stdin

Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/kross-interpreters-20.04.3/java/test/testobject.cpp
Examining data/kross-interpreters-20.04.3/java/test/testwindow.cpp
Examining data/kross-interpreters-20.04.3/java/test/testwindow.h
Examining data/kross-interpreters-20.04.3/java/test/testobject.h
Examining data/kross-interpreters-20.04.3/java/test/main.cpp
Examining data/kross-interpreters-20.04.3/java/krossjava/jvmexception.h
Examining data/kross-interpreters-20.04.3/java/krossjava/jvmfunction.h
Examining data/kross-interpreters-20.04.3/java/krossjava/jvmclasswriter.cpp
Examining data/kross-interpreters-20.04.3/java/krossjava/jvminterpreter.cpp
Examining data/kross-interpreters-20.04.3/java/krossjava/jvmvariant.cpp
Examining data/kross-interpreters-20.04.3/java/krossjava/jvmextension.h
Examining data/kross-interpreters-20.04.3/java/krossjava/jvmclasswriter.h
Examining data/kross-interpreters-20.04.3/java/krossjava/jvmscript.h
Examining data/kross-interpreters-20.04.3/java/krossjava/jvmconfig.h
Examining data/kross-interpreters-20.04.3/java/krossjava/jvmextension.cpp
Examining data/kross-interpreters-20.04.3/java/krossjava/jvmvariant.h
Examining data/kross-interpreters-20.04.3/java/krossjava/jvminterpreter.h
Examining data/kross-interpreters-20.04.3/java/krossjava/jvmscript.cpp
Examining data/kross-interpreters-20.04.3/tests/testobject.cpp
Examining data/kross-interpreters-20.04.3/tests/testobject.h
Examining data/kross-interpreters-20.04.3/tests/main.cpp
Examining data/kross-interpreters-20.04.3/ruby/rubyinterpreter.cpp
Examining data/kross-interpreters-20.04.3/ruby/rubyvariant.cpp
Examining data/kross-interpreters-20.04.3/ruby/rubyconfig.h
Examining data/kross-interpreters-20.04.3/ruby/rubyobject.cpp
Examining data/kross-interpreters-20.04.3/ruby/rubycallcache.cpp
Examining data/kross-interpreters-20.04.3/ruby/rubyinterpreter.h
Examining data/kross-interpreters-20.04.3/ruby/rubyscript.cpp
Examining data/kross-interpreters-20.04.3/ruby/rubycallcache.h
Examining data/kross-interpreters-20.04.3/ruby/rubyextension.cpp
Examining data/kross-interpreters-20.04.3/ruby/rubymodule.h
Examining data/kross-interpreters-20.04.3/ruby/rubyobject.h
Examining data/kross-interpreters-20.04.3/ruby/rubyfunction.h
Examining data/kross-interpreters-20.04.3/ruby/rubyscript.h
Examining data/kross-interpreters-20.04.3/ruby/rubyvariant.h
Examining data/kross-interpreters-20.04.3/ruby/rubyextension.h
Examining data/kross-interpreters-20.04.3/ruby/rubymodule.cpp
Examining data/kross-interpreters-20.04.3/python/pythonvariant.cpp
Examining data/kross-interpreters-20.04.3/python/cxx/CXX/WrapPython.h
Examining data/kross-interpreters-20.04.3/python/cxx/Src/cxx_exceptions.cxx
Examining data/kross-interpreters-20.04.3/python/cxx/Src/cxxextensions.c
Examining data/kross-interpreters-20.04.3/python/cxx/Src/cxx_extensions.cxx
Examining data/kross-interpreters-20.04.3/python/cxx/Src/IndirectPythonInterface.cxx
Examining data/kross-interpreters-20.04.3/python/cxx/Src/cxxsupport.cxx
Examining data/kross-interpreters-20.04.3/python/cxx/Src/Python2/cxx_exceptions.cxx
Examining data/kross-interpreters-20.04.3/python/cxx/Src/Python2/cxxextensions.c
Examining data/kross-interpreters-20.04.3/python/cxx/Src/Python2/cxx_extensions.cxx
Examining data/kross-interpreters-20.04.3/python/cxx/Src/Python2/cxxsupport.cxx
Examining data/kross-interpreters-20.04.3/python/pythonobject.h
Examining data/kross-interpreters-20.04.3/python/pythonmodule.cpp
Examining data/kross-interpreters-20.04.3/python/pythoninterpreter.cpp
Examining data/kross-interpreters-20.04.3/python/pythonfunction.h
Examining data/kross-interpreters-20.04.3/python/pythoninterpreter.h
Examining data/kross-interpreters-20.04.3/python/pythonmodule.h
Examining data/kross-interpreters-20.04.3/python/pythonobject.cpp
Examining data/kross-interpreters-20.04.3/python/pythonconfig.h
Examining data/kross-interpreters-20.04.3/python/pythonextension.h
Examining data/kross-interpreters-20.04.3/python/pythonscript.cpp
Examining data/kross-interpreters-20.04.3/python/pythonextension.cpp
Examining data/kross-interpreters-20.04.3/python/pythonvariant.h
Examining data/kross-interpreters-20.04.3/python/pythonscript.h
Examining data/kross-interpreters-20.04.3/falcon/falconkrossobject.h
Examining data/kross-interpreters-20.04.3/falcon/falconobjman.cpp
Examining data/kross-interpreters-20.04.3/falcon/falconscript.h
Examining data/kross-interpreters-20.04.3/falcon/falconscript.cpp
Examining data/kross-interpreters-20.04.3/falcon/falconkopaque.h
Examining data/kross-interpreters-20.04.3/falcon/falconkfvm.h
Examining data/kross-interpreters-20.04.3/falcon/falconmodule.h
Examining data/kross-interpreters-20.04.3/falcon/falconinterpreter.h
Examining data/kross-interpreters-20.04.3/falcon/falconkross.h
Examining data/kross-interpreters-20.04.3/falcon/falconerrhand.h
Examining data/kross-interpreters-20.04.3/falcon/tests/helloworld/mainwindow.h
Examining data/kross-interpreters-20.04.3/falcon/tests/helloworld/mainwindow.cpp
Examining data/kross-interpreters-20.04.3/falcon/tests/helloworld/main.cpp
Examining data/kross-interpreters-20.04.3/falcon/falconconfig.h
Examining data/kross-interpreters-20.04.3/falcon/falconkerror.h
Examining data/kross-interpreters-20.04.3/falcon/falconmodule.cpp
Examining data/kross-interpreters-20.04.3/falcon/falconobjman.h
Examining data/kross-interpreters-20.04.3/falcon/metatypeflex.h
Examining data/kross-interpreters-20.04.3/falcon/falconkfvm.cpp
Examining data/kross-interpreters-20.04.3/falcon/falconinterpreter.cpp
Examining data/kross-interpreters-20.04.3/falcon/falconfunction.cpp
Examining data/kross-interpreters-20.04.3/falcon/falconfunction.h
Examining data/kross-interpreters-20.04.3/falcon/falconkopaque.cpp
Examining data/kross-interpreters-20.04.3/falcon/metatypeflex.cpp
Examining data/kross-interpreters-20.04.3/falcon/falconerrhand.cpp
Examining data/kross-interpreters-20.04.3/falcon/falconkrossobject.cpp
Examining data/kross-interpreters-20.04.3/falcon/falconkross.cpp
Examining data/kross-interpreters-20.04.3/falcon/falconkerror.cpp

