Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/libunivalue-1.1.1+20191111/gen/gen.cpp Examining data/libunivalue-1.1.1+20191111/include/univalue.h Examining data/libunivalue-1.1.1+20191111/lib/univalue.cpp Examining data/libunivalue-1.1.1+20191111/lib/univalue_escapes.h Examining data/libunivalue-1.1.1+20191111/lib/univalue_get.cpp Examining data/libunivalue-1.1.1+20191111/lib/univalue_read.cpp Examining data/libunivalue-1.1.1+20191111/lib/univalue_utffilter.h Examining data/libunivalue-1.1.1+20191111/lib/univalue_write.cpp Examining data/libunivalue-1.1.1+20191111/test/no_nul.cpp Examining data/libunivalue-1.1.1+20191111/test/object.cpp Examining data/libunivalue-1.1.1+20191111/test/test_json.cpp Examining data/libunivalue-1.1.1+20191111/test/unitester.cpp FINAL RESULTS: data/libunivalue-1.1.1+20191111/gen/gen.cpp:22:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmpbuf[20]; data/libunivalue-1.1.1+20191111/lib/univalue_escapes.h:4:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char *escapes[256] = { data/libunivalue-1.1.1+20191111/test/unitester.cpp:60:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *f = fopen(filename.c_str(), "r"); data/libunivalue-1.1.1+20191111/test/unitester.cpp:65:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[4096]; data/libunivalue-1.1.1+20191111/include/univalue.h:100:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bool read(const char *raw, size_t len); data/libunivalue-1.1.1+20191111/include/univalue.h:101:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bool read(const char *raw) { return read(raw, strlen(raw)); } data/libunivalue-1.1.1+20191111/include/univalue.h:101:41: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bool read(const char *raw) { return read(raw, strlen(raw)); } data/libunivalue-1.1.1+20191111/include/univalue.h:101:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). bool read(const char *raw) { return read(raw, strlen(raw)); } data/libunivalue-1.1.1+20191111/include/univalue.h:102:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bool read(const std::string& rawStr) { data/libunivalue-1.1.1+20191111/include/univalue.h:103:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). return read(rawStr.data(), rawStr.size()); data/libunivalue-1.1.1+20191111/lib/univalue_get.cpp:26:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (str.size() != strlen(str.c_str())) // No embedded NUL characters allowed data/libunivalue-1.1.1+20191111/lib/univalue_read.cpp:259:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bool UniValue::read(const char *raw, size_t size) data/libunivalue-1.1.1+20191111/test/no_nul.cpp:7:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). return val.read(buf + 3, 7) ? 0 : 1; data/libunivalue-1.1.1+20191111/test/object.cpp:118:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). BOOST_CHECK(v5.read("[true, 10]")); data/libunivalue-1.1.1+20191111/test/object.cpp:361:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). BOOST_CHECK(v.read(json1)); data/libunivalue-1.1.1+20191111/test/object.cpp:364:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). BOOST_CHECK(v.read(strJson1)); data/libunivalue-1.1.1+20191111/test/object.cpp:389:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). BOOST_CHECK(v.read(" {}\n ")); data/libunivalue-1.1.1+20191111/test/object.cpp:391:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). BOOST_CHECK(v.read(" []\n ")); data/libunivalue-1.1.1+20191111/test/object.cpp:394:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). BOOST_CHECK(!v.read("@{}")); data/libunivalue-1.1.1+20191111/test/object.cpp:395:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). BOOST_CHECK(!v.read("{} garbage")); data/libunivalue-1.1.1+20191111/test/object.cpp:396:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). BOOST_CHECK(!v.read("[]{}")); data/libunivalue-1.1.1+20191111/test/object.cpp:397:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). BOOST_CHECK(!v.read("{}[]")); data/libunivalue-1.1.1+20191111/test/object.cpp:398:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). BOOST_CHECK(!v.read("{} 42")); data/libunivalue-1.1.1+20191111/test/test_json.cpp:16:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (val.read(string(istreambuf_iterator<char>(cin), data/libunivalue-1.1.1+20191111/test/unitester.cpp:42:31: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bool testResult = val.read(jdata); data/libunivalue-1.1.1+20191111/test/unitester.cpp:144:22: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). testResult = val.read("[\"\\u0022\"]"); data/libunivalue-1.1.1+20191111/test/unitester.cpp:148:22: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). testResult = val.read("[\"\\u0191\"]"); data/libunivalue-1.1.1+20191111/test/unitester.cpp:152:22: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). testResult = val.read("[\"\\u2191\"]"); data/libunivalue-1.1.1+20191111/test/unitester.cpp:156:22: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). testResult = val.read("[\"\\ud834\\udd61\"]"); ANALYSIS SUMMARY: Hits = 29 Lines analyzed = 2235 in approximately 0.11 seconds (21026 lines/second) Physical Source Lines of Code (SLOC) = 1816 Hits@level = [0] 12 [1] 25 [2] 4 [3] 0 [4] 0 [5] 0 Hits@level+ = [0+] 41 [1+] 29 [2+] 4 [3+] 0 [4+] 0 [5+] 0 Hits/KSLOC@level+ = [0+] 22.5771 [1+] 15.9692 [2+] 2.20264 [3+] 0 [4+] 0 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.