Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libxc-4.3.4/examples/basic.c
Examining data/libxc-4.3.4/examples/get_refs.c
Examining data/libxc-4.3.4/src/bessel.c
Examining data/libxc-4.3.4/src/expint_e1.c
Examining data/libxc-4.3.4/src/func_info.c
Examining data/libxc-4.3.4/src/func_reference.c
Examining data/libxc-4.3.4/src/functionals.c
Examining data/libxc-4.3.4/src/genwiki.c
Examining data/libxc-4.3.4/src/gga.c
Examining data/libxc-4.3.4/src/gga_c_am05.c
Examining data/libxc-4.3.4/src/gga_c_bcgp.c
Examining data/libxc-4.3.4/src/gga_c_bmk.c
Examining data/libxc-4.3.4/src/gga_c_cs1.c
Examining data/libxc-4.3.4/src/gga_c_ft97.c
Examining data/libxc-4.3.4/src/gga_c_gapc.c
Examining data/libxc-4.3.4/src/gga_c_gaploc.c
Examining data/libxc-4.3.4/src/gga_c_hcth_a.c
Examining data/libxc-4.3.4/src/gga_c_lm.c
Examining data/libxc-4.3.4/src/gga_c_lyp.c
Examining data/libxc-4.3.4/src/gga_c_op_b88.c
Examining data/libxc-4.3.4/src/gga_c_op_g96.c
Examining data/libxc-4.3.4/src/gga_c_op_pbe.c
Examining data/libxc-4.3.4/src/gga_c_op_pw91.c
Examining data/libxc-4.3.4/src/gga_c_op_xalpha.c
Examining data/libxc-4.3.4/src/gga_c_optc.c
Examining data/libxc-4.3.4/src/gga_c_p86.c
Examining data/libxc-4.3.4/src/gga_c_pbe.c
Examining data/libxc-4.3.4/src/gga_c_pbeloc.c
Examining data/libxc-4.3.4/src/gga_c_pw91.c
Examining data/libxc-4.3.4/src/gga_c_q2d.c
Examining data/libxc-4.3.4/src/gga_c_regtpss.c
Examining data/libxc-4.3.4/src/gga_c_revtca.c
Examining data/libxc-4.3.4/src/gga_c_scan_e0.c
Examining data/libxc-4.3.4/src/gga_c_sg4.c
Examining data/libxc-4.3.4/src/gga_c_sogga11.c
Examining data/libxc-4.3.4/src/gga_c_tca.c
Examining data/libxc-4.3.4/src/gga_c_w94.c
Examining data/libxc-4.3.4/src/gga_c_wi.c
Examining data/libxc-4.3.4/src/gga_c_wl.c
Examining data/libxc-4.3.4/src/gga_c_zpbeint.c
Examining data/libxc-4.3.4/src/gga_c_zvpbeint.c
Examining data/libxc-4.3.4/src/gga_k_dk.c
Examining data/libxc-4.3.4/src/gga_k_exp4.c
Examining data/libxc-4.3.4/src/gga_k_meyer.c
Examining data/libxc-4.3.4/src/gga_k_ol1.c
Examining data/libxc-4.3.4/src/gga_k_ol2.c
Examining data/libxc-4.3.4/src/gga_k_pearson.c
Examining data/libxc-4.3.4/src/gga_k_tflw.c
Examining data/libxc-4.3.4/src/gga_k_thakkar.c
Examining data/libxc-4.3.4/src/gga_x_2d_b86.c
Examining data/libxc-4.3.4/src/gga_x_2d_b86_mgc.c
Examining data/libxc-4.3.4/src/gga_x_2d_b88.c
Examining data/libxc-4.3.4/src/gga_x_2d_pbe.c
Examining data/libxc-4.3.4/src/gga_x_airy.c
Examining data/libxc-4.3.4/src/gga_x_ak13.c
Examining data/libxc-4.3.4/src/gga_x_am05.c
Examining data/libxc-4.3.4/src/gga_x_b86.c
Examining data/libxc-4.3.4/src/gga_x_b88.c
Examining data/libxc-4.3.4/src/gga_x_bayesian.c
Examining data/libxc-4.3.4/src/gga_x_beefvdw.c
Examining data/libxc-4.3.4/src/gga_x_bpccac.c
Examining data/libxc-4.3.4/src/gga_x_c09x.c
Examining data/libxc-4.3.4/src/gga_x_cap.c
Examining data/libxc-4.3.4/src/gga_x_chachiyo.c
Examining data/libxc-4.3.4/src/gga_x_dk87.c
Examining data/libxc-4.3.4/src/gga_x_ev93.c
Examining data/libxc-4.3.4/src/gga_x_ft97.c
Examining data/libxc-4.3.4/src/gga_x_g96.c
Examining data/libxc-4.3.4/src/gga_x_gg99.c
Examining data/libxc-4.3.4/src/gga_x_hcth_a.c
Examining data/libxc-4.3.4/src/gga_x_herman.c
Examining data/libxc-4.3.4/src/gga_x_hjs.c
Examining data/libxc-4.3.4/src/gga_x_hjs_b88_v2.c
Examining data/libxc-4.3.4/src/gga_x_htbs.c
Examining data/libxc-4.3.4/src/gga_x_ityh.c
Examining data/libxc-4.3.4/src/gga_x_kt.c
Examining data/libxc-4.3.4/src/gga_x_lag.c
Examining data/libxc-4.3.4/src/gga_x_lb.c
Examining data/libxc-4.3.4/src/gga_x_lg93.c
Examining data/libxc-4.3.4/src/gga_x_lv_rpw86.c
Examining data/libxc-4.3.4/src/gga_x_mpbe.c
Examining data/libxc-4.3.4/src/gga_x_n12.c
Examining data/libxc-4.3.4/src/gga_x_optx.c
Examining data/libxc-4.3.4/src/gga_x_pbe.c
Examining data/libxc-4.3.4/src/gga_x_pbea.c
Examining data/libxc-4.3.4/src/gga_x_pbeint.c
Examining data/libxc-4.3.4/src/gga_x_pbepow.c
Examining data/libxc-4.3.4/src/gga_x_pbetrans.c
Examining data/libxc-4.3.4/src/gga_x_pw86.c
Examining data/libxc-4.3.4/src/gga_x_pw91.c
Examining data/libxc-4.3.4/src/gga_x_q2d.c
Examining data/libxc-4.3.4/src/gga_x_rge2.c
Examining data/libxc-4.3.4/src/gga_x_rpbe.c
Examining data/libxc-4.3.4/src/gga_x_sfat.c
Examining data/libxc-4.3.4/src/gga_x_sg4.c
Examining data/libxc-4.3.4/src/gga_x_sogga11.c
Examining data/libxc-4.3.4/src/gga_x_ssb_sw.c
Examining data/libxc-4.3.4/src/gga_x_vmt.c
Examining data/libxc-4.3.4/src/gga_x_vmt84.c
Examining data/libxc-4.3.4/src/gga_x_wc.c
Examining data/libxc-4.3.4/src/gga_x_wpbeh.c
Examining data/libxc-4.3.4/src/gga_xc_1w.c
Examining data/libxc-4.3.4/src/gga_xc_b97.c
Examining data/libxc-4.3.4/src/gga_xc_edf1.c
Examining data/libxc-4.3.4/src/gga_xc_oblyp_d.c
Examining data/libxc-4.3.4/src/gga_xc_th1.c
Examining data/libxc-4.3.4/src/gga_xc_th2.c
Examining data/libxc-4.3.4/src/gga_xc_th3.c
Examining data/libxc-4.3.4/src/gga_xc_vv10.c
Examining data/libxc-4.3.4/src/hyb_gga_xc_b1wc.c
Examining data/libxc-4.3.4/src/hyb_gga_xc_b3lyp.c
Examining data/libxc-4.3.4/src/hyb_gga_xc_cam_b3lyp.c
Examining data/libxc-4.3.4/src/hyb_gga_xc_camy_b3lyp.c
Examining data/libxc-4.3.4/src/hyb_gga_xc_camy_blyp.c
Examining data/libxc-4.3.4/src/hyb_gga_xc_edf2.c
Examining data/libxc-4.3.4/src/hyb_gga_xc_hse.c
