Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/nipy-0.4.2/lib/fff/fff_array.c Examining data/nipy-0.4.2/lib/fff/fff_array.h Examining data/nipy-0.4.2/lib/fff/fff_base.c Examining data/nipy-0.4.2/lib/fff/fff_base.h Examining data/nipy-0.4.2/lib/fff/fff_blas.c Examining data/nipy-0.4.2/lib/fff/fff_blas.h Examining data/nipy-0.4.2/lib/fff/fff_gen_stats.c Examining data/nipy-0.4.2/lib/fff/fff_gen_stats.h Examining data/nipy-0.4.2/lib/fff/fff_glm_kalman.c Examining data/nipy-0.4.2/lib/fff/fff_glm_kalman.h Examining data/nipy-0.4.2/lib/fff/fff_glm_twolevel.c Examining data/nipy-0.4.2/lib/fff/fff_glm_twolevel.h Examining data/nipy-0.4.2/lib/fff/fff_lapack.c Examining data/nipy-0.4.2/lib/fff/fff_lapack.h Examining data/nipy-0.4.2/lib/fff/fff_matrix.c Examining data/nipy-0.4.2/lib/fff/fff_matrix.h Examining data/nipy-0.4.2/lib/fff/fff_onesample_stat.c Examining data/nipy-0.4.2/lib/fff/fff_onesample_stat.h Examining data/nipy-0.4.2/lib/fff/fff_routines.c Examining data/nipy-0.4.2/lib/fff/fff_routines.h Examining data/nipy-0.4.2/lib/fff/fff_specfun.c Examining data/nipy-0.4.2/lib/fff/fff_specfun.h Examining data/nipy-0.4.2/lib/fff/fff_twosample_stat.c Examining data/nipy-0.4.2/lib/fff/fff_twosample_stat.h Examining data/nipy-0.4.2/lib/fff/fff_vector.c Examining data/nipy-0.4.2/lib/fff/fff_vector.h Examining data/nipy-0.4.2/lib/fff_python_wrapper/fffpy.c Examining data/nipy-0.4.2/lib/fff_python_wrapper/fffpy.h Examining data/nipy-0.4.2/lib/lapack_lite/blas_lite.c Examining data/nipy-0.4.2/lib/lapack_lite/dlamch.c Examining data/nipy-0.4.2/lib/lapack_lite/dlapack_lite.c Examining data/nipy-0.4.2/lib/lapack_lite/f2c.h Examining data/nipy-0.4.2/lib/lapack_lite/f2c_lite.c Examining data/nipy-0.4.2/nipy/algorithms/graph/_graph.c Examining data/nipy-0.4.2/nipy/algorithms/registration/_registration.c Examining data/nipy-0.4.2/nipy/algorithms/registration/_registration.h Examining data/nipy-0.4.2/nipy/algorithms/registration/cubic_spline.c Examining data/nipy-0.4.2/nipy/algorithms/registration/cubic_spline.h Examining data/nipy-0.4.2/nipy/algorithms/registration/joint_histogram.c Examining data/nipy-0.4.2/nipy/algorithms/registration/joint_histogram.h Examining data/nipy-0.4.2/nipy/algorithms/registration/polyaffine.c Examining data/nipy-0.4.2/nipy/algorithms/registration/polyaffine.h Examining data/nipy-0.4.2/nipy/algorithms/registration/wichmann_prng.c Examining data/nipy-0.4.2/nipy/algorithms/registration/wichmann_prng.h Examining data/nipy-0.4.2/nipy/algorithms/segmentation/_segmentation.c Examining data/nipy-0.4.2/nipy/algorithms/segmentation/_segmentation.h Examining data/nipy-0.4.2/nipy/algorithms/segmentation/mrf.c Examining data/nipy-0.4.2/nipy/algorithms/segmentation/mrf.h Examining data/nipy-0.4.2/nipy/algorithms/statistics/_quantile.c Examining data/nipy-0.4.2/nipy/algorithms/statistics/histogram.c Examining data/nipy-0.4.2/nipy/algorithms/statistics/intvol.c Examining data/nipy-0.4.2/nipy/algorithms/statistics/quantile.c Examining data/nipy-0.4.2/nipy/algorithms/statistics/quantile.h Examining data/nipy-0.4.2/nipy/labs/bindings/array.c Examining data/nipy-0.4.2/nipy/labs/bindings/linalg.c Examining data/nipy-0.4.2/nipy/labs/bindings/wrapper.c Examining data/nipy-0.4.2/nipy/labs/glm/kalman.c Examining data/nipy-0.4.2/nipy/labs/group/glm_twolevel.c Examining data/nipy-0.4.2/nipy/labs/group/onesample.c Examining data/nipy-0.4.2/nipy/labs/group/twosample.c Examining data/nipy-0.4.2/nipy/labs/utils/routines.c FINAL RESULTS: data/nipy-0.4.2/nipy/algorithms/registration/_registration.c:504:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(__PYX_DEFAULT_STRING_ENCODING, default_encoding_c); data/nipy-0.4.2/nipy/algorithms/segmentation/_segmentation.c:422:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(__PYX_DEFAULT_STRING_ENCODING, default_encoding_c); data/nipy-0.4.2/nipy/algorithms/statistics/intvol.c:696:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(__PYX_DEFAULT_STRING_ENCODING, default_encoding_c); data/nipy-0.4.2/nipy/labs/group/glm_twolevel.c:426:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(__PYX_DEFAULT_STRING_ENCODING, default_encoding_c); data/nipy-0.4.2/nipy/labs/group/onesample