Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/meschach-1.2b/copy.c
Examining data/meschach-1.2b/err.c
Examining data/meschach-1.2b/matrixio.c
Examining data/meschach-1.2b/memory.c
Examining data/meschach-1.2b/vecop.c
Examining data/meschach-1.2b/matop.c
Examining data/meschach-1.2b/pxop.c
Examining data/meschach-1.2b/submat.c
Examining data/meschach-1.2b/init.c
Examining data/meschach-1.2b/otherio.c
Examining data/meschach-1.2b/machine.c
Examining data/meschach-1.2b/matlab.c
Examining data/meschach-1.2b/ivecop.c
Examining data/meschach-1.2b/version.c
Examining data/meschach-1.2b/meminfo.c
Examining data/meschach-1.2b/memstat.c
Examining data/meschach-1.2b/hessen.c
Examining data/meschach-1.2b/sparse.c
Examining data/meschach-1.2b/sprow.c
Examining data/meschach-1.2b/sparseio.c
Examining data/meschach-1.2b/zcopy.c
Examining data/meschach-1.2b/zmatio.c
Parsing failed to find end of parameter list; semicolon terminated it in (fp," ( %lf , %lf )",
#elif REAL == FLOAT
if ((io_code=fscanf(fp," ( %f , %f )",
#endif
&mat->me[i][j].re,&mat->me[i][j].im)) < 2 )
error(io_code==EOF ? E_EOF : E_FORMAT,"bzm_finput")
Parsing failed to find end of parameter list; semicolon terminated it in (fp," (%lf,%lf)",
#elif REAL == FLOAT
if ((io_code=fscanf(fp," (%f,%f)",
#endif
&vec->ve[i].re,&vec->ve[i].im)) < 2 )
error(io_code==EOF ? 7 : 6,"bzv_finput");
re
Examining data/meschach-1.2b/zmemory.c
Examining data/meschach-1.2b/zvecop.c
Examining data/meschach-1.2b/zmatop.c
Examining data/meschach-1.2b/zmatlab.c
Examining data/meschach-1.2b/zhessen.c
Examining data/meschach-1.2b/conjgrad.c
Examining data/meschach-1.2b/lanczos.c
Examining data/meschach-1.2b/arnoldi.c
Examining data/meschach-1.2b/err.h
Examining data/meschach-1.2b/meminfo.h
Examining data/meschach-1.2b/machine.h
Examining data/meschach-1.2b/iter.h
Examining data/meschach-1.2b/matlab.h
Examining data/meschach-1.2b/matrix2.h
Examining data/meschach-1.2b/oldnames.h
Examining data/meschach-1.2b/sparse.h
Examining data/meschach-1.2b/sparse2.h
Examining data/meschach-1.2b/zmatrix2.h
Examining data/meschach-1.2b/dmacheps.c
Examining data/meschach-1.2b/extras.c
Examining data/meschach-1.2b/fmacheps.c
Examining data/meschach-1.2b/tutorial.c
Examining data/meschach-1.2b/tutadv.c
Examining data/meschach-1.2b/sptort.c
Examining data/meschach-1.2b/memtort.c
Examining data/meschach-1.2b/mfuntort.c
Examining data/meschach-1.2b/iotort.c
Examining data/meschach-1.2b/MACHINES/GCC/machine.h
Examining data/meschach-1.2b/MACHINES/RS6000/machine.c
Examining data/meschach-1.2b/MACHINES/RS6000/machine.h
Examining data/meschach-1.2b/MACHINES/SPARC/machine.h
Examining data/meschach-1.2b/MACHINES/Linux/machine.h
Examining data/meschach-1.2b/MACHINES/SGI/machine.h
Examining data/meschach-1.2b/MACHINES/Cray/machine.h
Examining data/meschach-1.2b/lufactor.c
Examining data/meschach-1.2b/bkpfacto.c
Examining data/meschach-1.2b/chfactor.c
Examining data/meschach-1.2b/qrfactor.c
Examining data/meschach-1.2b/solve.c
Examining data/meschach-1.2b/hsehldr.c
Examining data/meschach-1.2b/givens.c
Examining data/meschach-1.2b/update.c
Examining data/meschach-1.2b/norm.c
Examining data/meschach-1.2b/symmeig.c
Examining data/meschach-1.2b/schur.c
Examining data/meschach-1.2b/svd.c
Examining data/meschach-1.2b/fft.c
Examining data/meschach-1.2b/mfunc.c
Examining data/meschach-1.2b/bdfactor.c
Examining data/meschach-1.2b/spchfctr.c
Examining data/meschach-1.2b/splufctr.c
Examining data/meschach-1.2b/spbkp.c
Examining data/meschach-1.2b/spswap.c
