Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/nipy-0.4.2/lib/fff/fff_array.c
Examining data/nipy-0.4.2/lib/fff/fff_array.h
Examining data/nipy-0.4.2/lib/fff/fff_base.c
Examining data/nipy-0.4.2/lib/fff/fff_base.h
Examining data/nipy-0.4.2/lib/fff/fff_blas.c
Examining data/nipy-0.4.2/lib/fff/fff_blas.h
Examining data/nipy-0.4.2/lib/fff/fff_gen_stats.c
Examining data/nipy-0.4.2/lib/fff/fff_gen_stats.h
Examining data/nipy-0.4.2/lib/fff/fff_glm_kalman.c
Examining data/nipy-0.4.2/lib/fff/fff_glm_kalman.h
Examining data/nipy-0.4.2/lib/fff/fff_glm_twolevel.c
Examining data/nipy-0.4.2/lib/fff/fff_glm_twolevel.h
Examining data/nipy-0.4.2/lib/fff/fff_lapack.c
Examining data/nipy-0.4.2/lib/fff/fff_lapack.h
Examining data/nipy-0.4.2/lib/fff/fff_matrix.c
Examining data/nipy-0.4.2/lib/fff/fff_matrix.h
Examining data/nipy-0.4.2/lib/fff/fff_onesample_stat.c
Examining data/nipy-0.4.2/lib/fff/fff_onesample_stat.h
Examining data/nipy-0.4.2/lib/fff/fff_routines.c
Examining data/nipy-0.4.2/lib/fff/fff_routines.h
Examining data/nipy-0.4.2/lib/fff/fff_specfun.c
Examining data/nipy-0.4.2/lib/fff/fff_specfun.h
Examining data/nipy-0.4.2/lib/fff/fff_twosample_stat.c
Examining data/nipy-0.4.2/lib/fff/fff_twosample_stat.h
Examining data/nipy-0.4.2/lib/fff/fff_vector.c
Examining data/nipy-0.4.2/lib/fff/fff_vector.h
Examining data/nipy-0.4.2/lib/fff_python_wrapper/fffpy.c
Examining data/nipy-0.4.2/lib/fff_python_wrapper/fffpy.h
Examining data/nipy-0.4.2/lib/lapack_lite/blas_lite.c
Examining data/nipy-0.4.2/lib/lapack_lite/dlamch.c
Examining data/nipy-0.4.2/lib/lapack_lite/dlapack_lite.c
Examining data/nipy-0.4.2/lib/lapack_lite/f2c.h
Examining data/nipy-0.4.2/lib/lapack_lite/f2c_lite.c
Examining data/nipy-0.4.2/nipy/algorithms/graph/_graph.c
Examining data/nipy-0.4.2/nipy/algorithms/registration/_registration.c
Examining data/nipy-0.4.2/nipy/algorithms/registration/_registration.h
Examining data/nipy-0.4.2/nipy/algorithms/registration/cubic_spline.c
Examining data/nipy-0.4.2/nipy/algorithms/registration/cubic_spline.h
Examining data/nipy-0.4.2/nipy/algorithms/registration/joint_histogram.c
Examining data/nipy-0.4.2/nipy/algorithms/registration/joint_histogram.h
Examining data/nipy-0.4.2/nipy/algorithms/registration/polyaffine.c
Examining data/nipy-0.4.2/nipy/algorithms/registration/polyaffine.h
Examining data/nipy-0.4.2/nipy/algorithms/registration/wichmann_prng.c
Examining data/nipy-0.4.2/nipy/algorithms/registration/wichmann_prng.h
Examining data/nipy-0.4.2/nipy/algorithms/segmentation/_segmentation.c
Examining data/nipy-0.4.2/nipy/algorithms/segmentation/_segmentation.h
Examining data/nipy-0.4.2/nipy/algorithms/segmentation/mrf.c
Examining data/nipy-0.4.2/nipy/algorithms/segmentation/mrf.h
Examining data/nipy-0.4.2/nipy/algorithms/statistics/_quantile.c
Examining data/nipy-0.4.2/nipy/algorithms/statistics/histogram.c
Examining data/nipy-0.4.2/nipy/algorithms/statistics/intvol.c
Examining data/nipy-0.4.2/nipy/algorithms/statistics/quantile.c
Examining data/nipy-0.4.2/nipy/algorithms/statistics/quantile.h
Examining data/nipy-0.4.2/nipy/labs/bindings/array.c
Examining data/nipy-0.4.2/nipy/labs/bindings/linalg.c
Examining data/nipy-0.4.2/nipy/labs/bindings/wrapper.c
Examining data/nipy-0.4.2/nipy/labs/glm/kalman.c
Examining data/nipy-0.4.2/nipy/labs/group/glm_twolevel.c
Examining data/nipy-0.4.2/nipy/labs/group/onesample.c
Examining data/nipy-0.4.2/nipy/labs/group/twosample.c
Examining data/nipy-0.4.2/nipy/labs/utils/routines.c
FINAL RESULTS:
data/nipy-0.4.2/nipy/algorithms/registration/_registration.c:504:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(__PYX_DEFAULT_STRING_ENCODING, default_encoding_c);
data/nipy-0.4.2/nipy/algorithms/segmentation/_segmentation.c:422:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(__PYX_DEFAULT_STRING_ENCODING, default_encoding_c);
