Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libint-1.2.1/src/bin/constants.h
Examining data/libint-1.2.1/src/bin/copyright.h
Examining data/libint-1.2.1/src/bin/libderiv/build_libderiv.c
Examining data/libint-1.2.1/src/bin/libderiv/build_libderiv.h
Examining data/libint-1.2.1/src/bin/libderiv/emit_d1hrr_build.c
Examining data/libint-1.2.1/src/bin/libderiv/emit_d1hrr_build_macro.c
Examining data/libint-1.2.1/src/bin/libderiv/emit_deriv12_managers.c
Examining data/libint-1.2.1/src/bin/libderiv/emit_deriv1_managers.c
Examining data/libint-1.2.1/src/bin/libderiv/emit_deriv_build.c
Examining data/libint-1.2.1/src/bin/libderiv/emit_deriv_build_macro.c
Examining data/libint-1.2.1/src/bin/libderiv/mem_man.c
Examining data/libint-1.2.1/src/bin/libderiv/mem_man.h
Examining data/libint-1.2.1/src/bin/libint/build_libint.c
Examining data/libint-1.2.1/src/bin/libint/build_libint.h
Examining data/libint-1.2.1/src/bin/libint/emit_hrr_build.c
Examining data/libint-1.2.1/src/bin/libint/emit_hrr_build_macro.c
Examining data/libint-1.2.1/src/bin/libint/emit_order.c
Examining data/libint-1.2.1/src/bin/libint/emit_vrr_build.c
Examining data/libint-1.2.1/src/bin/libint/emit_vrr_build_macro.c
Examining data/libint-1.2.1/src/bin/libint/mem_man.c
Examining data/libint-1.2.1/src/bin/libint/mem_man.h
Examining data/libint-1.2.1/src/bin/libr12/build_libr12.c
Examining data/libint-1.2.1/src/bin/libr12/build_libr12.h
Examining data/libint-1.2.1/src/bin/libr12/emit_gr_order.c
Examining data/libint-1.2.1/src/bin/libr12/emit_grt_order.c
Examining data/libint-1.2.1/src/bin/libr12/emit_hrr_t_build.c
Examining data/libint-1.2.1/src/bin/libr12/emit_vrr_r_build.c
Examining data/libint-1.2.1/src/bin/libr12/emit_vrr_t1_build.c
Examining data/libint-1.2.1/src/bin/libr12/emit_vrr_t2_build.c
Examining data/libint-1.2.1/src/bin/libr12/mem_man.c
Examining data/libint-1.2.1/src/bin/libr12/mem_man.h
Examining data/libint-1.2.1/src/lib/libint/vrr_build.c
Examining data/libint-1.2.1/src/lib/libr12/r_vrr_build.c
Examining data/libint-1.2.1/src/lib/libr12/t1_vrr_build.c
Examining data/libint-1.2.1/src/lib/libr12/t2_vrr_build.c

FINAL RESULTS:

data/libint-1.2.1/src/bin/libderiv/emit_deriv12_managers.c:162:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
      sprintf(hrr_code_name,"%s.cc",hrr_function_name);
data/libint-1.2.1/src/bin/libderiv/emit_deriv12_managers.c:164:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(vrr_code_name,"%s.h",vrr_function_name);
data/libint-1.2.1/src/bin/libderiv/emit_deriv12_managers.c:166:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(vrr_code_name,"%s.cc",vrr_function_name);
data/libint-1.2.1/src/bin/libderiv/emit_deriv12_managers.c:167:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
      sprintf(inline_vrr_list_name,"inline_%s.h",vrr_function_name);
data/libint-1.2.1/src/bin/libderiv/emit_deriv12_managers.c:168:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
      sprintf(inline_hrr_list_name,"inline_%s.h",hrr_function_name);
data/libint-1.2.1/src/bin/libderiv/emit_deriv1_managers.c:152:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
      sprintf(hrr_code_name,"%s.cc",hrr_function_name);
data/libint-1.2.1/src/bin/libderiv/emit_deriv1_managers.c:154:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(vrr_code_name,"%s.h",vrr_function_name);
data/libint-1.2.1/src/bin/libderiv/emit_deriv1_managers.c:156:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(vrr_code_name,"%s.cc",vrr_function_name);
data/libint-1.2.1/src/bin/libint/emit_hrr_build.c:106:4:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	  sprintf(subfunction_name[i],"_%s_%d",
data/libint-1.2.1/src/bin/libint/emit_hrr_build.c:111:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
      sprintf(code_name,"%s.cc",function_name);
data/libint-1.2.1/src/bin/libint/emit_hrr_build.c:252:4:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	  sprintf(subfunction_name[i],"_%s_%d",
data/libint-1.2.1/src/bin/libint/emit_hrr_build.c:257:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
      sprintf(code_name,"%s.cc",function_name);
data/libint-1.2.1/src/bin/libint/emit_hrr_build_macro.c:93:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
      sprintf(code_name,"%s.h",function_name);
