Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/meschach-1.2b/copy.c Examining data/meschach-1.2b/err.c Examining data/meschach-1.2b/matrixio.c Examining data/meschach-1.2b/memory.c Examining data/meschach-1.2b/vecop.c Examining data/meschach-1.2b/matop.c Examining data/meschach-1.2b/pxop.c Examining data/meschach-1.2b/submat.c Examining data/meschach-1.2b/init.c Examining data/meschach-1.2b/otherio.c Examining data/meschach-1.2b/machine.c Examining data/meschach-1.2b/matlab.c Examining data/meschach-1.2b/ivecop.c Examining data/meschach-1.2b/version.c Examining data/meschach-1.2b/meminfo.c Examining data/meschach-1.2b/memstat.c Examining data/meschach-1.2b/hessen.c Examining data/meschach-1.2b/sparse.c Examining data/meschach-1.2b/sprow.c Examining data/meschach-1.2b/sparseio.c Examining data/meschach-1.2b/zcopy.c Examining data/meschach-1.2b/zmatio.c Parsing failed to find end of parameter list; semicolon terminated it in (fp," ( %lf , %lf )", #elif REAL == FLOAT if ((io_code=fscanf(fp," ( %f , %f )", #endif &mat->me[i][j].re,&mat->me[i][j].im)) < 2 ) error(io_code==EOF ? E_EOF : E_FORMAT,"bzm_finput") Parsing failed to find end of parameter list; semicolon terminated it in (fp," (%lf,%lf)", #elif REAL == FLOAT if ((io_code=fscanf(fp," (%f,%f)", #endif &vec->ve[i].re,&vec->ve[i].im)) < 2 ) error(io_code==EOF ? 7 : 6,"bzv_finput"); re Examining data/meschach-1.2b/zmemory.c Examining data/meschach-1.2b/zvecop.c Examining data/meschach-1.2b/zmatop.c Examining data/meschach-1.2b/zmatlab.c Examining data/meschach-1.2b/zhessen.c Examining data/meschach-1.2b/conjgrad.c Examining data/meschach-1.2b/lanczos.c Examining data/meschach-1.2b/arnoldi.c Examining data/meschach-1.2b/err.h Examining data/meschach-1.2b/meminfo.h Examining data/meschach-1.2b/machine.h Examining data/meschach-1.2b/iter.h Examining data/meschach-1.2b/matlab.h Examining data/meschach-1.2b/matrix2.h Examining data/meschach-1.2b/oldnames.h Examining data/meschach-1.2b/sparse.h Examining data/meschach-1.2b/sparse2.h Examining data/meschach-1.2b/zmatrix2.h Examining data/meschach-1.2b/dmacheps.c Examining data/meschach-1.2b/extras.c Examining data/meschach-1.2b/fmacheps.c Examining data/meschach-1.2b/tutorial.c Examining data/meschach-1.2b/tutadv.c Examining data/meschach-1.2b/sptort.c Examining data/meschach-1.2b/memtort.c Examining data/meschach-1.2b/mfuntort.c Examining data/meschach-1.2b/iotort.c Examining data/meschach-1.2b/MACHINES/GCC/machine.h Examining data/meschach-1.2b/MACHINES/RS6000/machine.c Examining data/meschach-1.2b/MACHINES/RS6000/machine.h Examining data/meschach-1.2b/MACHINES/SPARC/machine.h Examining data/meschach-1.2b/MACHINES/Linux/machine.h Examining data/meschach-1.2b/MACHINES/SGI/machine.h Examining data/meschach-1.2b/MACHINES/Cray/machine.h Examining data/meschach-1.2b/lufactor.c Examining data/meschach-1.2b/bkpfacto.c Examining data/meschach-1.2b/chfactor.c Examining data/meschach-1.2b/qrfactor.c Examining data/meschach-1.2b/solve.c Examining data/meschach-1.2b/hsehldr.c Examining data/meschach-1.2b/givens.c Examining data/meschach-1.2b/update.c Examining data/meschach-1.2b/norm.c Examining data/meschach-1.2b/symmeig.c Examining data/meschach-1.2b/schur.c Examining data/meschach-1.2b/svd.c Examining data/meschach-1.2b/fft.c Examining data/meschach-1.2b/mfunc.c Examining data/meschach-1.2b/bdfactor.c Examining data/meschach-1.2b/spchfctr.c Examining data/meschach-1.2b/splufctr.c Examining data/meschach-1.2b/spbkp.c Examining data/meschach-1.2b/spswap.c Examining data/meschach-1.2b/iter0.c Examining data/meschach-1.2b/itersym.c Examining data/meschach-1.2b/iternsym.c Examining data/meschach-1.2b/zmachine.c Examining data/meschach-1.2b/znorm.c Examining data/meschach-1.2b/zfunc.c Examining data/meschach-1.2b/zlufctr.c Examining data/meschach-1.2b/zsolve.c Examining data/meschach-1.2b/zhsehldr.c Examining data/meschach-1.2b/zqrfctr.c Examining data/meschach-1.2b/zgivens.c Examining data/meschach-1.2b/zschur.c Examining data/meschach-1.2b/matrix.h Examining data/meschach-1.2b/zmatrix.h Examining data/meschach-1.2b/maxint.c Examining data/meschach-1.2b/torture.c Examining data/meschach-1.2b/ztorture.c Examining data/meschach-1.2b/itertort.c FINAL RESULTS: data/meschach-1.2b/matrix.h:345:27: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ( ( isatty(fileno(fp)) ? fprintf(stderr,prompt) : skipjunk(fp) ), \ data/meschach-1.2b/matrix.h:346:8: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. fscanf(fp,fmt,var) ) data/meschach-1.2b/matrix.h:349:25: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ( isatty(fileno(fp)) ? fprintf(stderr,prompt) : skipjunk(fp) ) data/meschach-1.2b/matrixio.c:412:9: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(fp,format,a->me[i][j]); data/meschach-1.2b/matrixio.c:451:4: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(fp,format,x->ve[i]); data/meschach-1.2b/matrixio.c:478:9: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(fp,format,a->me[i][j]); data/meschach-1.2b/matrixio.c:517:4: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(fp,format,x->ve[i]); data/meschach-1.2b/zmatio.c:305:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(fp,zformat,z.re,z.im); data/meschach-1.2b/zmatio.c:325:9: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(fp,zformat,a->me[i][j].re,a->me[i][j].im); data/meschach-1.2b/zmatio.c:345:4: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(fp,zformat,x->ve[i].re,x->ve[i].im); data/meschach-1.2b/zmatio.c:372:9: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(fp,zformat,a->me[i][j].re,a->me[i][j].im); data/meschach-1.2b/zmatio.c:395:4: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(fp,zformat,x->ve[i].re,x->ve[i].im); data/meschach-1.2b/sptort.c:114:5: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(seed); data/meschach-1.2b/MACHINES/Cray/machine.h:107:32: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. #define