Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libunivalue-1.1.1+20191111/gen/gen.cpp
Examining data/libunivalue-1.1.1+20191111/include/univalue.h
Examining data/libunivalue-1.1.1+20191111/lib/univalue.cpp
Examining data/libunivalue-1.1.1+20191111/lib/univalue_escapes.h
Examining data/libunivalue-1.1.1+20191111/lib/univalue_get.cpp
Examining data/libunivalue-1.1.1+20191111/lib/univalue_read.cpp
Examining data/libunivalue-1.1.1+20191111/lib/univalue_utffilter.h
Examining data/libunivalue-1.1.1+20191111/lib/univalue_write.cpp
Examining data/libunivalue-1.1.1+20191111/test/no_nul.cpp
Examining data/libunivalue-1.1.1+20191111/test/object.cpp
Examining data/libunivalue-1.1.1+20191111/test/test_json.cpp
Examining data/libunivalue-1.1.1+20191111/test/unitester.cpp
FINAL RESULTS:
data/libunivalue-1.1.1+20191111/gen/gen.cpp:22:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[20];
data/libunivalue-1.1.1+20191111/lib/univalue_escapes.h:4:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *escapes[256] = {
data/libunivalue-1.1.1+20191111/test/unitester.cpp:60:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen(filename.c_str(), "r");
data/libunivalue-1.1.1+20191111/test/unitester.cpp:65:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/libunivalue-1.1.1+20191111/include/univalue.h:100:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(const char *raw, size_t len);
data/libunivalue-1.1.1+20191111/include/univalue.h:101:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(const char *raw) { return read(raw, strlen(raw)); }
data/libunivalue-1.1.1+20191111/include/univalue.h:101:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(const char *raw) { return read(raw, strlen(raw)); }
data/libunivalue-1.1.1+20191111/include/univalue.h:101:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bool read(const char *raw) { return read(raw, strlen(raw)); }
data/libunivalue-1.1.1+20191111/include/univalue.h:102:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(const std::string& rawStr) {
data/libunivalue-1.1.1+20191111/include/univalue.h:103:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read(rawStr.data(), rawStr.size());
data/libunivalue-1.1.1+20191111/lib/univalue_get.cpp:26:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (str.size() != strlen(str.c_str())) // No embedded NUL characters allowed
data/libunivalue-1.1.1+20191111/lib/univalue_read.cpp:259:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool UniValue::read(const char *raw, size_t size)
data/libunivalue-1.1.1+20191111/test/no_nul.cpp:7:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return val.read(buf + 3, 7) ? 0 : 1;
data/libunivalue-1.1.1+20191111/test/object.cpp:118:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
BOOST_CHECK(v5.read("[true, 10]"));
data/libunivalue-1.1.1+20191111/test/object.cpp:361:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
BOOST_CHECK(v.read(json1));
data/libunivalue-1.1.1+20191111/test/object.cpp:364:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
BOOST_CHECK(v.read(strJson1));
data/libunivalue-1.1.1+20191111/test/object.cpp:389:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
BOOST_CHECK(v.read(" {}\n "));
data/libunivalue-1.1.1+20191111/test/object.cpp:391:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
BOOST_CHECK(v.read(" []\n "));
data/libunivalue-1.1.1+20191111/test/object.cpp:394:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
BOOST_CHECK(!v.read("@{}"));
data/libunivalue-1.1.1+20191111/test/object.cpp:395:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
BOOST_CHECK(!v.read("{} garbage"));
data/libunivalue-1.1.1+20191111/test/object.cpp:396:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
BOOST_CHECK(!v.read("[]{}"));
data/libunivalue-1.1.1+20191111/test/object.cpp:397:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
BOOST_CHECK(!v.read("{}[]"));
data/libunivalue-1.1.1+20191111/test/object.cpp:398:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
BOOST_CHECK(!v.read("{} 42"));
data/libunivalue-1.1.1+20191111/test/test_json.cpp:16:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (val.read(string(istreambuf_iterator<char>(cin),
data/libunivalue-1.1.1+20191111/test/unitester.cpp:42:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool testResult = val.read(jdata);
data/libunivalue-1.1.1+20191111/test/unitester.cpp:144:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
testResult = val.read("[\"\\u0022\"]");
data/libunivalue-1.1.1+20191111/test/unitester.cpp:148:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
testResult = val.read("[\"\\u0191\"]");
data/libunivalue-1.1.1+20191111/test/unitester.cpp:152:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
testResult = val.read("[\"\\u2191\"]");
data/libunivalue-1.1.1+20191111/test/unitester.cpp:156:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
testResult = val.read("[\"\\ud834\\udd61\"]");
ANALYSIS SUMMARY:
Hits = 29
Lines analyzed = 2235 in approximately 0.11 seconds (21026 lines/second)
Physical Source Lines of Code (SLOC) = 1816
Hits@level = [0] 12 [1] 25 [2] 4 [3] 0 [4] 0 [5] 0
Hits@level+ = [0+] 41 [1+] 29 [2+] 4 [3+] 0 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 22.5771 [1+] 15.9692 [2+] 2.20264 [3+] 0 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.