data/libint-1.2.1/src/bin/libint/emit_hrr_build_macro.c:175:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
      sprintf(code_name,"%s.h",function_name);
data/libint-1.2.1/src/bin/libint/emit_order.c:146:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
      sprintf(hrr_code_name,"%s.cc",hrr_function_name);
data/libint-1.2.1/src/bin/libint/emit_order.c:148:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(vrr_code_name,"%s.h",vrr_function_name);
data/libint-1.2.1/src/bin/libint/emit_order.c:150:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(vrr_code_name,"%s.cc",vrr_function_name);
data/libint-1.2.1/src/bin/libint/emit_vrr_build.c:80:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(k1[i-1],(void *)number[i]);
data/libint-1.2.1/src/bin/libint/emit_vrr_build.c:81:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(k2[i-1],(void *)number[i]);
data/libint-1.2.1/src/bin/libint/emit_vrr_build.c:82:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(k3[i-1],(void *)number[i]);
data/libint-1.2.1/src/bin/libint/emit_vrr_build.c:83:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(k1[i-1],(void *)k1_suff);
data/libint-1.2.1/src/bin/libint/emit_vrr_build.c:84:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(k2[i-1],(void *)k2_suff);
data/libint-1.2.1/src/bin/libint/emit_vrr_build.c:85:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(k3[i-1],(void *)k3_suff);
data/libint-1.2.1/src/bin/libint/emit_vrr_build_macro.c:82:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(k1[i-1],(void *)number[i]);
data/libint-1.2.1/src/bin/libint/emit_vrr_build_macro.c:83:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(k2[i-1],(void *)number[i]);
data/libint-1.2.1/src/bin/libint/emit_vrr_build_macro.c:84:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(k3[i-1],(void *)number[i]);
data/libint-1.2.1/src/bin/libint/emit_vrr_build_macro.c:85:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(k1[i-1],(void *)k1_suff);
data/libint-1.2.1/src/bin/libint/emit_vrr_build_macro.c:86:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(k2[i-1],(void *)k2_suff);
data/libint-1.2.1/src/bin/libint/emit_vrr_build_macro.c:87:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(k3[i-1],(void *)k3_suff);
data/libint-1.2.1/src/bin/libr12/emit_hrr_t_build.c:92:4:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	  sprintf(subfunction_name[i],"_%s_%d",
data/libint-1.2.1/src/bin/libr12/emit_hrr_t_build.c:96:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
      sprintf(code_name,"%s.cc",function_name);
data/libint-1.2.1/src/bin/libr12/emit_hrr_t_build.c:265:4:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	  sprintf(subfunction_name[i],"_%s_%d",
data/libint-1.2.1/src/bin/libr12/emit_vrr_r_build.c:77:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(k1[i-1],(void *)number[i]);
data/libint-1.2.1/src/bin/libr12/emit_vrr_r_build.c:78:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(k2[i-1],(void *)number[i]);
data/libint-1.2.1/src/bin/libr12/emit_vrr_r_build.c:79:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(k3[i-1],(void *)number[i]);
data/libint-1.2.1/src/bin/libr12/emit_vrr_r_build.c:80:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(k1[i-1],(void *)k1_suff);
data/libint-1.2.1/src/bin/libr12/emit_vrr_r_build.c:81:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(k2[i-1],(void *)k2_suff);
data/libint-1.2.1/src/bin/libr12/emit_vrr_r_build.c:82:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(k3[i-1],(void *)k3_suff);
data/libint-1.2.1/src/bin/libr12/emit_vrr_t1_build.c:71:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(k1[i-1],(void *)number[i]);
data/libint-1.2.1/src/bin/libr12/emit_vrr_t1_build.c:72:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(k1[i-1],(void *)k1_suff);
data/libint-1.2.1/src/bin/libr12/emit_vrr_t2_build.c:71:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(k1[i-1],(void *)number[i]);
data/libint-1.2.1/src/bin/libr12/emit_vrr_t2_build.c:72:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(k1[i-1],(void *)k1_suff);
data/libint-1.2.1/src/bin/libderiv/build_libderiv.c:61:13:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  outfile = fopen("./output.dat", "w");