MEM_COPY(from,to,size) bcopy((char *)(from),(char *)(to),(int)(size)) data/meschach-1.2b/MACHINES/GCC/machine.h:76:32: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. #define MEM_COPY(from,to,size) bcopy((char *)(from),(char *)(to),(int)(size)) data/meschach-1.2b/MACHINES/Linux/machine.h:78:32: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. #define MEM_COPY(from,to,size) bcopy((char *)(from),(char *)(to),(int)(size)) data/meschach-1.2b/MACHINES/RS6000/machine.h:71:32: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. #define MEM_COPY(from,to,size) bcopy((char *)(from),(char *)(to),(int)(size)) data/meschach-1.2b/MACHINES/SGI/machine.h:107:32: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. #define MEM_COPY(from,to,size) bcopy((char *)(from),(char *)(to),(int)(size)) data/meschach-1.2b/MACHINES/SPARC/machine.h:72:32: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. #define MEM_COPY(from,to,size) bcopy((char *)(from),(char *)(to),(int)(size)) data/meschach-1.2b/err.c:155:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. free((char *)err_list[list_num].listp); data/meschach-1.2b/iotort.c:55:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fp = fopen("iotort.dat","w")) == NULL) { data/meschach-1.2b/iotort.c:99:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fp = fopen("iotort.dat","r")) == NULL) { data/meschach-1.2b/ivecop.c:34:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char line[MAXLINE]; data/meschach-1.2b/machine.h:109:32: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. #define MEM_COPY(from,to,size) bcopy((char *)(from),(char *)(to),(int)(size)) data/meschach-1.2b/matrixio.c:38:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char line[MAXLINE]; data/meschach-1.2b/otherio.c:40:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char scratch[MAXLINE+1]; data/meschach-1.2b/sparseio.c:40:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char line[MAXLINE]; data/meschach-1.2b/sparseio.c:249:38: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. rows[i].elt = (row_elt *)realloc((char *)rows[i].elt, data/meschach-1.2b/sparseio.c:301:38: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. rows[i].elt = (row_elt *)realloc((char *)rows[i].elt, data/meschach-1.2b/torture.c:93:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[81] = MATLAB_NAME; data/meschach-1.2b/torture.c:399:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( (fp=fopen(SAVE_FILE,"w")) == (FILE *)NULL ) data/meschach-1.2b/torture.c:406:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( (fp=fopen(SAVE_FILE,"r")) == (FILE *)NULL ) data/meschach-1.2b/tutorial.c:289:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen("laplace.mat","w"); /* b will be saved in laplace.mat */ data/meschach-1.2b/zmatio.c:37:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char line[MAXLINE]; data/meschach-1.2b/ztorture.c:86:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[81] = MATLAB_NAME; data/meschach-1.2b/ztorture.c:420:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( (fp=fopen(SAVE_FILE,"w")) == (FILE *)NULL ) data/meschach-1.2b/ztorture.c:427:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( (fp=fopen(SAVE_FILE,"r")) == (FILE *)NULL ) data/meschach-1.2b/matlab.c:58:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). mat.namlen = (name == (char *)NULL) ? 1 : strlen(name)+1; data/meschach-1.2b/matlab.c:98:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). mat.namlen = (name == (char *)NULL) ? 1 : strlen(name)+1; data/meschach-1.2b/matlab.c:128:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). mat.namlen = (name == (char *)NULL) ? 1 : strlen(name)+1; data/meschach-1.2b/matrixio.c:55:13: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = getc(fp); data/meschach-1.2b/matrixio.c:61:20: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while ( (c=getc(fp)) != '\n' ) data/meschach-1.2b/zmatlab.c:59:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). mat.namlen = (name == (char *)NULL) ? 1 : strlen(name)+1; data/meschach-1.2b/zmatlab.c:107:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). mat.namlen = (name == (char *)NULL) ? 1 : strlen(name)+1; data/meschach-1.2b/zmatlab.c:138:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). mat.namlen = (name == (char *)NULL) ? 1 : strlen(name)+1; ANALYSIS SUMMARY: Hits = 45 Lines analyzed = 33200 in approximately 0.93 seconds (35580 lines/second) Physical Source Lines of Code (SLOC) = 22147 Hits@level = [0] 513 [1] 8 [2] 24 [3] 1 [4] 12 [5] 0 Hits@level+ = [0+] 558 [1+] 45 [2+] 37 [3+] 13 [4+] 12 [5+] 0 Hits/KSLOC@level+ = [0+] 25.1953 [1+] 2.03188 [2+] 1.67066 [3+] 0.586987 [4+] 0.541834 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.