Examining data/libxc-4.3.4/src/hyb_gga_xc_lcy_blyp.c
Examining data/libxc-4.3.4/src/hyb_gga_xc_lcy_pbe.c
Examining data/libxc-4.3.4/src/hyb_gga_xc_o3lyp.c
Examining data/libxc-4.3.4/src/hyb_gga_xc_pbeh.c
Examining data/libxc-4.3.4/src/hyb_gga_xc_wb97.c
Examining data/libxc-4.3.4/src/hyb_mgga_x_dldf.c
Examining data/libxc-4.3.4/src/hyb_mgga_x_m05.c
Examining data/libxc-4.3.4/src/hyb_mgga_x_mvsh.c
Examining data/libxc-4.3.4/src/hyb_mgga_xc_b88b95.c
Examining data/libxc-4.3.4/src/hyb_mgga_xc_kcis.c
Examining data/libxc-4.3.4/src/hyb_mgga_xc_tpssh.c
Examining data/libxc-4.3.4/src/hyb_mgga_xc_wb97mv.c
Examining data/libxc-4.3.4/src/integrate.c
Examining data/libxc-4.3.4/src/lda.c
Examining data/libxc-4.3.4/src/lda_c_1d_csc.c
Examining data/libxc-4.3.4/src/lda_c_1d_loos.c
Examining data/libxc-4.3.4/src/lda_c_2d_amgb.c
Examining data/libxc-4.3.4/src/lda_c_2d_prm.c
Examining data/libxc-4.3.4/src/lda_c_chachiyo.c
Examining data/libxc-4.3.4/src/lda_c_gk72.c
Examining data/libxc-4.3.4/src/lda_c_gombas.c
Examining data/libxc-4.3.4/src/lda_c_hl.c
Examining data/libxc-4.3.4/src/lda_c_lp96.c
Examining data/libxc-4.3.4/src/lda_c_ml1.c
Examining data/libxc-4.3.4/src/lda_c_pw.c
Examining data/libxc-4.3.4/src/lda_c_pz.c
Examining data/libxc-4.3.4/src/lda_c_rc04.c
Examining data/libxc-4.3.4/src/lda_c_rpa.c
Examining data/libxc-4.3.4/src/lda_c_vwn.c
Examining data/libxc-4.3.4/src/lda_c_vwn_1.c
Examining data/libxc-4.3.4/src/lda_c_vwn_2.c
Examining data/libxc-4.3.4/src/lda_c_vwn_3.c
Examining data/libxc-4.3.4/src/lda_c_vwn_4.c
Examining data/libxc-4.3.4/src/lda_c_vwn_rpa.c
Examining data/libxc-4.3.4/src/lda_c_wigner.c
Examining data/libxc-4.3.4/src/lda_k_tf.c
Examining data/libxc-4.3.4/src/lda_k_zlp.c
Examining data/libxc-4.3.4/src/lda_x.c
Examining data/libxc-4.3.4/src/lda_x_1d.c
Examining data/libxc-4.3.4/src/lda_x_2d.c
Examining data/libxc-4.3.4/src/lda_x_erf.c
Examining data/libxc-4.3.4/src/lda_x_rel.c
Examining data/libxc-4.3.4/src/lda_xc_1d_ehwlrg.c
Examining data/libxc-4.3.4/src/lda_xc_ksdt.c
Examining data/libxc-4.3.4/src/lda_xc_teter93.c
Examining data/libxc-4.3.4/src/lda_xc_zlp.c
Examining data/libxc-4.3.4/src/maple2c/gga_c_am05.c
Examining data/libxc-4.3.4/src/maple2c/gga_c_bcgp.c
Examining data/libxc-4.3.4/src/maple2c/gga_c_bmk.c
Examining data/libxc-4.3.4/src/maple2c/gga_c_cs1.c
Examining data/libxc-4.3.4/src/maple2c/gga_c_ft97.c
Examining data/libxc-4.3.4/src/maple2c/gga_c_gapc.c
Examining data/libxc-4.3.4/src/maple2c/gga_c_gaploc.c
Examining data/libxc-4.3.4/src/maple2c/gga_c_hcth_a.c
Examining data/libxc-4.3.4/src/maple2c/gga_c_lm.c
Examining data/libxc-4.3.4/src/maple2c/gga_c_lyp.c
Examining data/libxc-4.3.4/src/maple2c/gga_c_op_b88.c
Examining data/libxc-4.3.4/src/maple2c/gga_c_op_g96.c
Examining data/libxc-4.3.4/src/maple2c/gga_c_op_pbe.c
Examining data/libxc-4.3.4/src/maple2c/gga_c_op_pw91.c
Examining data/libxc-4.3.4/src/maple2c/gga_c_op_xalpha.c
Examining data/libxc-4.3.4/src/maple2c/gga_c_optc.c
Examining data/libxc-4.3.4/src/maple2c/gga_c_p86.c
Examining data/libxc-4.3.4/src/maple2c/gga_c_pbe.c
Examining data/libxc-4.3.4/src/maple2c/gga_c_pbeloc.c
Examining data/libxc-4.3.4/src/maple2c/gga_c_pw91.c
Examining data/libxc-4.3.4/src/maple2c/gga_c_q2d.c
Examining data/libxc-4.3.4/src/maple2c/gga_c_regtpss.c
Examining data/libxc-4.3.4/src/maple2c/gga_c_revtca.c
Examining data/libxc-4.3.4/src/maple2c/gga_c_scan_e0.c
Examining data/libxc-4.3.4/src/maple2c/gga_c_sg4.c
Examining data/libxc-4.3.4/src/maple2c/gga_c_sogga11.c
Examining data/libxc-4.3.4/src/maple2c/gga_c_tca.c
Examining data/libxc-4.3.4/src/maple2c/gga_c_w94.c
Examining data/libxc-4.3.4/src/maple2c/gga_c_wi.c
Examining data/libxc-4.3.4/src/maple2c/gga_c_wl.c
Examining data/libxc-4.3.4/src/maple2c/gga_c_zpbeint.c
Examining data/libxc-4.3.4/src/maple2c/gga_c_zvpbeint.c
Examining data/libxc-4.3.4/src/maple2c/gga_k_dk.c
Examining data/libxc-4.3.4/src/maple2c/gga_k_exp4.c
Examining data/libxc-4.3.4/src/maple2c/gga_k_meyer.c
Examining data/libxc-4.3.4/src/maple2c/gga_k_ol1.c
Examining data/libxc-4.3.4/src/maple2c/gga_k_ol2.c
Examining data/libxc-4.3.4/src/maple2c/gga_k_pearson.c
Examining data/libxc-4.3.4/src/maple2c/gga_k_tflw.c
Examining data/libxc-4.3.4/src/maple2c/gga_k_thakkar.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_2d_b86.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_2d_b86_mgc.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_2d_b88.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_2d_pbe.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_airy.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_ak13.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_am05.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_b86.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_b88.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_bayesian.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_beefvdw.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_bpccac.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_c09x.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_cap.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_chachiyo.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_dk87.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_eg93.