data/gluegen2-2.3.2/src/junit/com/jogamp/gluegen/test/junit/generation/test1.c:626:44:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
MYAPI void MYAPIENTRY intToRgba(int irgba, char rgbaSink[4]) {
data/gluegen2-2.3.2/src/junit/com/jogamp/gluegen/test/junit/generation/test1.c:635:37:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
MYAPI void MYAPIENTRY addByte(const char summands[2], char result[1]) {
data/gluegen2-2.3.2/src/junit/com/jogamp/gluegen/test/junit/generation/test1.c:635:55:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
MYAPI void MYAPIENTRY addByte(const char summands[2], char result[1]) {
data/gluegen2-2.3.2/src/junit/com/jogamp/gluegen/test/junit/generation/test1.h:429:50:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
typedef int (MYAPIENTRY* PFNRGBATOINTPROC)(const char rgba[4]);
data/gluegen2-2.3.2/src/junit/com/jogamp/gluegen/test/junit/generation/test1.h:430:56:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
typedef void (MYAPIENTRY* PFNINTTORGBAPROC)(int irgba, char rgbaSink[4]);
data/gluegen2-2.3.2/src/junit/com/jogamp/gluegen/test/junit/generation/test1.h:431:49:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
typedef void (MYAPIENTRY* PFNADDBYTEPROC)(const char summands[2], char result[1]);
data/gluegen2-2.3.2/src/junit/com/jogamp/gluegen/test/junit/generation/test1.h:431:67:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
typedef void (MYAPIENTRY* PFNADDBYTEPROC)(const char summands[2], char result[1]);
data/gluegen2-2.3.2/src/junit/com/jogamp/gluegen/test/junit/generation/test1.h:435:38:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
MYAPI int MYAPIENTRY rgbaToInt(const char rgba[4]);
data/gluegen2-2.3.2/src/junit/com/jogamp/gluegen/test/junit/generation/test1.h:436:44:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
MYAPI void MYAPIENTRY intToRgba(int irgba, char rgbaSink[4]);
data/gluegen2-2.3.2/src/junit/com/jogamp/gluegen/test/junit/generation/test1.h:438:37:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
MYAPI void MYAPIENTRY addByte(const char summands[2], char result[1]);
data/gluegen2-2.3.2/src/junit/com/jogamp/gluegen/test/junit/generation/test1.h:438:55:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
MYAPI void MYAPIENTRY addByte(const char summands[2], char result[1]);
data/gluegen2-2.3.2/src/junit/com/jogamp/gluegen/test/junit/generation/test1.h:465:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const char modelNameArrayFixedLen[12]; /* 'Hello Array' len=11+1 */
data/gluegen2-2.3.2/src/junit/com/jogamp/gluegen/test/junit/generation/test1.h:497:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char modelNameArrayFixedLen[12]; /* 'Hello Array' len=11+1 */
data/gluegen2-2.3.2/doc/manual/example3/function.h:4:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t strlen(const char* str);
data/gluegen2-2.3.2/src/junit/com/jogamp/gluegen/test/junit/generation/test1.c:289:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                l+=strlen(strings[i]);
data/gluegen2-2.3.2/src/junit/com/jogamp/gluegen/test/junit/generation/test1.c:715:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120). Risk is low because the source is a
  constant string.
    strncpy(s->modelNameArrayFixedLen, "Hello Array", sizeof(s->modelNameArrayFixedLen));
data/gluegen2-2.3.2/src/junit/com/jogamp/gluegen/test/junit/generation/test1.c:718:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120). Risk is low because the source is a
  constant string.
    strncpy(s->modelNamePointerCString, "Hello CString", 13+1);
data/gluegen2-2.3.2/src/junit/com/jogamp/gluegen/test/junit/generation/test1.c:721:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120). Risk is low because the source is a
  constant string.
    strncpy(s->modelNamePointerCustomLen, "Hello Pointer", 13+1);

ANALYSIS SUMMARY:

Hits = 24
Lines analyzed = 5787 in approximately 0.28 seconds (20773 lines/second)
Physical Source Lines of Code (SLOC) = 4469
Hits@level = [0] 132 [1]   5 [2]  18 [3]   0 [4]   1 [5]   0
Hits@level+ = [0+] 156 [1+]  24 [2+]  19 [3+]   1 [4+]   1 [5+]   0
Hits/KSLOC@level+ = [0+] 34.9071 [1+] 5.37033 [2+] 4.25151 [3+] 0.223764 [4+] 0.223764 [5+]   0
Dot directories skipped = 2 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.