data/libint-1.2.1/src/bin/libderiv/build_libderiv.c:62:18:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  d1hrr_header = fopen("./d1hrr_header.h","w");
data/libint-1.2.1/src/bin/libderiv/build_libderiv.c:63:18:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  deriv_header = fopen("./deriv_header.h","w");
data/libint-1.2.1/src/bin/libderiv/build_libderiv.c:64:21:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  libderiv_header = fopen("./libderiv.h","w");
data/libint-1.2.1/src/bin/libderiv/build_libderiv.c:65:15:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  init_code = fopen("./init_libderiv.cc","w");
data/libint-1.2.1/src/bin/libderiv/emit_d1hrr_build.c:53:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char code_name[19];
data/libint-1.2.1/src/bin/libderiv/emit_d1hrr_build.c:54:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char function_name[17];
data/libint-1.2.1/src/bin/libderiv/emit_d1hrr_build.c:72:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(function_name,"d1hrr3_build_%c%c",am_letter[am_in[0]],am_letter[am_in[1]]);
data/libint-1.2.1/src/bin/libderiv/emit_d1hrr_build.c:73:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(code_name,"d1hrr3_build_%c%c.cc",am_letter[am_in[0]],am_letter[am_in[1]]);
data/libint-1.2.1/src/bin/libderiv/emit_d1hrr_build.c:74:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      code = fopen(code_name,"w");
data/libint-1.2.1/src/bin/libderiv/emit_d1hrr_build.c:152:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(function_name,"d1hrr1_build_%c%c",am_letter[am_in[0]],am_letter[am_in[1]]);
data/libint-1.2.1/src/bin/libderiv/emit_d1hrr_build.c:153:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(code_name,"d1hrr1_build_%c%c.cc",am_letter[am_in[0]],am_letter[am_in[1]]);
data/libint-1.2.1/src/bin/libderiv/emit_d1hrr_build.c:154:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      code = fopen(code_name,"w");
data/libint-1.2.1/src/bin/libderiv/emit_d1hrr_build_macro.c:53:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char code_name[19];
data/libint-1.2.1/src/bin/libderiv/emit_d1hrr_build_macro.c:54:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char function_name[17];
data/libint-1.2.1/src/bin/libderiv/emit_d1hrr_build_macro.c:74:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(function_name,"d1hrr3_build_%c%c",am_letter[am_in[0]],am_letter[am_in[1]]);
data/libint-1.2.1/src/bin/libderiv/emit_d1hrr_build_macro.c:75:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(code_name,"d1hrr3_build_%c%c.h",am_letter[am_in[0]],am_letter[am_in[1]]);
data/libint-1.2.1/src/bin/libderiv/emit_d1hrr_build_macro.c:76:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      code = fopen(code_name,"w");
data/libint-1.2.1/src/bin/libderiv/emit_d1hrr_build_macro.c:155:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(function_name,"d1hrr1_build_%c%c",am_letter[am_in[0]],am_letter[am_in[1]]);
data/libint-1.2.1/src/bin/libderiv/emit_d1hrr_build_macro.c:156:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(code_name,"d1hrr1_build_%c%c.h",am_letter[am_in[0]],am_letter[am_in[1]]);
data/libint-1.2.1/src/bin/libderiv/emit_d1hrr_build_macro.c:157:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      code = fopen(code_name,"w");
data/libint-1.2.1/src/bin/libderiv/emit_deriv12_managers.c:118:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char hrr_code_name[80];
data/libint-1.2.1/src/bin/libderiv/emit_deriv12_managers.c:119:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char hrr_function_name[80];
data/libint-1.2.1/src/bin/libderiv/emit_deriv12_managers.c:120:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char vrr_code_name[80];
data/libint-1.2.1/src/bin/libderiv/emit_deriv12_managers.c:121:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char vrr_function_name[80];
data/libint-1.2.1/src/bin/libderiv/emit_deriv12_managers.c:122:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char inline_vrr_list_name[80];
data/libint-1.2.1/src/bin/libderiv/emit_deriv12_managers.c:123:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char inline_hrr_list_name[80];