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_ft97.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_g96.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_hcth_a.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_herman.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_hjs.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_hjs_b88_v2.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_htbs.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_kt.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_lag.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_lg93.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_lv_rpw86.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_mpbe.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_n12.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_optx.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_pbe.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_pbea.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_pbeint.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_pbepow.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_pbetrans.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_pw86.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_pw91.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_q2d.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_rge2.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_rpbe.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_sg4.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_sogga11.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_ssb_sw.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_vmt.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_vmt84.c
Examining data/libxc-4.3.4/src/maple2c/gga_x_wc.c
Examining data/libxc-4.3.4/src/maple2c/gga_xc_b97.c
Examining data/libxc-4.3.4/src/maple2c/gga_xc_th1.c
Examining data/libxc-4.3.4/src/maple2c/gga_xc_th2.c
Examining data/libxc-4.3.4/src/maple2c/gga_xc_th3.c
Examining data/libxc-4.3.4/src/maple2c/hyb_gga_xc_wb97.c
Examining data/libxc-4.3.4/src/maple2c/hyb_mgga_x_dldf.c
Examining data/libxc-4.3.4/src/maple2c/hyb_mgga_x_m05.c
Examining data/libxc-4.3.4/src/maple2c/hyb_mgga_xc_wb97mv.c
Examining data/libxc-4.3.4/src/maple2c/lda_c_1d_csc.c
Examining data/libxc-4.3.4/src/maple2c/lda_c_1d_loos.c
Examining data/libxc-4.3.4/src/maple2c/lda_c_2d_amgb.c
Examining data/libxc-4.3.4/src/maple2c/lda_c_2d_prm.c
Examining data/libxc-4.3.4/src/maple2c/lda_c_chachiyo.c
Examining data/libxc-4.3.4/src/maple2c/lda_c_gk72.c
Examining data/libxc-4.3.4/src/maple2c/lda_c_gombas.c
Examining data/libxc-4.3.4/src/maple2c/lda_c_hl.c
Examining data/libxc-4.3.4/src/maple2c/lda_c_lp96.c
Examining data/libxc-4.3.4/src/maple2c/lda_c_ml1.c
Examining data/libxc-4.3.4/src/maple2c/lda_c_pk09.c
Examining data/libxc-4.3.4/src/maple2c/lda_c_pw.c
Examining data/libxc-4.3.4/src/maple2c/lda_c_pz.c
Examining data/libxc-4.3.4/src/maple2c/lda_c_rc04.c
Examining data/libxc-4.3.4/src/maple2c/lda_c_rpa.c
Examining data/libxc-4.3.4/src/maple2c/lda_c_vwn.c
Examining data/libxc-4.3.4/src/maple2c/lda_c_vwn_1.c
Examining data/libxc-4.3.4/src/maple2c/lda_c_vwn_2.c
Examining data/libxc-4.3.4/src/maple2c/lda_c_vwn_3.c
Examining data/libxc-4.3.4/src/maple2c/lda_c_vwn_4.c
Examining data/libxc-4.3.4/src/maple2c/lda_c_vwn_rpa.c
Examining data/libxc-4.3.4/src/maple2c/lda_c_wigner.c
Examining data/libxc-4.3.4/src/maple2c/lda_k_tf.c
Examining data/libxc-4.3.4/src/maple2c/lda_k_zlp.c
Examining data/libxc-4.3.4/src/maple2c/lda_x.c
Examining data/libxc-4.3.4/src/maple2c/lda_x_2d.c
Examining data/libxc-4.3.4/src/maple2c/lda_x_erf.c
Examining data/libxc-4.3.4/src/maple2c/lda_x_rel.c
Examining data/libxc-4.3.4/src/maple2c/lda_xc_1d_ehwlrg.c
Examining data/libxc-4.3.4/src/maple2c/lda_xc_ksdt.c
Examining data/libxc-4.3.4/src/maple2c/lda_xc_teter93.c
Examining data/libxc-4.3.4/src/maple2c/lda_xc_zlp.c
Examining data/libxc-4.3.4/src/maple2c/mgga_c_b88.c
Examining data/libxc-4.3.4/src/maple2c/mgga_c_bc95.c
Examining data/libxc-4.3.4/src/maple2c/mgga_c_cs.c
Examining data/libxc-4.3.4/src/maple2c/mgga_c_kcis.c
Examining data/libxc-4.3.4/src/maple2c/mgga_c_m05.c
Examining data/libxc-4.3.4/src/maple2c/mgga_c_m06l.c
Examining data/libxc-4.3.4/src/maple2c/mgga_c_m08.c
Examining data/libxc-4.3.4/src/maple2c/mgga_c_pkzb.c
Examining data/libxc-4.3.4/src/maple2c/mgga_c_revscan.c
Examining data/libxc-4.3.4/src/maple2c/mgga_c_revtpss.c
Examining data/libxc-4.3.4/src/maple2c/mgga_c_scan.c
Examining data/libxc-4.3.4/src/maple2c/mgga_c_tpss.c
Examining data/libxc-4.3.4/src/maple2c/mgga_c_tpssloc.c
Examining data/libxc-4.3.4/src/maple2c/mgga_c_vsxc.c
Examining data/libxc-4.3.4/src/maple2c/mgga_k_pc07.c
Examining data/libxc-4.3.4/src/maple2c/mgga_x_br89_explicit.c
Examining data/libxc-4.3.4/src/maple2c/mgga_x_gvt4.c
Examining data/libxc-4.3.4/src/maple2c/mgga_x_gx.c
Examining data/libxc-4.3.4/src/maple2c/mgga_x_lta.c
Examining data/libxc-4.3.4/src/maple2c/mgga_x_m06l.c
Examining data/libxc-4.3.4/src/maple2c/mgga_x_m08.c
Examining data/libxc-4.3.4/src/maple2c/mgga_x_m11.c
Examining data/libxc-4.3.4/src/maple2c/mgga_x_m11_l.c
Examining data/libxc-4.3.4/src/maple2c/mgga_x_mbeef.c
Examining data/libxc-4.3.4/src/maple2c/mgga_x_mbeefvdw.c