data/nipy-0.4.2/nipy/algorithms/statistics/intvol.c:696:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(__PYX_DEFAULT_STRING_ENCODING, default_encoding_c);
data/nipy-0.4.2/nipy/labs/group/glm_twolevel.c:426:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(__PYX_DEFAULT_STRING_ENCODING, default_encoding_c);
data/nipy-0.4.2/nipy/labs/group/onesample.c:426:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(__PYX_DEFAULT_STRING_ENCODING, default_encoding_c);
data/nipy-0.4.2/nipy/labs/group/twosample.c:426:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(__PYX_DEFAULT_STRING_ENCODING, default_encoding_c);
data/nipy-0.4.2/nipy/labs/utils/routines.c:410:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(__PYX_DEFAULT_STRING_ENCODING, default_encoding_c);
data/nipy-0.4.2/nipy/algorithms/registration/wichmann_prng.c:13:3: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(seed);
data/nipy-0.4.2/lib/fff/fff_matrix.c:239:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)A->data, (void*)B->data, A->size1*A->size2*sizeof(double));
data/nipy-0.4.2/lib/fff/fff_vector.c:77:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)x->data, (void*)y->data, x->size*sizeof(double));
data/nipy-0.4.2/lib/lapack_lite/dlapack_lite.c:2647:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char side[1];
data/nipy-0.4.2/lib/lapack_lite/dlapack_lite.c:7478:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ch__1[2];
data/nipy-0.4.2/lib/lapack_lite/dlapack_lite.c:17276:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char jbcmpz[2];
data/nipy-0.4.2/lib/lapack_lite/dlapack_lite.c:19540:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char jbcmpz[2];
data/nipy-0.4.2/lib/lapack_lite/dlapack_lite.c:21486:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char transt[1];
data/nipy-0.4.2/lib/lapack_lite/dlapack_lite.c:34307:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ch__1[2];
data/nipy-0.4.2/lib/lapack_lite/dlapack_lite.c:34327:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char transt[1];
data/nipy-0.4.2/lib/lapack_lite/dlapack_lite.c:34844:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ch__1[2];
data/nipy-0.4.2/lib/lapack_lite/dlapack_lite.c:34870:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char transt[1];
data/nipy-0.4.2/lib/lapack_lite/dlapack_lite.c:35154:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ch__1[2];
data/nipy-0.4.2/lib/lapack_lite/dlapack_lite.c:35457:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ch__1[2];
data/nipy-0.4.2/lib/lapack_lite/dlapack_lite.c:35759:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ch__1[2];
data/nipy-0.4.2/lib/lapack_lite/dlapack_lite.c:40661:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char c1[1], c2[2], c3[3], c4[2];
data/nipy-0.4.2/lib/lapack_lite/dlapack_lite.c:40665:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char subnam[6];
data/nipy-0.4.2/nipy/algorithms/graph/_graph.c:5557:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctversion[4], rtversion[4];
data/nipy-0.4.2/nipy/algorithms/graph/_graph.c:5561:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[200];
data/nipy-0.4.2/nipy/algorithms/graph/_graph.c:5600:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char warning[200];
data/nipy-0.4.2/nipy/algorithms/registration/_registration.c:458:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ascii_chars[128];
data/nipy-0.4.2/nipy/algorithms/registration/_registration.c:7841:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctversion[4], rtversion[4];
data/nipy-0.4.2/nipy/algorithms/registration/_registration.c:7845:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[200];
data/nipy-0.4.2/nipy/algorithms/registration/_registration.c:7884:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char warning[200];