data/libint-1.2.1/src/bin/libderiv/emit_deriv12_managers.c:152:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(hrr_function_name,"d12hrr_order_%c%c%c%c",
data/libint-1.2.1/src/bin/libderiv/emit_deriv12_managers.c:157:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(vrr_function_name,"d12vrr_order_%c%c%c%c",
data/libint-1.2.1/src/bin/libderiv/emit_deriv12_managers.c:169:18:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      hrr_code = fopen(hrr_code_name,"w");
data/libint-1.2.1/src/bin/libderiv/emit_deriv12_managers.c:170:18:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      vrr_code = fopen(vrr_code_name,"w");
data/libint-1.2.1/src/bin/libderiv/emit_deriv12_managers.c:171:25:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      inline_vrr_list = fopen(inline_vrr_list_name,"w");
data/libint-1.2.1/src/bin/libderiv/emit_deriv12_managers.c:172:25:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      inline_hrr_list = fopen(inline_hrr_list_name,"w");
data/libint-1.2.1/src/bin/libderiv/emit_deriv12_managers.c:502:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	  memcpy(vrr_nodes[last_vrr_node].deriv_ind,hrr_nodes[i].deriv_ind,12*sizeof(int));
data/libint-1.2.1/src/bin/libderiv/emit_deriv12_managers.c:831:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(O[0].deriv_ind,node.deriv_ind,12*sizeof(int));
data/libint-1.2.1/src/bin/libderiv/emit_deriv12_managers.c:840:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(O[1].deriv_ind,node.deriv_ind,12*sizeof(int));
data/libint-1.2.1/src/bin/libderiv/emit_deriv12_managers.c:851:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(O[2+i].deriv_ind,node.deriv_ind,12*sizeof(int));
data/libint-1.2.1/src/bin/libderiv/emit_deriv12_managers.c:864:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(O[0].deriv_ind,node.deriv_ind,12*sizeof(int));
data/libint-1.2.1/src/bin/libderiv/emit_deriv12_managers.c:873:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(O[1].deriv_ind,node.deriv_ind,12*sizeof(int));
data/libint-1.2.1/src/bin/libderiv/emit_deriv12_managers.c:884:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(O[2+i].deriv_ind,node.deriv_ind,12*sizeof(int));
data/libint-1.2.1/src/bin/libderiv/emit_deriv1_managers.c:146:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(hrr_function_name,"d1hrr_order_%c%c%c%c",
data/libint-1.2.1/src/bin/libderiv/emit_deriv1_managers.c:149:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(vrr_function_name,"d1vrr_order_%c%c%c%c",
data/libint-1.2.1/src/bin/libderiv/emit_deriv1_managers.c:157:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(inline_vrr_list_name,"inline_d1vrr_order_%c%c%c%c.h",
data/libint-1.2.1/src/bin/libderiv/emit_deriv1_managers.c:160:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(inline_hrr_list_name,"inline_d1hrr_order_%c%c%c%c.h",
data/libint-1.2.1/src/bin/libderiv/emit_deriv1_managers.c:163:18:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      hrr_code = fopen(hrr_code_name,"w");
data/libint-1.2.1/src/bin/libderiv/emit_deriv1_managers.c:164:18:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      vrr_code = fopen(vrr_code_name,"w");
data/libint-1.2.1/src/bin/libderiv/emit_deriv1_managers.c:165:25:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      inline_vrr_list = fopen(inline_vrr_list_name,"w");
data/libint-1.2.1/src/bin/libderiv/emit_deriv1_managers.c:166:25:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      inline_hrr_list = fopen(inline_hrr_list_name,"w");
data/libint-1.2.1/src/bin/libderiv/emit_deriv1_managers.c:451:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	  memcpy(vrr_nodes[last_vrr_node].deriv_ind,hrr_nodes[i].deriv_ind,12*sizeof(int));
data/libint-1.2.1/src/bin/libderiv/emit_deriv1_managers.c:771:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(O[0].deriv_ind,node.deriv_ind,12*sizeof(int));
data/libint-1.2.1/src/bin/libderiv/emit_deriv1_managers.c:780:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(O[1].deriv_ind,node.deriv_ind,12*sizeof(int));
data/libint-1.2.1/src/bin/libderiv/emit_deriv1_managers.c:791:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(O[2+i].deriv_ind,node.deriv_ind,12*sizeof(int));
data/libint-1.2.1/src/bin/libderiv/emit_deriv1_managers.c:804:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(O[0].deriv_ind,node.deriv_ind,12*sizeof(int));