Examining data/libxc-4.3.4/src/maple2c/mgga_x_mk00.c
Examining data/libxc-4.3.4/src/maple2c/mgga_x_mn12.c
Examining data/libxc-4.3.4/src/maple2c/mgga_x_ms.c
Examining data/libxc-4.3.4/src/maple2c/mgga_x_mvs.c
Examining data/libxc-4.3.4/src/maple2c/mgga_x_pbe_gx.c
Examining data/libxc-4.3.4/src/maple2c/mgga_x_pkzb.c
Examining data/libxc-4.3.4/src/maple2c/mgga_x_sa_tpss.c
Examining data/libxc-4.3.4/src/maple2c/mgga_x_scan.c
Examining data/libxc-4.3.4/src/maple2c/mgga_x_tau_hcth.c
Examining data/libxc-4.3.4/src/maple2c/mgga_x_tm.c
Examining data/libxc-4.3.4/src/maple2c/mgga_x_tpss.c
Examining data/libxc-4.3.4/src/maple2c/mgga_x_vt84.c
Examining data/libxc-4.3.4/src/maple2c/mgga_xc_b97mv.c
Examining data/libxc-4.3.4/src/maple2c/mgga_xc_b98.c
Examining data/libxc-4.3.4/src/maple2c/mgga_xc_cc06.c
Examining data/libxc-4.3.4/src/maple2c/mgga_xc_lp90.c
Examining data/libxc-4.3.4/src/maple2c/mgga_xc_zlp.c
Examining data/libxc-4.3.4/src/mgga.c
Examining data/libxc-4.3.4/src/mgga_c_b88.c
Examining data/libxc-4.3.4/src/mgga_c_bc95.c
Examining data/libxc-4.3.4/src/mgga_c_cs.c
Examining data/libxc-4.3.4/src/mgga_c_kcis.c
Examining data/libxc-4.3.4/src/mgga_c_m05.c
Examining data/libxc-4.3.4/src/mgga_c_m06l.c
Examining data/libxc-4.3.4/src/mgga_c_m08.c
Examining data/libxc-4.3.4/src/mgga_c_pkzb.c
Examining data/libxc-4.3.4/src/mgga_c_revscan.c
Examining data/libxc-4.3.4/src/mgga_c_revtpss.c
Examining data/libxc-4.3.4/src/mgga_c_scan.c
Examining data/libxc-4.3.4/src/mgga_c_tpss.c
Examining data/libxc-4.3.4/src/mgga_c_tpssloc.c
Examining data/libxc-4.3.4/src/mgga_c_vsxc.c
Examining data/libxc-4.3.4/src/mgga_k_pc07.c
Examining data/libxc-4.3.4/src/mgga_x_2d_prhg07.c
Examining data/libxc-4.3.4/src/mgga_x_br89.c
Examining data/libxc-4.3.4/src/mgga_x_br89_explicit.c
Examining data/libxc-4.3.4/src/mgga_x_gvt4.c
Examining data/libxc-4.3.4/src/mgga_x_gx.c
Examining data/libxc-4.3.4/src/mgga_x_lta.c
Examining data/libxc-4.3.4/src/mgga_x_m06l.c
Examining data/libxc-4.3.4/src/mgga_x_m08.c
Examining data/libxc-4.3.4/src/mgga_x_m11.c
Examining data/libxc-4.3.4/src/mgga_x_m11_l.c
Examining data/libxc-4.3.4/src/mgga_x_mbeef.c
Examining data/libxc-4.3.4/src/mgga_x_mbeefvdw.c
Examining data/libxc-4.3.4/src/mgga_x_mk00.c
Examining data/libxc-4.3.4/src/mgga_x_mn12.c
Examining data/libxc-4.3.4/src/mgga_x_ms.c
Examining data/libxc-4.3.4/src/mgga_x_mvs.c
Examining data/libxc-4.3.4/src/mgga_x_pbe_gx.c
Examining data/libxc-4.3.4/src/mgga_x_pkzb.c
Examining data/libxc-4.3.4/src/mgga_x_sa_tpss.c
Examining data/libxc-4.3.4/src/mgga_x_scan.c
Examining data/libxc-4.3.4/src/mgga_x_tau_hcth.c
Examining data/libxc-4.3.4/src/mgga_x_tm.c
Examining data/libxc-4.3.4/src/mgga_x_tpss.c
Examining data/libxc-4.3.4/src/mgga_x_vt84.c
Examining data/libxc-4.3.4/src/mgga_xc_b97mv.c
Examining data/libxc-4.3.4/src/mgga_xc_b98.c
Examining data/libxc-4.3.4/src/mgga_xc_cc06.c
Examining data/libxc-4.3.4/src/mgga_xc_hle17.c
Examining data/libxc-4.3.4/src/mgga_xc_lp90.c
Examining data/libxc-4.3.4/src/mgga_xc_otpss_d.c
Examining data/libxc-4.3.4/src/mgga_xc_zlp.c
Examining data/libxc-4.3.4/src/mix_func.c
Examining data/libxc-4.3.4/src/references.c
Examining data/libxc-4.3.4/src/references.h
Examining data/libxc-4.3.4/src/special_functions.c
Examining data/libxc-4.3.4/src/string_f.h
Examining data/libxc-4.3.4/src/test.c
Examining data/libxc-4.3.4/src/util.c
Examining data/libxc-4.3.4/src/version.c
Examining data/libxc-4.3.4/src/work_gga_c.c
Examining data/libxc-4.3.4/src/work_gga_x.c
Examining data/libxc-4.3.4/src/work_lda.c
Examining data/libxc-4.3.4/src/work_mgga_c.c
Examining data/libxc-4.3.4/src/work_mgga_x.c
Examining data/libxc-4.3.4/src/xc-info.c
Examining data/libxc-4.3.4/src/xc-sanity.c
Examining data/libxc-4.3.4/src/xc-threshold.c
Examining data/libxc-4.3.4/src/xc.h
Examining data/libxc-4.3.4/src/xc_f.c
Examining data/libxc-4.3.4/src/xc_funcs_removed.h
Examining data/libxc-4.3.4/src/util.h
Examining data/libxc-4.3.4/testsuite/xc-consistency.c
Examining data/libxc-4.3.4/testsuite/xc-error.c
Examining data/libxc-4.3.4/testsuite/xc-get_data.c
Examining data/libxc-4.3.4/testsuite/xc-regression.c

FINAL RESULTS:

data/libxc-4.3.4/src/functionals.c:67:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
      strcpy(p,xc_functional_keys[ii].name);
data/libxc-4.3.4/src/functionals.c:172:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(list[ii],xc_functional_keys[ii].name);
data/libxc-4.3.4/src/genwiki.c:145:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
  strcpy(r,buf);
data/libxc-4.3.4/testsuite/xc-error.c:123:9:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
  while(sscanf(buf+cur,"%s%n",legin[cin],&nread)==1) {
data/libxc-4.3.4/testsuite/xc-error.c:136:9:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
  while(sscanf(buf+cur,"%s%n",legref[cref],&nread)==1) {
data/libxc-4.3.4/testsuite/xc-error.c:169:11:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function. If the scanf format is influenceable by an
  attacker, it's exploitable.
    while(sscanf(buf+cur,fmt,&din[j],&nread)==1) {
data/libxc-4.3.4/testsuite/xc-error.c:183:11:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function. If the scanf format is influenceable by an
  attacker, it's exploitable.
