Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/netcdf-cxx-4.3.1/cxx4/example1.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncAtt.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncAtt.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncByte.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncByte.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncChar.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncChar.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncCheck.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncCheck.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncCompoundType.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncCompoundType.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncDim.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncDim.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncDouble.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncDouble.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncEnumType.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncEnumType.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncException.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncException.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncFile.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncFile.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncFill.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncFill.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncFilter.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncFilter.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncFloat.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncFloat.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncGroup.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncGroup.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncGroupAtt.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncGroupAtt.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncInt.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncInt.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncInt64.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncInt64.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncOpaqueType.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncOpaqueType.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncShort.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncShort.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncString.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncString.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncType.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncType.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncUbyte.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncUbyte.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncUint.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncUint.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncUint64.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncUint64.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncUshort.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncUshort.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncVar.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncVar.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncVarAtt.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncVarAtt.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncVlenType.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncVlenType.h
Examining data/netcdf-cxx-4.3.1/cxx4/temp.c
Examining data/netcdf-cxx-4.3.1/cxx4/test2.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/test_att.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/test_classic.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/test_dim.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/test_filter.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/test_group.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/test_ncFile_Flags.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/test_open_close.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/test_type.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/test_type2.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/test_type3.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/test_type4.c
Examining data/netcdf-cxx-4.3.1/cxx4/test_type4.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/test_type5.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/test_utilities.h
Examining data/netcdf-cxx-4.3.1/cxx4/test_var.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/test_var2.cpp
Examining data/netcdf-cxx-4.3.1/examples/pres_temp_4D_plugin_rd.cpp
Examining data/netcdf-cxx-4.3.1/examples/pres_temp_4D_plugin_wr.cpp
Examining data/netcdf-cxx-4.3.1/examples/pres_temp_4D_rd.cpp
Examining data/netcdf-cxx-4.3.1/examples/pres_temp_4D_wr.cpp
Examining data/netcdf-cxx-4.3.1/examples/sfc_pres_temp_rd.cpp
Examining data/netcdf-cxx-4.3.1/examples/sfc_pres_temp_wr.cpp
Examining data/netcdf-cxx-4.3.1/examples/simple_xy_rd.cpp
Examining data/netcdf-cxx-4.3.1/examples/simple_xy_wr.cpp
Examining data/netcdf-cxx-4.3.1/examples/simple_xy_wr_formats.cpp
Examining data/netcdf-cxx-4.3.1/plugins/H5Zbzip2.c
Examining data/netcdf-cxx-4.3.1/plugins/H5Zmisc.c
Examining data/netcdf-cxx-4.3.1/plugins/H5Ztemplate.c
Examining data/netcdf-cxx-4.3.1/plugins/H5Zutil.c
Examining data/netcdf-cxx-4.3.1/plugins/blocksort.c
Examining data/netcdf-cxx-4.3.1/plugins/bzlib.c
Examining data/netcdf-cxx-4.3.1/plugins/bzlib.h
Examining data/netcdf-cxx-4.3.1/plugins/bzlib_private.h
Examining data/netcdf-cxx-4.3.1/plugins/compress.c
Examining data/netcdf-cxx-4.3.1/plugins/crctable.c
Examining data/netcdf-cxx-4.3.1/plugins/decompress.c
Examining data/netcdf-cxx-4.3.1/plugins/h5bzip2.h
Examining data/netcdf-cxx-4.3.1/plugins/h5misc.h
Examining data/netcdf-cxx-4.3.1/plugins/huffman.c