data/nipy-0.4.2/nipy/algorithms/registration/polyaffine.c:101:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)xyz, (void*)t_xyz, bytes_xyz);
data/nipy-0.4.2/nipy/algorithms/segmentation/_segmentation.c:375:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ascii_chars[128];
data/nipy-0.4.2/nipy/algorithms/segmentation/_segmentation.c:6471:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctversion[4], rtversion[4];
data/nipy-0.4.2/nipy/algorithms/segmentation/_segmentation.c:6475:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[200];
data/nipy-0.4.2/nipy/algorithms/segmentation/_segmentation.c:6510:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char warning[200];
data/nipy-0.4.2/nipy/algorithms/statistics/_quantile.c:5194:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctversion[4], rtversion[4];
data/nipy-0.4.2/nipy/algorithms/statistics/_quantile.c:5198:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[200];
data/nipy-0.4.2/nipy/algorithms/statistics/_quantile.c:5237:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char warning[200];
data/nipy-0.4.2/nipy/algorithms/statistics/histogram.c:4514:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctversion[4], rtversion[4];
data/nipy-0.4.2/nipy/algorithms/statistics/histogram.c:4518:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[200];
data/nipy-0.4.2/nipy/algorithms/statistics/histogram.c:4557:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char warning[200];
data/nipy-0.4.2/nipy/algorithms/statistics/intvol.c:649:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ascii_chars[128];
data/nipy-0.4.2/nipy/algorithms/statistics/intvol.c:26572:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctversion[4], rtversion[4];
data/nipy-0.4.2/nipy/algorithms/statistics/intvol.c:26576:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[200];
data/nipy-0.4.2/nipy/algorithms/statistics/intvol.c:26613:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char warning[200];
data/nipy-0.4.2/nipy/labs/bindings/array.c:6014:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctversion[4], rtversion[4];
data/nipy-0.4.2/nipy/labs/bindings/array.c:6018:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[200];
data/nipy-0.4.2/nipy/labs/bindings/array.c:6057:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char warning[200];
data/nipy-0.4.2/nipy/labs/bindings/linalg.c:10732:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctversion[4], rtversion[4];
data/nipy-0.4.2/nipy/labs/bindings/linalg.c:10736:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[200];
data/nipy-0.4.2/nipy/labs/bindings/linalg.c:10775:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char warning[200];
data/nipy-0.4.2/nipy/labs/bindings/wrapper.c:6770:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctversion[4], rtversion[4];
data/nipy-0.4.2/nipy/labs/bindings/wrapper.c:6774:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[200];
data/nipy-0.4.2/nipy/labs/bindings/wrapper.c:6813:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char warning[200];
data/nipy-0.4.2/nipy/labs/glm/kalman.c:5831:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctversion[4], rtversion[4];
data/nipy-0.4.2/nipy/labs/glm/kalman.c:5835:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[200];
data/nipy-0.4.2/nipy/labs/glm/kalman.c:5874:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char warning[200];
data/nipy-0.4.2/nipy/labs/group/glm_twolevel.c:379:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ascii_chars[128];
data/nipy-0.4.2/nipy/labs/group/glm_twolevel.c:7477:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctversion[4], rtversion[4];
data/nipy-0.4.2/nipy/labs/group/glm_twolevel.c:7481:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[200];
