Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/libcypher-parser-0.6.0/tests/check_call.c Examining data/libcypher-parser-0.6.0/tests/check_statement.c Examining data/libcypher-parser-0.6.0/tests/memstream.c Examining data/libcypher-parser-0.6.0/tests/check_reduce.c Examining data/libcypher-parser-0.6.0/tests/check_quick_fparse.c Examining data/libcypher-parser-0.6.0/tests/check_expression.c Examining data/libcypher-parser-0.6.0/tests/check_union.c Examining data/libcypher-parser-0.6.0/tests/check_libcypher-parser.c Examining data/libcypher-parser-0.6.0/tests/check_command.c Examining data/libcypher-parser-0.6.0/tests/check_create.c Examining data/libcypher-parser-0.6.0/tests/check_match.c Examining data/libcypher-parser-0.6.0/tests/check_foreach.c Examining data/libcypher-parser-0.6.0/tests/check_list_comprehensions.c Examining data/libcypher-parser-0.6.0/tests/check_pattern_comprehension.c Examining data/libcypher-parser-0.6.0/tests/check_eof.c Examining data/libcypher-parser-0.6.0/tests/check_pattern.c Examining data/libcypher-parser-0.6.0/tests/check_segments.c Examining data/libcypher-parser-0.6.0/tests/check_map_projection.c Examining data/libcypher-parser-0.6.0/tests/memstream.h Examining data/libcypher-parser-0.6.0/tests/check_indexes.c Examining data/libcypher-parser-0.6.0/tests/check_start.c Examining data/libcypher-parser-0.6.0/tests/check_constraints.c Examining data/libcypher-parser-0.6.0/tests/check_case.c Examining data/libcypher-parser-0.6.0/tests/check_unwind.c Examining data/libcypher-parser-0.6.0/tests/check_libcypher-parser_suite.c Examining data/libcypher-parser-0.6.0/tests/check_merge.c Examining data/libcypher-parser-0.6.0/tests/check_error_tracking.c Examining data/libcypher-parser-0.6.0/tests/check_util.c Examining data/libcypher-parser-0.6.0/tests/check_errors.c Examining data/libcypher-parser-0.6.0/tests/check_return.c Examining data/libcypher-parser-0.6.0/tests/check_quick_parse.c Examining data/libcypher-parser-0.6.0/tests/check_query.c Examining data/libcypher-parser-0.6.0/tests/check_load_csv.c Examining data/libcypher-parser-0.6.0/tests/check_set.c Examining data/libcypher-parser-0.6.0/tests/check_with.c Examining data/libcypher-parser-0.6.0/tests/check_remove.c Examining data/libcypher-parser-0.6.0/tests/check_delete.c Examining data/libcypher-parser-0.6.0/src/bin/cypher-lint.c Examining data/libcypher-parser-0.6.0/src/lib/ast_reduce.c Examining data/libcypher-parser-0.6.0/src/lib/ast_true.c Examining data/libcypher-parser-0.6.0/src/lib/ast_remove_property.c Examining data/libcypher-parser-0.6.0/src/lib/string_buffer.c Examining data/libcypher-parser-0.6.0/src/lib/ast_map_projection_literal.c Examining data/libcypher-parser-0.6.0/src/lib/ast_slice_operator.c Examining data/libcypher-parser-0.6.0/src/lib/ast.c Examining data/libcypher-parser-0.6.0/src/lib/ast_remove_labels.c Examining data/libcypher-parser-0.6.0/src/lib/ast_identifier.c Examining data/libcypher-parser-0.6.0/src/lib/ast_drop_node_prop_constraint.c Examining data/libcypher-parser-0.6.0/src/lib/ast_map_projection_property.c Examining data/libcypher-parser-0.6.0/src/lib/ast_drop_rel_prop_constraint.c Examining data/libcypher-parser-0.6.0/src/lib/ast_line_comment.c Examining data/libcypher-parser-0.6.0/src/lib/ast_statement.c Examining data/libcypher-parser-0.6.0/src/lib/ast_drop_node_prop_index.c Examining data/libcypher-parser-0.6.0/src/lib/ast_set.c Examining data/libcypher-parser-0.6.0/src/lib/ast_node_index_lookup.c Examining data/libcypher-parser-0.6.0/src/lib/segment.h Examining data/libcypher-parser-0.6.0/src/lib/util.c Examining data/libcypher-parser-0.6.0/src/lib/ast_function_name.c Examining data/libcypher-parser-0.6.0/src/lib/operators.h Examining data/libcypher-parser-0.6.0/src/lib/ast_query_clause.c Examining data/libcypher-parser-0.6.0/src/lib/cypher-parser.h Examining data/libcypher-parser-0.6.0/src/lib/ast_any.c Examining data/libcypher-parser-0.6.0/src/lib/ast_sort_item.c Examining data/libcypher-parser-0.6.0/src/lib/ast_rel_id_lookup.c Examining data/libcypher-parser-0.6.0/src/lib/ast_using_scan.c Examining data/libcypher-parser-0.6.0/src/lib/ast_set_item.c Examining data/libcypher-parser-0.6.0/src/lib/ast_match.c Examining data/libcypher-parser-0.6.0/src/lib/ast_merge_action.c Examining