data/libint-1.2.1/src/bin/libderiv/emit_deriv1_managers.c:813:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(O[1].deriv_ind,node.deriv_ind,12*sizeof(int));
data/libint-1.2.1/src/bin/libderiv/emit_deriv1_managers.c:824:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(O[2+i].deriv_ind,node.deriv_ind,12*sizeof(int));
data/libint-1.2.1/src/bin/libderiv/emit_deriv_build.c:76:9:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	code = fopen(code_name,"w");
data/libint-1.2.1/src/bin/libderiv/emit_deriv_build.c:182:9:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	code = fopen(code_name,"w");
data/libint-1.2.1/src/bin/libderiv/emit_deriv_build.c:290:9:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	code = fopen(code_name,"w");
data/libint-1.2.1/src/bin/libderiv/emit_deriv_build.c:397:9:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	code = fopen(code_name,"w");
data/libint-1.2.1/src/bin/libderiv/emit_deriv_build_macro.c:79:9:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	code = fopen(code_name,"w");
data/libint-1.2.1/src/bin/libderiv/emit_deriv_build_macro.c:179:9:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	code = fopen(code_name,"w");
data/libint-1.2.1/src/bin/libderiv/emit_deriv_build_macro.c:283:9:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	code = fopen(code_name,"w");
data/libint-1.2.1/src/bin/libderiv/emit_deriv_build_macro.c:386:9:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	code = fopen(code_name,"w");
data/libint-1.2.1/src/bin/libint/build_libint.c:83:13:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  outfile = fopen("./output.dat", "w");
data/libint-1.2.1/src/bin/libint/build_libint.c:84:16:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  vrr_header = fopen("./vrr_header.h","w");
data/libint-1.2.1/src/bin/libint/build_libint.c:85:16:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  hrr_header = fopen("./hrr_header.h","w");
data/libint-1.2.1/src/bin/libint/build_libint.c:86:19:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  libint_header = fopen("./libint.h","w");
data/libint-1.2.1/src/bin/libint/build_libint.c:87:15:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  init_code = fopen("./init_libint.cc","w");
data/libint-1.2.1/src/bin/libint/build_libint.c:112:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(real_type,"long double");
data/libint-1.2.1/src/bin/libint/build_libint.c:117:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(real_type,"double");
data/libint-1.2.1/src/bin/libint/emit_hrr_build.c:60:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char code_name[20];
data/libint-1.2.1/src/bin/libint/emit_hrr_build.c:61:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char function_name[18];
data/libint-1.2.1/src/bin/libint/emit_hrr_build.c:101:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(function_name,"hrr3_build_%c%c",am_letter[am_in[0]],am_letter[am_in[1]]);
data/libint-1.2.1/src/bin/libint/emit_hrr_build.c:112:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      code = fopen(code_name,"w");
data/libint-1.2.1/src/bin/libint/emit_hrr_build.c:247:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(function_name,"hrr1_build_%c%c",am_letter[am_in[0]],am_letter[am_in[1]]);
data/libint-1.2.1/src/bin/libint/emit_hrr_build.c:258:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      code = fopen(code_name,"w");
data/libint-1.2.1/src/bin/libint/emit_hrr_build_macro.c:59:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char code_name[20];
data/libint-1.2.1/src/bin/libint/emit_hrr_build_macro.c:60:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char function_name[18];
data/libint-1.2.1/src/bin/libint/emit_hrr_build_macro.c:92:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(function_name,"hrr3_build_%c%c",am_letter[am_in[0]],am_letter[am_in[1]]);
data/libint-1.2.1/src/bin/libint/emit_hrr_build_macro.c:94:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      code = fopen(code_name,"w");
data/libint-1.2.1/src/bin/libint/emit_hrr_build_macro.c:174:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(function_name,"hrr1_build_%c%c",am_letter[am_in[0]],am_letter[am_in[1]]);