Examining data/netcdf-cxx-4.3.1/plugins/randtable.c

FINAL RESULTS:

data/netcdf-cxx-4.3.1/plugins/bzlib.c:1418:4:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
   strcat(mode2, writing ? "w" : "r" );
data/netcdf-cxx-4.3.1/plugins/bzlib_private.h:65:7:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
      fprintf ( stderr,   \
data/netcdf-cxx-4.3.1/plugins/bzlib_private.h:74:4:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
   fprintf(stderr,zf)
data/netcdf-cxx-4.3.1/plugins/bzlib_private.h:76:4:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
   fprintf(stderr,zf,za1)
data/netcdf-cxx-4.3.1/plugins/bzlib_private.h:78:4:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
   fprintf(stderr,zf,za1,za2)
data/netcdf-cxx-4.3.1/plugins/bzlib_private.h:80:4:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
   fprintf(stderr,zf,za1,za2,za3)
data/netcdf-cxx-4.3.1/plugins/bzlib_private.h:82:4:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
   fprintf(stderr,zf,za1,za2,za3,za4)
data/netcdf-cxx-4.3.1/plugins/bzlib_private.h:84:4:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
   fprintf(stderr,zf,za1,za2,za3,za4,za5)
data/netcdf-cxx-4.3.1/cxx4/ncCompoundType.cpp:134:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char fieldName[NC_MAX_NAME+1];
data/netcdf-cxx-4.3.1/cxx4/ncDim.cpp:108:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char dimName[NC_MAX_NAME+1];
data/netcdf-cxx-4.3.1/cxx4/ncEnumType.cpp:71:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char charName[NC_MAX_NAME+1];
data/netcdf-cxx-4.3.1/cxx4/ncEnumType.cpp:98:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char charName[NC_MAX_NAME+1];
data/netcdf-cxx-4.3.1/cxx4/ncEnumType.cpp:109:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char charName[NC_MAX_NAME+1];
data/netcdf-cxx-4.3.1/cxx4/ncEnumType.h:84:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char charName[NC_MAX_NAME+1];
data/netcdf-cxx-4.3.1/cxx4/ncFile.cpp:48:3:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  open(filePath, fMode);
data/netcdf-cxx-4.3.1/cxx4/ncFile.cpp:54:3:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  open(filePath, ncFileFlags);
data/netcdf-cxx-4.3.1/cxx4/ncFile.cpp:63:14:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
void NcFile::open(const string& filePath, int ncFileFlags) {
data/netcdf-cxx-4.3.1/cxx4/ncFile.cpp:75:14:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
void NcFile::open(const string& filePath, const FileMode fMode)
data/netcdf-cxx-4.3.1/cxx4/ncFile.cpp:106:3:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  open(filePath, fMode, fFormat);
data/netcdf-cxx-4.3.1/cxx4/ncFile.cpp:125:14:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
void NcFile::open(const string& filePath, const FileMode fMode, const FileFormat fFormat )
data/netcdf-cxx-4.3.1/cxx4/ncFile.h:74:12:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      void open(const std::string& filePath, int ncFileFlags);
data/netcdf-cxx-4.3.1/cxx4/ncFile.h:86:12:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      void open(const std::string& filePath, FileMode fMode);
data/netcdf-cxx-4.3.1/cxx4/ncFile.h:103:12:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      void open(const std::string& filePath, FileMode fMode, FileFormat fFormat);
data/netcdf-cxx-4.3.1/cxx4/ncGroup.cpp:111:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char charName[NC_MAX_NAME+1];
data/netcdf-cxx-4.3.1/cxx4/ncGroup.cpp:554:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char charName[NC_MAX_NAME+1];
data/netcdf-cxx-4.3.1/cxx4/ncGroup.cpp:569:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char charName[NC_MAX_NAME+1];
data/netcdf-cxx-4.3.1/cxx4/ncGroupAtt.cpp:60:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char attName[NC_MAX_NAME+1];
data/netcdf-cxx-4.3.1/cxx4/ncType.cpp:95:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char charName[NC_MAX_NAME+1];
data/netcdf-cxx-4.3.1/cxx4/ncVar.cpp:529:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char charName[NC_MAX_NAME+1];
data/netcdf-cxx-4.3.1/cxx4/ncVarAtt.cpp:54:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char attName[NC_MAX_NAME+1];
data/netcdf-cxx-4.3.1/cxx4/ncVlenType.cpp:72:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char charName[NC_MAX_NAME+1];
data/netcdf-cxx-4.3.1/cxx4/test_ncFile_Flags.cpp:47:10:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    file.open("test_ncFile_Flags_newFile.nc",NC_SHARE | NC_NOWRITE);
data/netcdf-cxx-4.3.1/cxx4/test_open_close.cpp:27:12:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      file.open("Doesn't Exist.",NcFile::read);
data/netcdf-cxx-4.3.1/cxx4/test_open_close.cpp:37:12:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      file.open("firstFile.cdf",NcFile::replace);
data/netcdf-cxx-4.3.1/plugins/H5Zmisc.c:127:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(newbuf,*buf,*buf_size);
data/netcdf-cxx-4.3.1/plugins/H5Zmisc.c:145:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(newbuf,*buf,*buf_size);
data/netcdf-cxx-4.3.1/plugins/H5Zmisc.c:166:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char mem[8];
data/netcdf-cxx-4.3.1/plugins/bzlib.c:1391:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   char   unused[BZ_MAX_UNUSED];
data/netcdf-cxx-4.3.1/plugins/bzlib.c:1394:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   char   mode2[10]     = "";
data/netcdf-cxx-4.3.1/plugins/bzlib.c:1426:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        fp = fopen(path,mode2);
data/netcdf-cxx-4.3.1/cxx4/ncFile.cpp:87:18:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    case NcFile::read:
data/netcdf-cxx-4.3.1/cxx4/ncFile.cpp:151:18:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    case NcFile::read:
data/netcdf-cxx-4.3.1/cxx4/ncFile.h:24:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    read,	//!< File exists, open read-only.