FINAL RESULTS:

data/kross-interpreters-20.04.3/python/cxx/Src/IndirectPythonInterface.cxx:213:5:  [4] (format) _snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    _snprintf( python_dll_name, sizeof(python_dll_name_format) / sizeof(char) - 1, python_dll_name_format, PY_MAJOR_VERSION, PY_MINOR_VERSION );
data/kross-interpreters-20.04.3/java/krossjava/jvmvariant.h:65:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(&pointer, &qobj, sizeof(qobj));
data/kross-interpreters-20.04.3/python/cxx/Src/IndirectPythonInterface.cxx:211:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char python_dll_name[sizeof(python_dll_name_format)];
data/kross-interpreters-20.04.3/tests/main.cpp:67:13:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if (! f.open(QIODevice::ReadOnly)) {
data/kross-interpreters-20.04.3/falcon/falconkfvm.cpp:1598:31:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    QVariant qvariant = prop->read ( ptr->data() );
data/kross-interpreters-20.04.3/python/pythonextension.cpp:235:59:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        return PythonType<QVariant>::toPyObject( property.read(d->object) );
data/kross-interpreters-20.04.3/ruby/rubyextension.cpp:482:58:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
            return RubyType<QVariant>::toVALUE( property.read(extension->d->m_object) );

ANALYSIS SUMMARY:

Hits = 7
Lines analyzed = 19537 in approximately 2.14 seconds (9134 lines/second)
Physical Source Lines of Code (SLOC) = 12252
Hits@level = [0]   6 [1]   3 [2]   3 [3]   0 [4]   1 [5]   0
Hits@level+ = [0+]  13 [1+]   7 [2+]   4 [3+]   1 [4+]   1 [5+]   0
Hits/KSLOC@level+ = [0+] 1.06105 [1+] 0.571335 [2+] 0.326477 [3+] 0.0816193 [4+] 0.0816193 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.