data/nipy-0.4.2/nipy/labs/group/glm_twolevel.c:7516:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char warning[200];
data/nipy-0.4.2/nipy/labs/group/onesample.c:379:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ascii_chars[128];
data/nipy-0.4.2/nipy/labs/group/onesample.c:7976:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctversion[4], rtversion[4];
data/nipy-0.4.2/nipy/labs/group/onesample.c:7980:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[200];
data/nipy-0.4.2/nipy/labs/group/onesample.c:8015:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char warning[200];
data/nipy-0.4.2/nipy/labs/group/twosample.c:379:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ascii_chars[128];
data/nipy-0.4.2/nipy/labs/group/twosample.c:7179:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctversion[4], rtversion[4];
data/nipy-0.4.2/nipy/labs/group/twosample.c:7183:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[200];
data/nipy-0.4.2/nipy/labs/group/twosample.c:7218:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char warning[200];
data/nipy-0.4.2/nipy/labs/utils/routines.c:363:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ascii_chars[128];
data/nipy-0.4.2/nipy/labs/utils/routines.c:7698:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctversion[4], rtversion[4];
data/nipy-0.4.2/nipy/labs/utils/routines.c:7702:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[200];
data/nipy-0.4.2/nipy/labs/utils/routines.c:7737:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char warning[200];
data/nipy-0.4.2/nipy/algorithms/graph/_graph.c:110:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define PyUnicode_FromString(s) PyUnicode_Decode(s, strlen(s), "UTF-8", "strict")
data/nipy-0.4.2/nipy/algorithms/registration/_registration.c:128:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define PyUnicode_FromString(s) PyUnicode_Decode(s, strlen(s), "UTF-8", "strict")
data/nipy-0.4.2/nipy/algorithms/registration/_registration.c:399:87: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define __Pyx_PyByteArray_FromString(s) PyByteArray_FromStringAndSize((const char*)s, strlen((const char*)s))
data/nipy-0.4.2/nipy/algorithms/registration/_registration.c:503:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
__PYX_DEFAULT_STRING_ENCODING = (char*) malloc(strlen(default_encoding_c));
data/nipy-0.4.2/nipy/algorithms/registration/_registration.c:8137:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return __Pyx_PyUnicode_FromStringAndSize(c_str, strlen(c_str));
data/nipy-0.4.2/nipy/algorithms/segmentation/_segmentation.c:312:87: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define __Pyx_PyByteArray_FromString(s) PyByteArray_FromStringAndSize((const char*)s, strlen((const char*)s))
data/nipy-0.4.2/nipy/algorithms/segmentation/_segmentation.c:420:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
__PYX_DEFAULT_STRING_ENCODING = (char*) malloc(strlen(default_encoding_c));
data/nipy-0.4.2/nipy/algorithms/segmentation/_segmentation.c:6597:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return __Pyx_PyUnicode_FromStringAndSize(c_str, (Py_ssize_t)strlen(c_str));
data/nipy-0.4.2/nipy/algorithms/statistics/_quantile.c:110:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define PyUnicode_FromString(s) PyUnicode_Decode(s, strlen(s), "UTF-8", "strict")
data/nipy-0.4.2/nipy/algorithms/statistics/histogram.c:110:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define PyUnicode_FromString(s) PyUnicode_Decode(s, strlen(s), "UTF-8", "strict")
data/nipy-0.4.2/nipy/algorithms/statistics/intvol.c:574:87: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define __Pyx_PyByteArray_FromString(s) PyByteArray_FromStringAndSize((const char*)s, strlen((const char*)s))