data/netcdf-cxx-4.3.1/cxx4/test_classic.cpp:38:44:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	 NcFile ncFile("test_classic.nc", NcFile::read);
data/netcdf-cxx-4.3.1/cxx4/test_open_close.cpp:27:42:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      file.open("Doesn't Exist.",NcFile::read);
data/netcdf-cxx-4.3.1/examples/pres_temp_4D_plugin_rd.cpp:55:49:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
     NcFile dataFile("pres_temp_4D.nc", NcFile::read);
data/netcdf-cxx-4.3.1/examples/pres_temp_4D_rd.cpp:55:49:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
     NcFile dataFile("pres_temp_4D.nc", NcFile::read);
data/netcdf-cxx-4.3.1/examples/sfc_pres_temp_rd.cpp:52:48:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
   NcFile dataFile("sfc_pres_temp.nc", NcFile::read);
data/netcdf-cxx-4.3.1/examples/simple_xy_rd.cpp:38:44:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
   NcFile dataFile("simple_xy.nc", NcFile::read);
data/netcdf-cxx-4.3.1/plugins/H5Zmisc.c:39:13:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
static void mismatch(size_t i, const char* which);
data/netcdf-cxx-4.3.1/plugins/H5Zmisc.c:183:7:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
	    {mismatch(i,"signed byte"); goto fail; };
data/netcdf-cxx-4.3.1/plugins/H5Zmisc.c:188:7:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
	    {mismatch(i,"unsigned byte"); goto fail; };
data/netcdf-cxx-4.3.1/plugins/H5Zmisc.c:193:7:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
	    {mismatch(i,"signed short"); goto fail; };
data/netcdf-cxx-4.3.1/plugins/H5Zmisc.c:198:7:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
	    {mismatch(i,"unsigned short"); goto fail; };
data/netcdf-cxx-4.3.1/plugins/H5Zmisc.c:203:7:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
	    {mismatch(i,"signed int"); goto fail; };
data/netcdf-cxx-4.3.1/plugins/H5Zmisc.c:208:7:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
	    {mismatch(i,"unsigned int"); goto fail; };
data/netcdf-cxx-4.3.1/plugins/H5Zmisc.c:213:7:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
	    {mismatch(i,"float"); goto fail; };
data/netcdf-cxx-4.3.1/plugins/H5Zmisc.c:223:17:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
                mismatch(i,"double");
data/netcdf-cxx-4.3.1/plugins/H5Zmisc.c:236:17:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
                mismatch(i,"signed long long");
data/netcdf-cxx-4.3.1/plugins/H5Zmisc.c:248:17:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
                mismatch(i,"unsigned long long");
data/netcdf-cxx-4.3.1/plugins/H5Zmisc.c:254:13:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
            mismatch(i,"unexpected parameter");
data/netcdf-cxx-4.3.1/plugins/H5Zmisc.c:276:1:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
mismatch(size_t i, const char* which)
data/netcdf-cxx-4.3.1/plugins/bzlib.c:909:14:  [1] (buffer) fgetc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
   Int32 c = fgetc ( f );
data/netcdf-cxx-4.3.1/plugins/bzlib.c:1419:4:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
   strcat(mode2,"b");   /* binary mode */

ANALYSIS SUMMARY:

Hits = 64
Lines analyzed = 19900 in approximately 0.65 seconds (30440 lines/second)
Physical Source Lines of Code (SLOC) = 12829
Hits@level = [0]  19 [1]  24 [2]  32 [3]   0 [4]   8 [5]   0
Hits@level+ = [0+]  83 [1+]  64 [2+]  40 [3+]   8 [4+]   8 [5+]   0
Hits/KSLOC@level+ = [0+] 6.46972 [1+] 4.9887 [2+] 3.11794 [3+] 0.623587 [4+] 0.623587 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.