    while(sscanf(buf+cur,fmt,&dref[j],&nread)==1) {
data/libxc-4.3.4/testsuite/xc-regression.c:231:11:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function. If the scanf format is influenceable by an
  attacker, it's exploitable.
    nsucc=sscanf(buf, fmt, &rhoa, &rhob, &sigmaaa, &sigmaab, &sigmabb,	\
data/libxc-4.3.4/testsuite/xc-regression.c:367:7:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
      fprintf(out, sfmt, "zk");
data/libxc-4.3.4/testsuite/xc-regression.c:371:9:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
        fprintf(out, sfmt2, "vrho(a)", "vrho(b)");
data/libxc-4.3.4/testsuite/xc-regression.c:373:11:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
          fprintf(out, sfmt3, "vsigma(aa)", "vsigma(ab)", "vsigma(bb)");
data/libxc-4.3.4/testsuite/xc-regression.c:375:11:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
          fprintf(out, sfmt2, "vlapl(a)", "vlapl(b)");
data/libxc-4.3.4/testsuite/xc-regression.c:376:11:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
          fprintf(out, sfmt2, "vtau(a)", "vtau(b)");
data/libxc-4.3.4/testsuite/xc-regression.c:379:9:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
        fprintf(out, sfmt, "vrho");
data/libxc-4.3.4/testsuite/xc-regression.c:381:11:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
          fprintf(out, sfmt, "vsigma");
data/libxc-4.3.4/testsuite/xc-regression.c:383:11:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
          fprintf(out, sfmt, "vlapl");
data/libxc-4.3.4/testsuite/xc-regression.c:384:11:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
          fprintf(out, sfmt, "vtau");
data/libxc-4.3.4/testsuite/xc-regression.c:391:9:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
        fprintf(out,sfmt3,"v2rho(aa)","v2rho(ab)","v2rho(bb)");
data/libxc-4.3.4/testsuite/xc-regression.c:393:11:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
          fprintf(out, sfmt3, "v2sigma2(aa-aa)", "v2sigma2(aa-ab)", "v2sigma2(aa-bb)");
data/libxc-4.3.4/testsuite/xc-regression.c:394:11:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
          fprintf(out, sfmt3, "v2sigma2(ab-ab)", "v2sigma2(ab-bb)", "v2sigma2(bb-bb)");
data/libxc-4.3.4/testsuite/xc-regression.c:395:11:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
          fprintf(out, sfmt3, "v2rho(a)sigma(aa)", "v2rho(a)sigma(ab)", "v2rho(a)sigma(bb)");
data/libxc-4.3.4/testsuite/xc-regression.c:396:11:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
          fprintf(out, sfmt3, "v2rho(b)sigma(aa)", "v2rho(b)sigma(ab)", "v2rho(b)sigma(bb)");
data/libxc-4.3.4/testsuite/xc-regression.c:399:11:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
          fprintf(out, sfmt3, "v2lapl2(aa)", "v2lapl2(ab)", "v2lapl2(bb)");
data/libxc-4.3.4/testsuite/xc-regression.c:400:11:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
          fprintf(out, sfmt3, "v2tau2(aa)", "v2tau2(ab)", "v2tau2(bb)");
data/libxc-4.3.4/testsuite/xc-regression.c:401:11:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
          fprintf(out, sfmt3, "v2rholapl(aa)", "v2rholapl(ab)", "v2rholapl(bb)");
data/libxc-4.3.4/testsuite/xc-regression.c:402:11:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
          fprintf(out, sfmt3, "v2rhotau(aa)", "v2rhotau(ab)", "v2rhotau(bb)");
data/libxc-4.3.4/testsuite/xc-regression.c:403:11:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
          fprintf(out, sfmt3, "v2lapltau(aa)", "v2lapltau(ab)", "v2lapltau(bb)");
data/libxc-4.3.4/testsuite/xc-regression.c:404:11:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
          fprintf(out, sfmt3, "v2sigma(aa)tau(a)", "v2sigma(aa)tau(b)", "v2sigma(ab)tau(a)");
data/libxc-4.3.4/testsuite/xc-regression.c:405:11:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
          fprintf(out, sfmt3, "v2sigma(ab)tau(b)", "v2sigma(bb)tau(a)", "v2sigma(bb)tau(b)");
data/libxc-4.3.4/testsuite/xc-regression.c:406:11:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
          fprintf(out, sfmt3, "v2sigma(aa)lapl(a)", "v2sigma(aa)lapl(b)", "v2sigma(ab)lapl(a)");
data/libxc-4.3.4/testsuite/xc-regression.c:407:11:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
          fprintf(out, sfmt3, "v2sigma(ab)lapl(b)", "v2sigma(bb)lapl(a)", "v2sigma(bb)lapl(b)");
data/libxc-4.3.4/testsuite/xc-regression.c:410:9:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
        fprintf(out,sfmt,"v2rho");
data/libxc-4.3.4/testsuite/xc-regression.c:412:11:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
          fprintf(out, sfmt, "v2sigma2");
data/libxc-4.3.4/testsuite/xc-regression.c:413:11:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
          fprintf(out, sfmt, "v2rhosigma");
data/libxc-4.3.4/testsuite/xc-regression.c:417:11:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
          fprintf(out, sfmt, "v2lapl2");
data/libxc-4.3.4/testsuite/xc-regression.c:418:11:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
          fprintf(out, sfmt, "v2tau2");
data/libxc-4.3.4/testsuite/xc-regression.c:419:11:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
          fprintf(out, sfmt, "v2rholapl");
data/libxc-4.3.4/testsuite/xc-regression.c:420:11:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
          fprintf(out, sfmt, "v2rhotau");
data/libxc-4.3.4/testsuite/xc-regression.c:421:11:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
          fprintf(out, sfmt, "v2lapltau");
data/libxc-4.3.4/testsuite/xc-regression.c:422:11:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
          fprintf(out, sfmt, "v2sigmatau");
data/libxc-4.3.4/testsuite/xc-regression.c:423:11:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
          fprintf(out, sfmt, "v2sigmalapl");
data/libxc-4.3.4/testsuite/xc-regression.c:439:9:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
        fprintf(out, efmt, d.zk[i]);
data/libxc-4.3.4/testsuite/xc-regression.c:443:11:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
          fprintf(out, efmt2, d.vrho[2 * i], d.vrho[2 * i + 1]);
data/libxc-4.3.4/testsuite/xc-regression.c:445:13:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
            fprintf(out, efmt3, d.vsigma[3 * i], d.vsigma[3 * i + 1], d.vsigma[3 * i + 2]);
data/libxc-4.3.4/testsuite/xc-regression.c:447:13:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
            fprintf(out, efmt2, d.vlapl[2 * i], d.vlapl[2 * i + 1]);
data/libxc-4.3.4/testsuite/xc-regression.c:448:13:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
            fprintf(out, efmt2, d.vtau[2 * i], d.vtau[2 * i + 1]);
data/libxc-4.3.4/testsuite/xc-regression.c:451:11:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
          fprintf(out, efmt, d.vrho[i]);
data/libxc-4.3.4/testsuite/xc-regression.c:453:13:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
            fprintf(out, efmt, d.vsigma[i]);
data/libxc-4.3.4/testsuite/xc-regression.c:455:13:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
            fprintf(out, efmt, d.vlapl[i]);