data/nipy-0.4.2/nipy/algorithms/statistics/intvol.c:694:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
__PYX_DEFAULT_STRING_ENCODING = (char*) malloc(strlen(default_encoding_c));
data/nipy-0.4.2/nipy/algorithms/statistics/intvol.c:26703:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return __Pyx_PyUnicode_FromStringAndSize(c_str, (Py_ssize_t)strlen(c_str));
data/nipy-0.4.2/nipy/labs/bindings/array.c:110:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define PyUnicode_FromString(s) PyUnicode_Decode(s, strlen(s), "UTF-8", "strict")
data/nipy-0.4.2/nipy/labs/bindings/linalg.c:110:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define PyUnicode_FromString(s) PyUnicode_Decode(s, strlen(s), "UTF-8", "strict")
data/nipy-0.4.2/nipy/labs/bindings/wrapper.c:110:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define PyUnicode_FromString(s) PyUnicode_Decode(s, strlen(s), "UTF-8", "strict")
data/nipy-0.4.2/nipy/labs/glm/kalman.c:110:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define PyUnicode_FromString(s) PyUnicode_Decode(s, strlen(s), "UTF-8", "strict")
data/nipy-0.4.2/nipy/labs/group/glm_twolevel.c:316:87: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define __Pyx_PyByteArray_FromString(s) PyByteArray_FromStringAndSize((const char*)s, strlen((const char*)s))
data/nipy-0.4.2/nipy/labs/group/glm_twolevel.c:424:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
__PYX_DEFAULT_STRING_ENCODING = (char*) malloc(strlen(default_encoding_c));
data/nipy-0.4.2/nipy/labs/group/glm_twolevel.c:7603:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return __Pyx_PyUnicode_FromStringAndSize(c_str, (Py_ssize_t)strlen(c_str));
data/nipy-0.4.2/nipy/labs/group/onesample.c:316:87: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define __Pyx_PyByteArray_FromString(s) PyByteArray_FromStringAndSize((const char*)s, strlen((const char*)s))
data/nipy-0.4.2/nipy/labs/group/onesample.c:424:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
__PYX_DEFAULT_STRING_ENCODING = (char*) malloc(strlen(default_encoding_c));
data/nipy-0.4.2/nipy/labs/group/onesample.c:8102:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return __Pyx_PyUnicode_FromStringAndSize(c_str, (Py_ssize_t)strlen(c_str));
data/nipy-0.4.2/nipy/labs/group/twosample.c:316:87: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define __Pyx_PyByteArray_FromString(s) PyByteArray_FromStringAndSize((const char*)s, strlen((const char*)s))
data/nipy-0.4.2/nipy/labs/group/twosample.c:424:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
__PYX_DEFAULT_STRING_ENCODING = (char*) malloc(strlen(default_encoding_c));
data/nipy-0.4.2/nipy/labs/group/twosample.c:7305:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return __Pyx_PyUnicode_FromStringAndSize(c_str, (Py_ssize_t)strlen(c_str));
data/nipy-0.4.2/nipy/labs/utils/routines.c:301:87: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define __Pyx_PyByteArray_FromString(s) PyByteArray_FromStringAndSize((const char*)s, strlen((const char*)s))
data/nipy-0.4.2/nipy/labs/utils/routines.c:408:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
__PYX_DEFAULT_STRING_ENCODING = (char*) malloc(strlen(default_encoding_c));
data/nipy-0.4.2/nipy/labs/utils/routines.c:7824:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return __Pyx_PyUnicode_FromStringAndSize(c_str, (Py_ssize_t)strlen(c_str));
ANALYSIS SUMMARY:
Hits = 103
Lines analyzed = 179613 in approximately 5.37 seconds (33447 lines/second)
Physical Source Lines of Code (SLOC) = 113874
Hits@level = [0] 20 [1] 29 [2] 66 [3] 1 [4] 7 [5] 0
Hits@level+ = [0+] 123 [1+] 103 [2+] 74 [3+] 8 [4+] 7 [5+] 0
Hits/KSLOC@level+ = [0+] 1.08014 [1+] 0.904508 [2+] 0.649841 [3+] 0.0702531 [4+] 0.0614715 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.