stdin

Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/haskell-charsetdetect-ae-1.1.0.4/cbits/dso_handle.c
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/CharDistribution.cpp
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/JpCntx.cpp
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/LangBulgarianModel.cpp
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/LangCyrillicModel.cpp
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/LangGreekModel.cpp
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/LangHebrewModel.cpp
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/LangHungarianModel.cpp
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/LangThaiModel.cpp
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/nsBig5Prober.cpp
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/nsCharSetProber.cpp
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/nsEscCharsetProber.cpp
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/nsEscSM.cpp
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/nsEUCJPProber.cpp
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/nsEUCKRProber.cpp
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/nsEUCTWProber.cpp
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/nsGB2312Prober.cpp
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/nsHebrewProber.cpp
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/nsLatin1Prober.cpp
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/nsMBCSGroupProber.cpp
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/nsMBCSSM.cpp
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/nsSBCharSetProber.cpp
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/nsSBCSGroupProber.cpp
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/nsSJISProber.cpp
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/nsUniversalDetector.cpp
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/nsUTF8Prober.cpp
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/CharDistribution.h
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/JpCntx.h
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/nsBig5Prober.h
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/nsCharSetProber.h
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/nsCodingStateMachine.h
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/nsEscCharsetProber.h
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/nsEUCJPProber.h
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/nsEUCKRProber.h
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/nsEUCTWProber.h
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/nsGB2312Prober.h
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/nsHebrewProber.h
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/nsLatin1Prober.h
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/nsMBCSGroupProber.h
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/nsPkgInt.h
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/nsSBCharSetProber.h
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/nsSBCSGroupProber.h
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/nsSJISProber.h
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/nsUniversalDetector.h
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/nsUTF8Prober.h
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/nspr-emu/obsolete/protypes.h
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/nspr-emu/prcpucfg_freebsd.h
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/nspr-emu/prcpucfg_linux.h
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/nspr-emu/prcpucfg_mac.h
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/nspr-emu/prcpucfg_openbsd.h
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/nspr-emu/prcpucfg_win.h
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/nspr-emu/prmem.h
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/nspr-emu/prtypes.h
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/nspr-emu/prcpucfg.h
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/charsetdetect.cpp
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/charsetdetect.h
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/charsetdetectPriv.h
Examining data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/nscore.h

FINAL RESULTS:

data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/JpCntx.cpp:42:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char jp2CharContext[83][83] = 
data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/JpCntx.h:49:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
extern char jp2CharContext[83][83];
data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/nsBig5Prober.h:65:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char mLastChar[2];
data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/nsEUCJPProber.h:70:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char mLastChar[2];
data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/nsEUCKRProber.h:65:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char mLastChar[2];
data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/nsEUCTWProber.h:65:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char mLastChar[2];
data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/nsGB2312Prober.h:67:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char mLastChar[2];
data/haskell-charsetdetect-ae-1.1.0.4/libcharsetdetect/mozilla/extensions/universalchardet/src/base/nsSJISProber.h:71:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char mLastChar[2];

ANALYSIS SUMMARY:

Hits = 8
Lines analyzed = 9635 in approximately 0.51 seconds (19057 lines/second)
Physical Source Lines of Code (SLOC) = 5851
Hits@level = [0]   8 [1]   0 [2]   8 [3]   0 [4]   0 [5]   0
Hits@level+ = [0+]  16 [1+]   8 [2+]   8 [3+]   0 [4+]   0 [5+]   0
Hits/KSLOC@level+ = [0+] 2.73458 [1+] 1.36729 [2+] 1.36729 [3+]   0 [4+]   0 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.