data/libint-1.2.1/src/bin/libint/emit_hrr_build_macro.c:176:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      code = fopen(code_name,"w");
data/libint-1.2.1/src/bin/libint/emit_order.c:140:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(hrr_function_name,"hrr_order_%c%c%c%c",
data/libint-1.2.1/src/bin/libint/emit_order.c:143:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(vrr_function_name,"vrr_order_%c%c%c%c",
data/libint-1.2.1/src/bin/libint/emit_order.c:151:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(inline_vrr_list_name,"inline_vrr_order_%c%c%c%c.h",
data/libint-1.2.1/src/bin/libint/emit_order.c:154:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(inline_hrr_list_name,"inline_hrr_order_%c%c%c%c.h",
data/libint-1.2.1/src/bin/libint/emit_order.c:157:18:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      hrr_code = fopen(hrr_code_name,"w");
data/libint-1.2.1/src/bin/libint/emit_order.c:158:18:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      vrr_code = fopen(vrr_code_name,"w");
data/libint-1.2.1/src/bin/libint/emit_order.c:159:25:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      inline_vrr_list = fopen(inline_vrr_list_name,"w");
data/libint-1.2.1/src/bin/libint/emit_order.c:160:25:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      inline_hrr_list = fopen(inline_hrr_list_name,"w");
data/libint-1.2.1/src/bin/libint/emit_vrr_build.c:148:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(function_name,"build_%c0%c0",am_letter[la],am_letter[lc]);
data/libint-1.2.1/src/bin/libint/emit_vrr_build.c:149:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(code_name,"build_%c0%c0.cc",am_letter[la],am_letter[lc]);
data/libint-1.2.1/src/bin/libint/emit_vrr_build.c:150:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      code = fopen(code_name,"w");
data/libint-1.2.1/src/bin/libint/emit_vrr_build.c:167:4:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	  sprintf(subfunction_name[i],"_build_%c0%c0_%d",am_letter[la],am_letter[lc],i);
data/libint-1.2.1/src/bin/libint/emit_vrr_build_macro.c:131:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(function_name,"build_%c0%c0",am_letter[la],am_letter[lc]);
data/libint-1.2.1/src/bin/libint/emit_vrr_build_macro.c:132:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(code_name,"build_%c0%c0.h",am_letter[la],am_letter[lc]);
data/libint-1.2.1/src/bin/libint/emit_vrr_build_macro.c:133:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      code = fopen(code_name,"w");
data/libint-1.2.1/src/bin/libr12/build_libr12.c:72:13:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  outfile = fopen("./output.dat", "w");
data/libint-1.2.1/src/bin/libr12/build_libr12.c:73:16:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  hrr_header = fopen("./r12_hrr_header.h","w");
data/libint-1.2.1/src/bin/libr12/build_libr12.c:74:16:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  vrr_header = fopen("./r12_vrr_header.h","w");
data/libint-1.2.1/src/bin/libr12/build_libr12.c:75:19:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  libr12_header = fopen("./libr12.h","w");
data/libint-1.2.1/src/bin/libr12/build_libr12.c:76:15:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  init_code = fopen("./init_libr12.cc","w");
data/libint-1.2.1/src/bin/libr12/emit_gr_order.c:144:18:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      hrr_code = fopen(hrr_code_name,"w");
data/libint-1.2.1/src/bin/libr12/emit_gr_order.c:149:18:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      vrr_code = fopen(vrr_code_name,"w");
data/libint-1.2.1/src/bin/libr12/emit_grt_order.c:143:18:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      hrr_code = fopen(hrr_code_name,"w");
data/libint-1.2.1/src/bin/libr12/emit_grt_order.c:148:18:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      vrr_code = fopen(vrr_code_name,"w");
data/libint-1.2.1/src/bin/libr12/emit_hrr_t_build.c:57:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char code_name[21];
data/libint-1.2.1/src/bin/libr12/emit_hrr_t_build.c:58:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char function_name[18];