data/libcypher-parser-0.6.0/src/lib/ast_case.c Examining data/libcypher-parser-0.6.0/src/lib/ast_using_join.c Examining data/libcypher-parser-0.6.0/src/lib/ast_rel_index_query.c Examining data/libcypher-parser-0.6.0/src/lib/ast_rel_index_lookup.c Examining data/libcypher-parser-0.6.0/src/lib/ast_create.c Examining data/libcypher-parser-0.6.0/src/lib/ast_filter.c Examining data/libcypher-parser-0.6.0/src/lib/vector.c Examining data/libcypher-parser-0.6.0/src/lib/ast_parameter.c Examining data/libcypher-parser-0.6.0/src/lib/ast_query_option.c Examining data/libcypher-parser-0.6.0/src/lib/ast_start_point.c Examining data/libcypher-parser-0.6.0/src/lib/ast_node_index_query.c Examining data/libcypher-parser-0.6.0/src/lib/ast_schema_command.c Examining data/libcypher-parser-0.6.0/src/lib/astnode.h Examining data/libcypher-parser-0.6.0/src/lib/ast_comment.c Examining data/libcypher-parser-0.6.0/src/lib/ast_prop_name.c Examining data/libcypher-parser-0.6.0/src/lib/ast_create_rel_prop_constraint.c Examining data/libcypher-parser-0.6.0/src/lib/ast_projection.c Examining data/libcypher-parser-0.6.0/src/lib/ast_pattern_comprehension.c Examining data/libcypher-parser-0.6.0/src/lib/ast_union.c Examining data/libcypher-parser-0.6.0/src/lib/ast_string.c Examining data/libcypher-parser-0.6.0/src/lib/ast_with.c Examining data/libcypher-parser-0.6.0/src/lib/result.h Examining data/libcypher-parser-0.6.0/src/lib/errors.h Examining data/libcypher-parser-0.6.0/src/lib/ast_on_match.c Examining data/libcypher-parser-0.6.0/src/lib/ast_profile_option.c Examining data/libcypher-parser-0.6.0/src/lib/ast_create_node_prop_constraint.c Examining data/libcypher-parser-0.6.0/src/lib/ast_binary_operator.c Examining data/libcypher-parser-0.6.0/src/lib/ast_shortest_path.c Examining data/libcypher-parser-0.6.0/src/lib/ast_statement_option.c Examining data/libcypher-parser-0.6.0/src/lib/parser_config.c Examining data/libcypher-parser-0.6.0/src/lib/ast_map_projection_identifier.c Examining data/libcypher-parser-0.6.0/src/lib/quick_parser_leg.c Examining data/libcypher-parser-0.6.0/src/lib/ast_single.c Examining data/libcypher-parser-0.6.0/src/lib/ast_comparison.c Examining data/libcypher-parser-0.6.0/src/lib/ast_pattern.c Examining data/libcypher-parser-0.6.0/src/lib/ast_pattern_path.c Examining data/libcypher-parser-0.6.0/src/lib/ast_explain_option.c Examining data/libcypher-parser-0.6.0/src/lib/ast_map_projection_all_properties.c Examining data/libcypher-parser-0.6.0/src/lib/parser_leg.c Examining data/libcypher-parser-0.6.0/src/lib/ast_list_comprehension.c Examining data/libcypher-parser-0.6.0/src/lib/ast_extract.c Examining data/libcypher-parser-0.6.0/src/lib/ast_boolean.c Examining data/libcypher-parser-0.6.0/src/lib/ast_all_nodes_scan.c Examining data/libcypher-parser-0.6.0/src/lib/ast_cypher_option_param.c Examining data/libcypher-parser-0.6.0/src/lib/ast_float.c Examining data/libcypher-parser-0.6.0/src/lib/ast_call.c Examining data/libcypher-parser-0.6.0/src/lib/ast_index_name.c Examining data/libcypher-parser-0.6.0/src/lib/ast.h Examining data/libcypher-parser-0.6.0/src/lib/ast_query.c Examining data/libcypher-parser-0.6.0/src/lib/ast_using_index.c Examining data/libcypher-parser-0.6.0/src/lib/ast_on_create.c Examining data/libcypher-parser-0.6.0/src/lib/ast_merge_properties.c Examining data/libcypher-parser-0.6.0/src/lib/ast_using_periodic_commit.c Examining data/libcypher-parser-0.6.0/src/lib/ast_all.c Examining data/libcypher-parser-0.6.0/src/lib/ast_set_property.c Examining data/libcypher-parser-0.6.0/src/lib/string_buffer.h Examining data/libcypher-parser-0.6.0/src/lib/ast_proc_name.c Examining data/libcypher-parser-0.6.0/src/lib/ast_property_operator.c Examining data/libcypher-parser-0.6.0/src/lib/ast_false.c Examining data/libcypher-parser-0.6.0/src/lib/ast_labels_operator.c Examining data/libcypher-parser-0.6.0/src/lib/ast_apply_operator.c Examining data/libcypher-parser-0.6.0/src/lib/ast_cypher_option.c Examining data/libcypher-parser-0.6.0/src/lib/ast_error.c Examining data/libcypher-parser-0.6.0/src/lib/ast_foreach.c Examining data/libcypher-parser-0.6.0/src/lib/ast_collection.c Examining data/libcypher-parser-0.6.0/src/lib/ast_map_projection.c Examining data/libcypher-parser-0.6.0/src/lib/ast_named_path.c Examining