data/libxc-4.3.4/testsuite/xc-regression.c:456:13:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
            fprintf(out, efmt, d.vtau[i]);
data/libxc-4.3.4/testsuite/xc-regression.c:463:11:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
          fprintf(out, efmt3, d.v2rho2[3*i], d.v2rho2[3*i + 1], d.v2rho2[3*i + 2]);
data/libxc-4.3.4/testsuite/xc-regression.c:465:13:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
            fprintf(out, efmt3, d.v2sigma2[6*i], d.v2sigma2[6*i + 1], d.v2sigma2[6*i + 2]);
data/libxc-4.3.4/testsuite/xc-regression.c:466:13:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
            fprintf(out, efmt3, d.v2sigma2[6*i + 3], d.v2sigma2[6*i + 4], d.v2sigma2[6*i + 5]);
data/libxc-4.3.4/testsuite/xc-regression.c:467:13:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
            fprintf(out, efmt3, d.v2rhosigma[6*i], d.v2rhosigma[6*i + 1], d.v2rhosigma[6*i + 2]);
data/libxc-4.3.4/testsuite/xc-regression.c:468:13:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
            fprintf(out, efmt3, d.v2rhosigma[6*i + 3], d.v2rhosigma[6*i + 4], d.v2rhosigma[6*i + 5]);
data/libxc-4.3.4/testsuite/xc-regression.c:471:13:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
            fprintf(out, efmt3, d.v2lapl2[3*i], d.v2lapl2[3*i + 1], d.v2lapl2[3*i + 2]);
data/libxc-4.3.4/testsuite/xc-regression.c:472:13:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
            fprintf(out, efmt3, d.v2tau2[3*i], d.v2tau2[3*i + 1], d.v2tau2[3*i + 2]);
data/libxc-4.3.4/testsuite/xc-regression.c:473:13:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
            fprintf(out, efmt3, d.v2rholapl[3*i], d.v2rholapl[3*i + 1], d.v2rholapl[3*i + 2]);
data/libxc-4.3.4/testsuite/xc-regression.c:474:13:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
            fprintf(out, efmt3, d.v2rhotau[3*i], d.v2rhotau[3*i + 1], d.v2rhotau[3*i + 2]);
data/libxc-4.3.4/testsuite/xc-regression.c:475:13:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
            fprintf(out, efmt3, d.v2lapltau[3*i], d.v2lapltau[3*i + 1], d.v2lapltau[3*i + 2]);
data/libxc-4.3.4/testsuite/xc-regression.c:476:13:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
            fprintf(out, efmt3, d.v2sigmatau[3*i], d.v2sigmatau[3*i + 1], d.v2sigmatau[3*i + 2]);
data/libxc-4.3.4/testsuite/xc-regression.c:477:13:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
            fprintf(out, efmt3, d.v2sigmatau[3*i + 3], d.v2sigmatau[3*i + 4], d.v2sigmatau[3*i + 5]);
data/libxc-4.3.4/testsuite/xc-regression.c:478:13:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
            fprintf(out, efmt3, d.v2sigmalapl[3*i], d.v2sigmalapl[3*i + 1], d.v2sigmalapl[3*i + 2]);
data/libxc-4.3.4/testsuite/xc-regression.c:479:13:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
            fprintf(out, efmt3, d.v2sigmalapl[3*i + 3], d.v2sigmalapl[3*i + 4], d.v2sigmalapl[3*i + 5]);
data/libxc-4.3.4/testsuite/xc-regression.c:482:11:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
          fprintf(out, efmt, d.v2rho2[i]);
data/libxc-4.3.4/testsuite/xc-regression.c:484:13:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
            fprintf(out, efmt, d.v2sigma2[i]);
data/libxc-4.3.4/testsuite/xc-regression.c:485:13:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
            fprintf(out, efmt, d.v2rhosigma[i]);
data/libxc-4.3.4/testsuite/xc-regression.c:488:13:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
            fprintf(out, efmt, d.v2lapl2[i]);
data/libxc-4.3.4/testsuite/xc-regression.c:489:13:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
            fprintf(out, efmt, d.v2tau2[i]);
data/libxc-4.3.4/testsuite/xc-regression.c:490:13:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
            fprintf(out, efmt, d.v2rholapl[i]);
data/libxc-4.3.4/testsuite/xc-regression.c:491:13:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
            fprintf(out, efmt, d.v2rhotau[i]);
data/libxc-4.3.4/testsuite/xc-regression.c:492:13:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
            fprintf(out, efmt, d.v2lapltau[i]);
data/libxc-4.3.4/testsuite/xc-regression.c:493:13:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
            fprintf(out, efmt, d.v2sigmatau[i]);
data/libxc-4.3.4/testsuite/xc-regression.c:494:13:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
            fprintf(out, efmt, d.v2sigmalapl[i]);
data/libxc-4.3.4/src/genwiki.c:38:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[MAXLEN], *r;
data/libxc-4.3.4/src/gga_c_bmk.c:65:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_n12, sizeof(gga_c_bmk_params));
data/libxc-4.3.4/src/gga_c_bmk.c:68:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_n12_sx, sizeof(gga_c_bmk_params));
data/libxc-4.3.4/src/gga_c_bmk.c:71:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_gam, sizeof(gga_c_bmk_params));
data/libxc-4.3.4/src/gga_c_bmk.c:74:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_bmk, sizeof(gga_c_bmk_params));
data/libxc-4.3.4/src/gga_c_bmk.c:77:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_tau_hcth, sizeof(gga_c_bmk_params));
data/libxc-4.3.4/src/gga_c_bmk.c:80:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_hyb_tau_hcth, sizeof(gga_c_bmk_params));
data/libxc-4.3.4/src/gga_c_sogga11.c:40:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_sogga11, sizeof(gga_c_sogga11_params));
data/libxc-4.3.4/src/gga_c_sogga11.c:43:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_sogga11_x, sizeof(gga_c_sogga11_params));
data/libxc-4.3.4/src/gga_c_wi.c:38:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &wi0_params, sizeof(gga_c_wi_params));
data/libxc-4.3.4/src/gga_c_wi.c:41:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &wi_params, sizeof(gga_c_wi_params));
data/libxc-4.3.4/src/gga_x_dk87.c:37:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_dk87_r1, sizeof(gga_x_dk87_params));
data/libxc-4.3.4/src/gga_x_dk87.c:40:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_dk87_r2, sizeof(gga_x_dk87_params));
data/libxc-4.3.4/src/gga_x_ft97.c:40:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_ft97_a, sizeof(gga_x_ft97_params));
data/libxc-4.3.4/src/gga_x_ft97.c:43:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_ft97_b, sizeof(gga_x_ft97_params));
data/libxc-4.3.4/src/gga_x_pw86.c:43:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_pw86, sizeof(gga_x_pw86_params));
data/libxc-4.3.4/src/gga_x_pw86.c:46:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_rpw86, sizeof(gga_x_pw86_params));
data/libxc-4.3.4/src/gga_x_pw86.c:49:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_fr_pw86, sizeof(gga_x_pw86_params));
data/libxc-4.3.4/src/gga_x_sogga11.c:42:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_sogga11, sizeof(gga_x_sogga11_params));
data/libxc-4.3.4/src/gga_x_sogga11.c:45:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_sogga11_x, sizeof(gga_x_sogga11_params));
data/libxc-4.3.4/src/gga_xc_b97.c:182:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_hcth_93, sizeof(gga_xc_b97_params));
