Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/src/CSGCGALMeshGenerator2D.cpp Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/src/Polygon_utils.h Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/src/CSGPrimitives3D.cpp Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/src/smoothing.h Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/src/ASCFileReader.cpp Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/src/CSGGeometry.cpp Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/src/CSGGeometries3D.cpp Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/src/FuzzyPointLocator.h Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/src/Polyhedral_multicomponent_mesh_domain_with_features_3.h Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/src/MeshGenerator.cpp Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/src/DolfinMeshUtils.cpp Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/src/GlobalInitializer.cpp Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/src/CSGCGALMeshGenerator3D.cpp Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/src/CSGCGALDomain2D.cpp Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/src/CSGPrimitives2D.cpp Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/src/SurfaceConsistency.cpp Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/src/STLFileReader.cpp Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/src/meshclean.h Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/src/triangulation_refinement.h Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/src/Meshes.cpp Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/src/TetgenMeshGenerator3D.cpp Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/src/Polyhedron_utils.h Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/src/CSGOperators.cpp Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/src/OFFFileReader.cpp Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/src/CSGCGALDomain3D.cpp Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/src/make_multicomponent_mesh_3.h Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/src/SurfaceReconstruction.cpp Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/include/mshr.h Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/include/mshr/SurfaceReconstruction.h Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/include/mshr/CSGPrimitives3D.h Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/include/mshr/CSGGeometry.h Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/include/mshr/MeshGenerator.h Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/include/mshr/CSGOperators.h Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/include/mshr/GlobalInitializer.h Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/include/mshr/CSGPrimitives2D.h Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/include/mshr/OFFFileReader.h Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/include/mshr/DolfinMeshUtils.h Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/include/mshr/SurfaceConsistency.h Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/include/mshr/CSGCGALDomain3D.h Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/include/mshr/CSGPrimitive.h Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/include/mshr/STLFileReader.h Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/include/mshr/CSGCGALMeshGenerator2D.h Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/include/mshr/Meshes.h Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/include/mshr/ASCFileReader.h Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/include/mshr/CSGGeometries3D.h Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/include/mshr/CSGCGALMeshGenerator3D.h Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/include/mshr/CSGCGALDomain2D.h Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/include/mshr/TetgenMeshGenerator3D.h Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/test/test2.cpp Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/test/test.cpp Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/test/test-csggeometries.cpp Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/test/test3D.cpp Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/python/src/mshr.cpp Examining data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/app/mshrable.cpp FINAL RESULTS: data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/src/CSGCGALMeshGenerator2D.cpp:347:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). mesh_editor.open(*mesh, dolfin::CellType::Type::triangle, 2, 2); data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/src/CSGCGALMeshGenerator3D.cpp:125:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). mesh_editor.open(mesh, dolfin::CellType::Type::tetrahedron, 3, 3); data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/src/DolfinMeshUtils.cpp:103:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). editor.open(*outmesh, dolfin::CellType::Type::tetrahedron, 3,3); data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/src/DolfinMeshUtils.cpp:180:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). editor.open(*outmesh, m1->type().cell_type(), tdim, tdim); data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/src/TetgenMeshGenerator3D.cpp:48:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). mesh_editor.open(dolfinmesh, dolfin::CellType::Type::tetrahedron, 3, 3); data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/include/mshr/ASCFileReader.h:36:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). static void read(const std::string filename, data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/include/mshr/OFFFileReader.h:36:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). static void read(const std::string filename, data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/include/mshr/STLFileReader.h:39:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). static void read(const std::string filename, data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/src/ASCFileReader.cpp:66:21: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void ASCFileReader::read(const std::string filename, data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/src/CSGCGALDomain3D.cpp:601:30: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). mshr::OFFFileReader::read(s->_filename, vertices, facets); data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/src/CSGCGALDomain3D.cpp:607:32: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). mshr::STLFileReader::read(s->_filename, vertices, facets); data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/src/CSGCGALDomain3D.cpp:611:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). mshr::ASCFileReader::read(s->_filename, vertices, facets); data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/src/OFFFileReader.cpp:66:21: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void OFFFileReader::read(const std::string filename, data/mshr-2019.2.0~git20200924.c27eb18+dfsg1/src/STLFileReader.cpp:68:21: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void STLFileReader::read(const std::string filename, ANALYSIS SUMMARY: Hits = 14 Lines analyzed = 14577 in approximately 0.35 seconds (41106 lines/second) Physical Source Lines of Code (SLOC) = 9825 Hits@level = [0] 0 [1] 9 [2] 5 [3] 0 [4] 0 [5] 0 Hits@level+ = [0+] 14 [1+] 14 [2+] 5 [3+] 0 [4+] 0 [5+] 0 Hits/KSLOC@level+ = [0+] 1.42494 [1+] 1.42494 [2+] 0.508906 [3+] 0 [4+] 0 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.