data/libcypher-parser-0.6.0/src/lib/util.h Examining data/libcypher-parser-0.6.0/src/lib/segment.c Examining data/libcypher-parser-0.6.0/src/lib/ast_apply_all_operator.c Examining data/libcypher-parser-0.6.0/src/lib/ast_null.c Examining data/libcypher-parser-0.6.0/src/lib/ast_match_hint.c Examining data/libcypher-parser-0.6.0/src/lib/operators.c Examining data/libcypher-parser-0.6.0/src/lib/ast_block_comment.c Examining data/libcypher-parser-0.6.0/src/lib/ast_label.c Examining data/libcypher-parser-0.6.0/src/lib/ast_unwind.c Examining data/libcypher-parser-0.6.0/src/lib/ast_range.c Examining data/libcypher-parser-0.6.0/src/lib/ast_return.c Examining data/libcypher-parser-0.6.0/src/lib/ast_merge.c Examining data/libcypher-parser-0.6.0/src/lib/ast_rel_pattern.c Examining data/libcypher-parser-0.6.0/src/lib/ast_command.c Examining data/libcypher-parser-0.6.0/src/lib/ast_create_node_prop_index.c Examining data/libcypher-parser-0.6.0/src/lib/ast_map_projection_selector.c Examining data/libcypher-parser-0.6.0/src/lib/ast_unary_operator.c Examining data/libcypher-parser-0.6.0/src/lib/ast_none.c Examining data/libcypher-parser-0.6.0/src/lib/ast_node_id_lookup.c Examining data/libcypher-parser-0.6.0/src/lib/vector.h Examining data/libcypher-parser-0.6.0/src/lib/ast_set_labels.c Examining data/libcypher-parser-0.6.0/src/lib/ast_set_all_properties.c Examining data/libcypher-parser-0.6.0/src/lib/parser.c Examining data/libcypher-parser-0.6.0/src/lib/ast_all_rels_scan.c Examining data/libcypher-parser-0.6.0/src/lib/ast_start.c Examining data/libcypher-parser-0.6.0/src/lib/ast_integer.c Examining data/libcypher-parser-0.6.0/src/lib/ast_order_by.c Examining data/libcypher-parser-0.6.0/src/lib/ast_load_csv.c Examining data/libcypher-parser-0.6.0/src/lib/ast_remove_item.c Examining data/libcypher-parser-0.6.0/src/lib/ast_expression.c Examining data/libcypher-parser-0.6.0/src/lib/ast_map.c Examining data/libcypher-parser-0.6.0/src/lib/ast_remove.c Examining data/libcypher-parser-0.6.0/src/lib/parser_config.h Examining data/libcypher-parser-0.6.0/src/lib/ast_delete.c Examining data/libcypher-parser-0.6.0/src/lib/errors.c Examining data/libcypher-parser-0.6.0/src/lib/ast_reltype.c Examining data/libcypher-parser-0.6.0/src/lib/ast_node_pattern.c Examining data/libcypher-parser-0.6.0/src/lib/result.c Examining data/libcypher-parser-0.6.0/src/lib/ast_subscript_operator.c Examining data/libcypher-parser-0.6.0/src/lib/quick_parser.c FINAL RESULTS: data/libcypher-parser-0.6.0/src/lib/cypher-parser.h:39:32: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. __attribute__((format (printf, string_index, first))) data/libcypher-parser-0.6.0/src/lib/errors.c:213:22: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. int prefix_len = vsnprintf(*buffer, *cap, prefix_format, ap); data/libcypher-parser-0.6.0/src/lib/errors.c:251:17: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. int r = vsnprintf(*buffer, *cap, prefix_format, ap); data/libcypher-parser-0.6.0/src/lib/parser_leg.c:44:25: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define yyprintf(args) fprintf args data/libcypher-parser-0.6.0/src/lib/quick_parser_leg.c:44:25: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define yyprintf(args) fprintf args data/libcypher-parser-0.6.0/src/lib/util.c:31:21: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ssize_t width = vsnprintf(*buf, *bufcap, format, ap); data/libcypher-parser-0.6.0/src/lib/util.c:47:17: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. width = vsnprintf(*buf, *bufcap, format, ap); data/libcypher-parser-0.6.0/src/bin/cypher-lint.c:126:17: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((c = getopt_long(argc, argv, shortopts, longopts, NULL)) >= 0) data/libcypher-parser-0.6.0/tests/check_libcypher-parser.c:30:25: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. unsigned int seed = random(); data/libcypher-parser-0.6.0/tests/check_libcypher-parser.c:32:5: [3] (random) srandom: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srandom(seed); data/libcypher-parser-0.6.0/src/bin/cypher-lint.c:152:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). config.width = atoi(optarg); data/libcypher-parser-0.6.0/src/bin/cypher-lint.c:189:32: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *stream = fopen(*argv, "r"); data/libcypher-parser-0.6.0/src/lib/ast.c:567:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char desc[3] = { '\\', '\0', '\0' }; data/libcypher-parser-0.6.0/src/lib/ast_apply_operator.c:70:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->args, args, nargs * sizeof(cypher_astnode_t *)); data/libcypher-parser-0.6.0/src/lib/ast_block_comment.c:58:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->p, s, n); data/libcypher-parser-0.6.0/src/lib/ast_case.c:69:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->alternatives, alternatives, data/libcypher-parser-0.6.0/src/lib/ast_collection.c:64:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->elements, elements, nelements * sizeof(cypher_astnode_t *)); data/libcypher-parser-0.6.0/src/lib/ast_command.c:61:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->args, args, nargs * sizeof(cypher_astnode_t *)); data/libcypher-parser-0.6.0/src/lib/ast_comparison.c:75:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->args, args, (length+1) * sizeof(cypher_astnode_t *)); data/libcypher-parser-0.6.0/src/lib/ast_cypher_option.c:68:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->params, params, nparams * sizeof(cypher_astnode_t *)); data/libcypher-parser-0.6.0/src/lib/ast_delete.c:66:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->expressions, expressions, data/libcypher-parser-0.6.0/src/lib/ast_error.c:53:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->p, s, n); data/libcypher-parser-0.6.0/src/lib/ast_float.c:58:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->p, s, n); data/libcypher-parser-0.6.0/src/lib/ast_foreach.c:70:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->clauses, clauses, nclauses * sizeof(cypher_astnode_t *)); data/libcypher-parser-0.6.0/src/lib/ast_function_name.c:53:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->p, s, n); data/libcypher-parser-0.6.0/src/lib/ast_identifier.c:58:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->p, s, n); data/libcypher-parser-0.6.0/src/lib/ast_index_name.c:53:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->p, s, n); data/libcypher-parser-0.6.0/src/lib/ast_integer.c:58:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->p, s, n); data/libcypher-parser-0.6.0/src/lib/ast_label.c:53:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->p, s, n); data/libcypher-parser-0.6.0/src/lib/ast_labels_operator.c:68:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->labels, labels, nlabels * sizeof(cypher_astnode_t *)); data/libcypher-parser-0.6.0/src/lib/ast_line_comment.c:58:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->p, s, n); data/libcypher-parser-0.6.0/src/lib/ast_map.c:110:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->pairs, pairs, nentries * 2 * sizeof(cypher_astnode_t *)); data/libcypher-parser-0.6.0/src/lib/ast_map_projection.c:68:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->selectors, selectors, nselectors * sizeof(cypher_astnode_t *)); data/libcypher-parser-0.6.0/src/lib/ast_match.c:71:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->hints, hints, nhints * sizeof(cypher_astnode_t *)); data/libcypher-parser-0.6.0/src/lib/ast_merge.c:66:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->actions, actions, nactions * sizeof(cypher_astnode_t *)); data/libcypher-parser-0.6.0/src/lib/ast_node_id_lookup.c:67:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->ids, ids, nids * sizeof(cypher_astnode_t *)); data/libcypher-parser-0.6.0/src/lib/ast_node_pattern.c:65:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->labels, labels, nlabels * sizeof(cypher_astnode_t *)); data/libcypher-parser-0.6.0/src/lib/ast_on_create.c:63:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->items, items, nitems * sizeof(cypher_astnode_t *)); data/libcypher-parser-0.6.0/src/lib/ast_on_match.c:63:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->items, items, nitems * sizeof(cypher_astnode_t *)); data/libcypher-parser-0.6.0/src/lib/ast_order_by.c:58:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->items, items, nitems * sizeof(cypher_astnode_t *)); data/libcypher-parser-0.6.0/src/lib/ast_parameter.c:58:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->p, s, n); data/libcypher-parser-0.6.0/src/lib/ast_pattern.c:58:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->paths, paths, npaths * sizeof(cypher_astnode_t *)); data/libcypher-parser-0.6.0/src/lib/ast_pattern_path.c:91:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->elements, elements, nelements * sizeof(cypher_astnode_t *)); data/libcypher-parser-0.6.0/src/lib/ast_proc_name.c:53:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->p, s, n); data/libcypher-parser-0.6.0/src/lib/ast_prop_name.c:53:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->p, s, n); data/libcypher-parser-0.6.0/src/lib/ast_query.c:72:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->clauses, clauses, nclauses * sizeof(cypher_astnode_t *)); data/libcypher-parser-0.6.0/src/lib/ast_rel_id_lookup.c:67:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->ids, ids, nids * sizeof(cypher_astnode_t *)); data/libcypher-parser-0.6.0/src/lib/ast_rel_pattern.c:70:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->reltypes, reltypes, nreltypes * sizeof(cypher_astnode_t *)); data/libcypher-parser-0.6.0/src/lib/ast_reltype.c:53:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->p, s, n); data/libcypher-parser-0.6.0/src/lib/ast_remove.c:63:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->items, items, nitems * sizeof(cypher_astnode_t *)); data/libcypher-parser-0.6.0/src/lib/ast_remove_labels.c:67:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->labels, labels, nlabels * sizeof(cypher_astnode_t *)); data/libcypher-parser-0.6.0/src/lib/ast_return.c:75:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->projections, projections, data/libcypher-parser-0.6.0/src/lib/ast_set.c:63:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->items, items, nitems * sizeof(cypher_astnode_t *)); data/libcypher-parser-0.6.0/src/lib/ast_set_labels.c:67:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->labels, labels, nlabels * sizeof(cypher_astnode_t *)); data/libcypher-parser-0.6.0/src/lib/ast_start.c:66:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->points, points, npoints * sizeof(cypher_astnode_t *)); data/libcypher-parser-0.6.0/src/lib/ast_statement.c:60:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->options, options, noptions * sizeof(cypher_astnode_t *)); data/libcypher-parser-0.6.0/src/lib/ast_string.c:58:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->p, s, n); data/libcypher-parser-0.6.0/src/lib/ast_using_join.c:65:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->identifiers, identifiers, data/libcypher-parser-0.6.0/src/lib/ast_with.c:77:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->projections, projections, data/libcypher-parser-0.6.0/src/lib/cypher-parser.h:90:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *normal[2]; data/libcypher-parser-0.6.0/src/lib/cypher-parser.h:91:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *error[2]; data/libcypher-parser-0.6.0/src/lib/cypher-parser.h:92:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *error_token[2]; data/libcypher-parser-0.6.0/src/lib/cypher-parser.h:93:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *error_message[2]; data/libcypher-parser-0.6.0/src/lib/cypher-parser.h:94:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *ast_ordinal[2]; data/libcypher-parser-0.6.0/src/lib/cypher-parser.h:95:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *ast_range[2]; data/libcypher-parser-0.6.0/src/lib/cypher-parser.h:96:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *ast_indent[2]; data/libcypher-parser-0.6.0/src/lib/cypher-parser.h:97:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *ast_type[2]; data/libcypher-parser-0.6.0/src/lib/cypher-parser.h:98:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *ast_desc[2]; data/libcypher-parser-0.6.0/src/lib/errors.c:153:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[4]; data/libcypher-parser-0.6.0/src/lib/errors.c:261:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, et->colorization->error_message[0], color_start_len); data/libcypher-parser-0.6.0/src/lib/errors.c:263:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, "expected", 