Examining data/meschach-1.2b/iter0.c
Examining data/meschach-1.2b/itersym.c
Examining data/meschach-1.2b/iternsym.c
Examining data/meschach-1.2b/zmachine.c
Examining data/meschach-1.2b/znorm.c
Examining data/meschach-1.2b/zfunc.c
Examining data/meschach-1.2b/zlufctr.c
Examining data/meschach-1.2b/zsolve.c
Examining data/meschach-1.2b/zhsehldr.c
Examining data/meschach-1.2b/zqrfctr.c
Examining data/meschach-1.2b/zgivens.c
Examining data/meschach-1.2b/zschur.c
Examining data/meschach-1.2b/matrix.h
Examining data/meschach-1.2b/zmatrix.h
Examining data/meschach-1.2b/maxint.c
Examining data/meschach-1.2b/torture.c
Examining data/meschach-1.2b/ztorture.c
Examining data/meschach-1.2b/itertort.c
FINAL RESULTS:
data/meschach-1.2b/matrix.h:345:27: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
( ( isatty(fileno(fp)) ? fprintf(stderr,prompt) : skipjunk(fp) ), \
data/meschach-1.2b/matrix.h:346:8: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
fscanf(fp,fmt,var) )
data/meschach-1.2b/matrix.h:349:25: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
( isatty(fileno(fp)) ? fprintf(stderr,prompt) : skipjunk(fp) )
data/meschach-1.2b/matrixio.c:412:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp,format,a->me[i][j]);
data/meschach-1.2b/matrixio.c:451:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp,format,x->ve[i]);
data/meschach-1.2b/matrixio.c:478:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp,format,a->me[i][j]);
data/meschach-1.2b/matrixio.c:517:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp,format,x->ve[i]);
data/meschach-1.2b/zmatio.c:305:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp,zformat,z.re,z.im);
data/meschach-1.2b/zmatio.c:325:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp,zformat,a->me[i][j].re,a->me[i][j].im);
data/meschach-1.2b/zmatio.c:345:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp,zformat,x->ve[i].re,x->ve[i].im);
data/meschach-1.2b/zmatio.c:372:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp,zformat,a->me[i][j].re,a->me[i][j].im);
data/meschach-1.2b/zmatio.c:395:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp,zformat,x->ve[i].re,x->ve[i].im);
data/meschach-1.2b/sptort.c:114:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(seed);
data/meschach-1.2b/MACHINES/Cray/machine.h:107:32: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define MEM_COPY(from,to,size) bcopy((char *)(from),(char *)(to),(int)(size))
data/meschach-1.2b/MACHINES/GCC/machine.h:76:32: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define MEM_COPY(from,to,size) bcopy((char *)(from),(char *)(to),(int)(size))
data/meschach-1.2b/MACHINES/Linux/machine.h:78:32: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define MEM_COPY(from,to,size) bcopy((char *)(from),(char *)(to),(int)(size))
data/meschach-1.2b/MACHINES/RS6000/machine.h:71:32: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define MEM_COPY(from,to,size) bcopy((char *)(from),(char *)(to),(int)(size))
data/meschach-1.2b/MACHINES/SGI/machine.h:107:32: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define MEM_COPY(from,to,size) bcopy((char *)(from),(char *)(to),(int)(size))
data/meschach-1.2b/MACHINES/SPARC/machine.h:72:32: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define MEM_COPY(from,to,size) bcopy((char *)(from),(char *)(to),(int)(size))
data/meschach-1.2b/err.c:155:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
free((char *)err_list[list_num].listp);