data/libxc-4.3.4/src/gga_xc_b97.c:185:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_hcth_120, sizeof(gga_xc_b97_params));
data/libxc-4.3.4/src/gga_xc_b97.c:188:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_hcth_147, sizeof(gga_xc_b97_params));
data/libxc-4.3.4/src/gga_xc_b97.c:191:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_hcth_407, sizeof(gga_xc_b97_params));
data/libxc-4.3.4/src/gga_xc_b97.c:195:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_b97, sizeof(gga_xc_b97_params));
data/libxc-4.3.4/src/gga_xc_b97.c:199:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_b97_1, sizeof(gga_xc_b97_params));
data/libxc-4.3.4/src/gga_xc_b97.c:203:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_b97_2, sizeof(gga_xc_b97_params));
data/libxc-4.3.4/src/gga_xc_b97.c:206:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_b97_d, sizeof(gga_xc_b97_params));
data/libxc-4.3.4/src/gga_xc_b97.c:210:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_b97_k, sizeof(gga_xc_b97_params));
data/libxc-4.3.4/src/gga_xc_b97.c:214:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_b97_3, sizeof(gga_xc_b97_params));
data/libxc-4.3.4/src/gga_xc_b97.c:218:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_sb98_1a, sizeof(gga_xc_b97_params));
data/libxc-4.3.4/src/gga_xc_b97.c:222:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_sb98_1b, sizeof(gga_xc_b97_params));
data/libxc-4.3.4/src/gga_xc_b97.c:226:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_sb98_1c, sizeof(gga_xc_b97_params));
data/libxc-4.3.4/src/gga_xc_b97.c:230:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_sb98_2a, sizeof(gga_xc_b97_params));
data/libxc-4.3.4/src/gga_xc_b97.c:234:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_sb98_2b, sizeof(gga_xc_b97_params));
data/libxc-4.3.4/src/gga_xc_b97.c:238:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_sb98_2c, sizeof(gga_xc_b97_params));
data/libxc-4.3.4/src/gga_xc_b97.c:241:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_b97_gga1, sizeof(gga_xc_b97_params));
data/libxc-4.3.4/src/gga_xc_b97.c:244:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_hcth_p14, sizeof(gga_xc_b97_params));
data/libxc-4.3.4/src/gga_xc_b97.c:247:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_hcth_p76, sizeof(gga_xc_b97_params));
data/libxc-4.3.4/src/gga_xc_b97.c:250:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_hcth_407p, sizeof(gga_xc_b97_params));
data/libxc-4.3.4/src/gga_xc_b97.c:254:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_b97_1p, sizeof(gga_xc_b97_params));
data/libxc-4.3.4/src/gga_xc_b97.c:257:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_hle16, sizeof(gga_xc_b97_params));
data/libxc-4.3.4/src/hyb_gga_xc_wb97.c:58:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_wb97, sizeof(gga_xc_wb97_params));
data/libxc-4.3.4/src/hyb_gga_xc_wb97.c:64:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_wb97x, sizeof(gga_xc_wb97_params));
data/libxc-4.3.4/src/hyb_gga_xc_wb97.c:72:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_wb97x_v, sizeof(gga_xc_wb97_params));
data/libxc-4.3.4/src/hyb_gga_xc_wb97.c:78:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_wb97x_d, sizeof(gga_xc_wb97_params));
data/libxc-4.3.4/src/hyb_mgga_x_m05.c:50:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_m05, sizeof(mgga_x_m05_params));
data/libxc-4.3.4/src/hyb_mgga_x_m05.c:54:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_m05_2x, sizeof(mgga_x_m05_params));
data/libxc-4.3.4/src/hyb_mgga_x_m05.c:58:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_m06_2x, sizeof(mgga_x_m05_params));
data/libxc-4.3.4/src/lda_c_chachiyo.c:33:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_chachiyo, sizeof(lda_c_chachiyo_params));
data/libxc-4.3.4/src/lda_c_chachiyo.c:36:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_karasiev, sizeof(lda_c_chachiyo_params));
data/libxc-4.3.4/src/lda_c_hl.c:42:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_hl, sizeof(lda_c_hl_params));
data/libxc-4.3.4/src/lda_c_hl.c:45:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_gl, sizeof(lda_c_hl_params));
data/libxc-4.3.4/src/lda_c_hl.c:48:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_vbh, sizeof(lda_c_hl_params));
data/libxc-4.3.4/src/lda_c_lp96.c:32:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &c_lp96, sizeof(lda_c_lp96_params));
data/libxc-4.3.4/src/lda_c_lp96.c:35:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &k_lp96, sizeof(lda_c_lp96_params));
data/libxc-4.3.4/src/lda_c_pw.c:89:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_pw, sizeof(lda_c_pw_params));
data/libxc-4.3.4/src/lda_c_pw.c:92:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_pw_mod, sizeof(lda_c_pw_params));
data/libxc-4.3.4/src/lda_c_pw.c:95:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_ob, sizeof(lda_c_pw_params));
data/libxc-4.3.4/src/lda_c_pw.c:98:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_pw_rpa, sizeof(lda_c_pw_params));
data/libxc-4.3.4/src/lda_c_pz.c:72:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &pz_original, sizeof(lda_c_pz_params));
data/libxc-4.3.4/src/lda_c_pz.c:75:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &pz_modified, sizeof(lda_c_pz_params));
data/libxc-4.3.4/src/lda_c_pz.c:78:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &pz_ob, sizeof(lda_c_pz_params));
data/libxc-4.3.4/src/lda_xc_ksdt.c:74:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_ksdt, sizeof(lda_xc_ksdt_params));
data/libxc-4.3.4/src/lda_xc_ksdt.c:77:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_gdsmfb, sizeof(lda_xc_ksdt_params));
data/libxc-4.3.4/src/mgga_c_m05.c:50:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_m05, sizeof(mgga_c_m05_params));
data/libxc-4.3.4/src/mgga_c_m05.c:53:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_m05_2x, sizeof(mgga_c_m05_params));
data/libxc-4.3.4/src/mgga_c_m05.c:56:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_dldf, sizeof(mgga_c_m05_params));
data/libxc-4.3.4/src/mgga_c_m06l.c:82:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_m06l, sizeof(mgga_c_m06l_params));
data/libxc-4.3.4/src/mgga_c_m06l.c:85:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_m06hf, sizeof(mgga_c_m06l_params));
data/libxc-4.3.4/src/mgga_c_m06l.c:88:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_m06, sizeof(mgga_c_m06l_params));
data/libxc-4.3.4/src/mgga_c_m06l.c:91:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_m062x, sizeof(mgga_c_m06l_params));
data/libxc-4.3.4/src/mgga_c_m06l.c:94:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_revm06l, sizeof(mgga_c_m06l_params));
data/libxc-4.3.4/src/mgga_c_m08.c:118:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_m08_hx, sizeof(mgga_c_m08_params));
data/libxc-4.3.4/src/mgga_c_m08.c:121:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_m08_so, sizeof(mgga_c_m08_params));
data/libxc-4.3.4/src/mgga_c_m08.c:124:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_m11, sizeof(mgga_c_m08_params));