8); data/libcypher-parser-0.6.0/src/lib/errors.c:270:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, et->labels[i], n); data/libcypher-parser-0.6.0/src/lib/errors.c:279:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, " or", 3); data/libcypher-parser-0.6.0/src/lib/errors.c:284:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, et->colorization->error_message[1], color_end_len); data/libcypher-parser-0.6.0/src/lib/parser.c:79:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, input->buffer, len); data/libcypher-parser-0.6.0/src/lib/parser_leg.c:212:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(yy->__text, yy->__buf + begin, yyleng); data/libcypher-parser-0.6.0/src/lib/quick_parser.c:53:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, input->buffer, len); data/libcypher-parser-0.6.0/src/lib/quick_parser_leg.c:212:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(yy->__text, yy->__buf + begin, yyleng); data/libcypher-parser-0.6.0/src/lib/result.c:107:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(errors + result->nerrors, segment->errors, data/libcypher-parser-0.6.0/src/lib/result.c:123:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(roots + result->nroots, segment->roots, data/libcypher-parser-0.6.0/src/lib/string_buffer.c:43:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sb->buffer + sb->length, s, n); data/libcypher-parser-0.6.0/src/lib/util.c:121:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(context, startp, n); data/libcypher-parser-0.6.0/src/lib/util.h:148:12: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. return memcpy(dst, src, n); data/libcypher-parser-0.6.0/src/lib/vector.c:79:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(vec->elements + (vec->length * vec->element_size), element, data/libcypher-parser-0.6.0/tests/check_quick_fparse.c:30:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *segments[MAX_SEGMENTS]; data/libcypher-parser-0.6.0/tests/check_quick_parse.c:28:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *segments[MAX_SEGMENTS]; data/libcypher-parser-0.6.0/tests/memstream.c:110:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, ms->buffer + ms->position, n); data/libcypher-parser-0.6.0/tests/memstream.c:130:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ms->buffer + ms->position, buf, nbytes); data/libcypher-parser-0.6.0/src/lib/ast.c:536:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *name_width = maxu(*name_width, strlen(typestr) + (depth * 2)); data/libcypher-parser-0.6.0/src/lib/ast.c:661:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). unsigned int consumed = depth * 2 + strlen(typestr); data/libcypher-parser-0.6.0/src/lib/ast_call.c:177:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(str + n, ", args=", size-n); data/libcypher-parser-0.6.0/src/lib/ast_call.c:195:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(str + n, ", YIELD=", size-n); data/libcypher-parser-0.6.0/src/lib/ast_match.c:148:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(str + n, ", hints=", (n < size)? size-n : 0); data/libcypher-parser-0.6.0/src/lib/ast_merge.c:124:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(str + n, ", actions=", (n < size)? size-n : 0); data/libcypher-parser-0.6.0/src/lib/ast_on_create.c:102:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(str, "items=", size); data/libcypher-parser-0.6.0/src/lib/ast_on_match.c:102:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(str, "items=", size); data/libcypher-parser-0.6.0/src/lib/ast_order_by.c:97:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(str, "items=", size); data/libcypher-parser-0.6.0/src/lib/ast_pattern.c:97:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(str, "paths=", size); data/libcypher-parser-0.6.0/src/lib/ast_query.c:140:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(str, "clauses=", size); data/libcypher-parser-0.6.0/src/lib/ast_remove.c:102:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(str, "items=", size); data/libcypher-parser-0.6.0/src/lib/ast_set.c:102:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(str, "items=", size); data/libcypher-parser-0.6.0/src/lib/ast_start.c:118:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(str+n, "points=", size-n); data/libcypher-parser-0.6.0/src/lib/ast_statement.c:116:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(str + n, "options=", size - n); data/libcypher-parser-0.6.0/src/lib/ast_statement.c:131:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(str + n, ", ", size - n); data/libcypher-parser-0.6.0/src/lib/ast_union.c:81:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(str, "ALL", size); data/libcypher-parser-0.6.0/src/lib/ast_using_join.c:107:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(str, "on=", size); data/libcypher-parser-0.6.0/src/lib/cypher-parser.h:5476:62: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define cypher_parse_each(s,b,d,l,c,f) (cypher_uparse_each(s,strlen(s),b,d,l,c,f)) data/libcypher-parser-0.6.0/src/lib/cypher-parser.h:5497:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define cypher_parse(s,l,c,f) (cypher_uparse(s,strlen(s),l,c,f)) data/libcypher-parser-0.6.0/src/lib/cypher-parser.h:5928:60: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define cypher_quick_parse(s,c,u,f) (cypher_quick_uparse(s,strlen(s),c,u,f)) data/libcypher-parser-0.6.0/src/lib/errors.c:220:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t color_start_len = strlen(et->colorization->error_message[0]); data/libcypher-parser-0.6.0/src/lib/errors.c:221:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t color_end_len = strlen(et->colorization->error_message[1]); data/libcypher-parser-0.6.0/src/lib/errors.c:227:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += strlen(et->labels[i]) + 2; data/libcypher-parser-0.6.0/src/lib/errors.c:269:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t n = strlen(et->labels[i]); data/libcypher-parser-0.6.0/src/lib/parser.c:110:13: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int c = getc(stream); data/libcypher-parser-0.6.0/src/lib/parser_leg.c:95:14: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int yyc= getchar(); \ data/libcypher-parser-0.6.0/src/lib/parser_leg.c:110:14: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int yyc= getchar(); \ data/libcypher-parser-0.6.0/src/lib/quick_parser.c:61:13: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int c = getc(stream); data/libcypher-parser-0.6.0/src/lib/quick_parser_leg.c:95:14: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int yyc= getchar(); \ data/libcypher-parser-0.6.0/src/lib/quick_parser_leg.c:110:14: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int yyc= getchar(); \ data/libcypher-parser-0.6.0/tests/check_util.c:51:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ctx = line_context(sample_text, strlen(sample_text)+1, &offset, 80); data/libcypher-parser-0.6.0/tests/check_util.c:61:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ctx = line_context(sample_text, strlen(sample_text)+1, &offset, 40); data/libcypher-parser-0.6.0/tests/check_util.c:71:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ctx = line_context(sample_text, strlen(sample_text)+1, &offset, 40); data/libcypher-parser-0.6.0/tests/check_util.c:81:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ctx = line_context(sample_text, strlen(sample_text)+1, &offset, 40); data/libcypher-parser-0.6.0/tests/check_util.c:91:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ctx = line_context(sample_text, strlen(sample_text)+1, &offset, 80); data/libcypher-parser-0.6.0/tests/check_util.c:97:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ctx = line_context(sample_text, strlen(sample_text)+1, &offset, 80); data/libcypher-parser-0.6.0/tests/check_util.c:107:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ctx = line_context(sample_text, strlen(sample_text)+1, &offset, 80); data/libcypher-parser-0.6.0/tests/check_util.c:118:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t offset = strlen(sample_text); data/libcypher-parser-0.6.0/tests/check_util.c:119:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ctx = line_context(sample_text, strlen(sample_text)+1, &offset, 80); ANALYSIS SUMMARY: Hits = 128 Lines analyzed = 49239 in approximately 1.60 seconds (30693 lines/second) Physical Source Lines of Code (SLOC) = 37162 Hits@level = [0] 147 [1] 40 [2] 78 [3] 3 [4] 7 [5] 0 Hits@level+ = [0+] 275 [1+] 128 [2+] 88 [3+] 10 [4+] 7 [5+] 0 Hits/KSLOC@level+ = [0+] 7.40003 [1+] 3.44438 [2+] 2.36801 [3+] 0.269092 [4+] 0.188364 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.