data/meschach-1.2b/iotort.c:55:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen("iotort.dat","w")) == NULL) {
data/meschach-1.2b/iotort.c:99:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen("iotort.dat","r")) == NULL) {
data/meschach-1.2b/ivecop.c:34:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char line[MAXLINE];
data/meschach-1.2b/machine.h:109:32: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define MEM_COPY(from,to,size) bcopy((char *)(from),(char *)(to),(int)(size))
data/meschach-1.2b/matrixio.c:38:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char line[MAXLINE];
data/meschach-1.2b/otherio.c:40:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char scratch[MAXLINE+1];
data/meschach-1.2b/sparseio.c:40:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char line[MAXLINE];
data/meschach-1.2b/sparseio.c:249:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
rows[i].elt = (row_elt *)realloc((char *)rows[i].elt,
data/meschach-1.2b/sparseio.c:301:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
rows[i].elt = (row_elt *)realloc((char *)rows[i].elt,
data/meschach-1.2b/torture.c:93:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[81] = MATLAB_NAME;
data/meschach-1.2b/torture.c:399:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (fp=fopen(SAVE_FILE,"w")) == (FILE *)NULL )
data/meschach-1.2b/torture.c:406:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (fp=fopen(SAVE_FILE,"r")) == (FILE *)NULL )
data/meschach-1.2b/tutorial.c:289:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen("laplace.mat","w"); /* b will be saved in laplace.mat */
data/meschach-1.2b/zmatio.c:37:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char line[MAXLINE];
data/meschach-1.2b/ztorture.c:86:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[81] = MATLAB_NAME;
data/meschach-1.2b/ztorture.c:420:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (fp=fopen(SAVE_FILE,"w")) == (FILE *)NULL )
data/meschach-1.2b/ztorture.c:427:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (fp=fopen(SAVE_FILE,"r")) == (FILE *)NULL )
data/meschach-1.2b/matlab.c:58:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mat.namlen = (name == (char *)NULL) ? 1 : strlen(name)+1;
data/meschach-1.2b/matlab.c:98:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mat.namlen = (name == (char *)NULL) ? 1 : strlen(name)+1;
data/meschach-1.2b/matlab.c:128:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mat.namlen = (name == (char *)NULL) ? 1 : strlen(name)+1;
data/meschach-1.2b/matrixio.c:55:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(fp);
data/meschach-1.2b/matrixio.c:61:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (c=getc(fp)) != '\n' )
data/meschach-1.2b/zmatlab.c:59:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mat.namlen = (name == (char *)NULL) ? 1 : strlen(name)+1;
data/meschach-1.2b/zmatlab.c:107:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mat.namlen = (name == (char *)NULL) ? 1 : strlen(name)+1;
data/meschach-1.2b/zmatlab.c:138:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mat.namlen = (name == (char *)NULL) ? 1 : strlen(name)+1;
ANALYSIS SUMMARY:
Hits = 45
Lines analyzed = 33200 in approximately 0.93 seconds (35580 lines/second)
Physical Source Lines of Code (SLOC) = 22147
Hits@level = [0] 513 [1] 8 [2] 24 [3] 1 [4] 12 [5] 0
Hits@level+ = [0+] 558 [1+] 45 [2+] 37 [3+] 13 [4+] 12 [5+] 0
Hits/KSLOC@level+ = [0+] 25.1953 [1+] 2.03188 [2+] 1.67066 [3+] 0.586987 [4+] 0.541834 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.