data/libint-1.2.1/src/bin/libr12/emit_hrr_t_build.c:87:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(function_name,"t2hrr3_build_%c%c",am_letter[am_in[0]],am_letter[am_in[1]]);
data/libint-1.2.1/src/bin/libr12/emit_hrr_t_build.c:97:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      code = fopen(code_name,"w");
data/libint-1.2.1/src/bin/libr12/emit_hrr_t_build.c:260:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(function_name,"t1hrr1_build_%c%c",am_letter[am_in[0]],am_letter[am_in[1]]);
data/libint-1.2.1/src/bin/libr12/emit_hrr_t_build.c:269:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(code_name,"t1hrr1_build_%c%c.cc",am_letter[am_in[0]],am_letter[am_in[1]]);
data/libint-1.2.1/src/bin/libr12/emit_hrr_t_build.c:270:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      code = fopen(code_name,"w");
data/libint-1.2.1/src/bin/libr12/emit_vrr_r_build.c:132:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(function_name,"r_build_%c0%c0",am_letter[la],am_letter[lc]);
data/libint-1.2.1/src/bin/libr12/emit_vrr_r_build.c:133:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(code_name,"r_build_%c0%c0.cc",am_letter[la],am_letter[lc]);
data/libint-1.2.1/src/bin/libr12/emit_vrr_r_build.c:134:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      code = fopen(code_name,"w");
data/libint-1.2.1/src/bin/libr12/emit_vrr_r_build.c:152:4:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	  sprintf(subfunction_name[i],"_r_build_%c0%c0_%d",am_letter[la],am_letter[lc],i);
data/libint-1.2.1/src/bin/libr12/emit_vrr_t1_build.c:111:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(function_name,"t1_build_%c0%c0",am_letter[la],am_letter[lc]);
data/libint-1.2.1/src/bin/libr12/emit_vrr_t1_build.c:112:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(code_name,"t1_build_%c0%c0.cc",am_letter[la],am_letter[lc]);
data/libint-1.2.1/src/bin/libr12/emit_vrr_t1_build.c:113:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      code = fopen(code_name,"w");
data/libint-1.2.1/src/bin/libr12/emit_vrr_t1_build.c:132:4:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	  sprintf(subfunction_name[i],"_t1_build_%c0%c0_%d",am_letter[la],am_letter[lc],i);
data/libint-1.2.1/src/bin/libr12/emit_vrr_t2_build.c:111:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(function_name,"t2_build_%c0%c0",am_letter[la],am_letter[lc]);
data/libint-1.2.1/src/bin/libr12/emit_vrr_t2_build.c:112:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(code_name,"t2_build_%c0%c0.cc",am_letter[la],am_letter[lc]);
data/libint-1.2.1/src/bin/libr12/emit_vrr_t2_build.c:113:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      code = fopen(code_name,"w");
data/libint-1.2.1/src/bin/libr12/emit_vrr_t2_build.c:132:4:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	  sprintf(subfunction_name[i],"_t2_build_%c0%c0_%d",am_letter[la],am_letter[lc],i);
data/libint-1.2.1/src/bin/libint/build_libint.c:110:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    i = strlen("long double") + 1;
data/libint-1.2.1/src/bin/libint/build_libint.c:115:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    i = strlen("double") + 1;
data/libint-1.2.1/src/bin/libint/emit_vrr_build.c:76:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    j = strlen((void *)number[i]);
data/libint-1.2.1/src/bin/libint/emit_vrr_build_macro.c:78:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    j = strlen((void *)number[i]);
data/libint-1.2.1/src/bin/libr12/emit_vrr_r_build.c:73:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    j = strlen((void *)number[i]);
data/libint-1.2.1/src/bin/libr12/emit_vrr_t1_build.c:69:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    j = strlen((void *)number[i]);
data/libint-1.2.1/src/bin/libr12/emit_vrr_t2_build.c:69:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    j = strlen((void *)number[i]);

ANALYSIS SUMMARY:

Hits = 174
Lines analyzed = 12292 in approximately 0.64 seconds (19125 lines/second)
Physical Source Lines of Code (SLOC) = 9492
Hits@level = [0] 1645 [1]   7 [2] 125 [3]   0 [4]  42 [5]   0
Hits@level+ = [0+] 1819 [1+] 174 [2+] 167 [3+]  42 [4+]  42 [5+]   0
Hits/KSLOC@level+ = [0+] 191.635 [1+] 18.3312 [2+] 17.5938 [3+] 4.42478 [4+] 4.42478 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.