data/libxc-4.3.4/src/mgga_c_m08.c:127:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_m11_l, sizeof(mgga_c_m08_params));
data/libxc-4.3.4/src/mgga_c_m08.c:130:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_mn12_l, sizeof(mgga_c_m08_params));
data/libxc-4.3.4/src/mgga_c_m08.c:133:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_mn12_sx, sizeof(mgga_c_m08_params));
data/libxc-4.3.4/src/mgga_c_m08.c:136:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_mn15_l, sizeof(mgga_c_m08_params));
data/libxc-4.3.4/src/mgga_c_m08.c:139:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_mn15, sizeof(mgga_c_m08_params));
data/libxc-4.3.4/src/mgga_c_vsxc.c:36:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_vsxc, sizeof(mgga_c_vsxc_params));
data/libxc-4.3.4/src/mgga_x_m08.c:51:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_m08_hx, sizeof(mgga_x_m08_params));
data/libxc-4.3.4/src/mgga_x_m08.c:55:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_m08_so, sizeof(mgga_x_m08_params));
data/libxc-4.3.4/src/mgga_x_m11.c:40:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_m11, sizeof(mgga_x_m11_params));
data/libxc-4.3.4/src/mgga_x_m11_l.c:45:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_m11_l, sizeof(mgga_x_m11_l_params));
data/libxc-4.3.4/src/mgga_x_mn12.c:96:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_mn12_l, sizeof(mgga_x_mn12_params));
data/libxc-4.3.4/src/mgga_x_mn12.c:99:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_mn12_sx, sizeof(mgga_x_mn12_params));
data/libxc-4.3.4/src/mgga_x_mn12.c:105:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_mn15_l, sizeof(mgga_x_mn12_params));
data/libxc-4.3.4/src/mgga_x_mn12.c:108:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_mn15, sizeof(mgga_x_mn12_params));
data/libxc-4.3.4/src/mgga_x_scan.c:35:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_scan, sizeof(mgga_x_scan_params));
data/libxc-4.3.4/src/mgga_x_scan.c:38:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params, &par_revscan, sizeof(mgga_x_scan_params));
data/libxc-4.3.4/src/util.h:131:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char name[256];
data/libxc-4.3.4/src/xc-info.c:27:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    func_id = atoi(argv[1]);
data/libxc-4.3.4/src/xc-sanity.c:33:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char kind[5], family[10];
data/libxc-4.3.4/src/xc-sanity.c:53:7:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
      strcpy(kind,"_x_");
data/libxc-4.3.4/src/xc-sanity.c:57:7:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
      strcpy(kind,"_c_");
data/libxc-4.3.4/src/xc-sanity.c:61:7:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
      strcpy(kind,"_xc_");
data/libxc-4.3.4/src/xc-sanity.c:65:7:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
      strcpy(kind,"_k_");
data/libxc-4.3.4/src/xc-sanity.c:79:7:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
      strcpy(family,"lda_");
data/libxc-4.3.4/src/xc-sanity.c:83:7:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
      strcpy(family,"gga_");
data/libxc-4.3.4/src/xc-sanity.c:87:7:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
      strcpy(family,"mgga_");
data/libxc-4.3.4/src/xc-sanity.c:91:7:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
      strcpy(family,"hyb_gga_");
data/libxc-4.3.4/src/xc-sanity.c:95:7:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
      strcpy(family,"hyb_mgga_");
data/libxc-4.3.4/src/xc-threshold.c:323:8:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
  id = atoi(argv[1]);
data/libxc-4.3.4/src/xc-threshold.c:324:14:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
  testcase = atoi(argv[2]);
data/libxc-4.3.4/testsuite/xc-consistency.c:440:19:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
  test_functional(atoi(argv[1]));
data/libxc-4.3.4/testsuite/xc-consistency.c:444:19:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
  test_functional(atoi(argv[1]));
data/libxc-4.3.4/testsuite/xc-error.c:62:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[BUFSIZE];
data/libxc-4.3.4/testsuite/xc-error.c:72:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char legin[MAXCOL][LEGLEN], legref[MAXCOL][LEGLEN];
data/libxc-4.3.4/testsuite/xc-error.c:84:6:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  in=fopen(argv[1],"r");
data/libxc-4.3.4/testsuite/xc-error.c:90:7:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  ref=fopen(argv[2],"r");
data/libxc-4.3.4/testsuite/xc-error.c:209:17:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
  if(argc==5 && atoi(argv[4])) {
data/libxc-4.3.4/testsuite/xc-get_data.c:63:27:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
  xc_values->functional = atoi(argv[1]);
data/libxc-4.3.4/testsuite/xc-get_data.c:64:27:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
  xc_values->nspin      = atoi(argv[2]);
data/libxc-4.3.4/testsuite/xc-regression.c:183:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[BUFSIZE];
data/libxc-4.3.4/testsuite/xc-regression.c:201:6:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  in=fopen(file,"r");
data/libxc-4.3.4/testsuite/xc-regression.c:294:11:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
  nspin = atoi(argv[2]);
data/libxc-4.3.4/testsuite/xc-regression.c:297:11:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
  order = atoi(argv[3]);
data/libxc-4.3.4/testsuite/xc-regression.c:355:9:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  out = fopen(fname,"w");
data/libxc-4.3.4/src/functionals.c:66:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      p=malloc(strlen(xc_functional_keys[ii].name)+1);
data/libxc-4.3.4/src/functionals.c:149:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    tmp=strlen(xc_functional_keys[i].name);
data/libxc-4.3.4/src/genwiki.c:40:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  for(i=0, j=0; i<strlen(doi); i++) {
data/libxc-4.3.4/src/genwiki.c:144:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  r=malloc(strlen(buf)+1);
data/libxc-4.3.4/src/genwiki.c:220:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	  for(i=0; i<strlen(fname); i++)
data/libxc-4.3.4/src/genwiki.c:229:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    if(strlen(func.info->refs[i]->doi) > 0) {
data/libxc-4.3.4/src/string_f.h:21:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
  strncpy(c, _fcdtocp(f), slen);                            \
data/libxc-4.3.4/src/string_f.h:29:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  clen = strlen(c);               \
data/libxc-4.3.4/src/xc-info.c:75:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if(strlen(func.info->refs[i]->doi) > 0){

ANALYSIS SUMMARY:

Hits = 203
Lines analyzed = 136600 in approximately 8.83 seconds (15471 lines/second)
Physical Source Lines of Code (SLOC) = 124465
Hits@level = [0] 290 [1]   9 [2] 120 [3]   0 [4]  74 [5]   0
Hits@level+ = [0+] 493 [1+] 203 [2+] 194 [3+]  74 [4+]  74 [5+]   0
Hits/KSLOC@level+ = [0+] 3.96095 [1+] 1.63098 [2+] 1.55867 [3+] 0.594545 [4+] 0.594545 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.