.c:426:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(__PYX_DEFAULT_STRING_ENCODING, default_encoding_c); data/nipy-0.4.2/nipy/labs/group/twosample.c:426:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(__PYX_DEFAULT_STRING_ENCODING, default_encoding_c); data/nipy-0.4.2/nipy/labs/utils/routines.c:410:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(__PYX_DEFAULT_STRING_ENCODING, default_encoding_c); data/nipy-0.4.2/nipy/algorithms/registration/wichmann_prng.c:13:3: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(seed); data/nipy-0.4.2/lib/fff/fff_matrix.c:239:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void*)A->data, (void*)B->data, A->size1*A->size2*sizeof(double)); data/nipy-0.4.2/lib/fff/fff_vector.c:77:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void*)x->data, (void*)y->data, x->size*sizeof(double)); data/nipy-0.4.2/lib/lapack_lite/dlapack_lite.c:2647:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char side[1]; data/nipy-0.4.2/lib/lapack_lite/dlapack_lite.c:7478:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ch__1[2]; data/nipy-0.4.2/lib/lapack_lite/dlapack_lite.c:17276:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char jbcmpz[2]; data/nipy-0.4.2/lib/lapack_lite/dlapack_lite.c:19540:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char jbcmpz[2]; data/nipy-0.4.2/lib/lapack_lite/dlapack_lite.c:21486:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char transt[1]; data/nipy-0.4.2/lib/lapack_lite/dlapack_lite.c:34307:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ch__1[2]; data/nipy-0.4.2/lib/lapack_lite/dlapack_lite.c:34327:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char transt[1]; data/nipy-0.4.2/lib/lapack_lite/dlapack_lite.c:34844:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ch__1[2]; data/nipy-0.4.2/lib/lapack_lite/dlapack_lite.c:34870:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char transt[1]; data/nipy-0.4.2/lib/lapack_lite/dlapack_lite.c:35154:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ch__1[2]; data/nipy-0.4.2/lib/lapack_lite/dlapack_lite.c:35457:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ch__1[2]; data/nipy-0.4.2/lib/lapack_lite/dlapack_lite.c:35759:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ch__1[2]; data/nipy-0.4.2/lib/lapack_lite/dlapack_lite.c:40661:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char c1[1], c2[2], c3[3], c4[2]; data/nipy-0.4.2/lib/lapack_lite/dlapack_lite.c:40665:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char subnam[6]; data/nipy-0.4.2/nipy/algorithms/graph/_graph.c:5557:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctversion[4], rtversion[4]; data/nipy-0.4.2/nipy/algorithms/graph/_graph.c:5561:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[200]; data/nipy-0.4.2/nipy/algorithms/graph/_graph.c:5600:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char warning[200]; data/nipy-0.4.2/nipy/algorithms/registration/_registration.c:458:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ascii_chars[128]; data/nipy-0.4.2/nipy/algorithms/registration/_registration.c:7841:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctversion[4], rtversion[4]; data/nipy-0.4.2/nipy/algorithms/registration/_registration.c:7845:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[200]; data/nipy-0.4.2/nipy/algorithms/registration/_registration.c:7884:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char warning[200]; data/nipy-0.4.2/nipy/algorithms/registration/polyaffine.c:101:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void*)xyz, (void*)t_xyz, bytes_xyz); data/nipy-0.4.2/nipy/algorithms/segmentation/_segmentation.c:375:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ascii_chars[128]; data/nipy-0.4.2/nipy/algorithms/segmentation/_segmentation.c:6471:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctversion[4], rtversion[4]; data/nipy-0.4.2/nipy/algorithms/segmentation/_segmentation.c:6475:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[200]; data/nipy-0.4.2/nipy/algorithms/segmentation/_segmentation.c:6510:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char warning[200]; data/nipy-0.4.2/nipy/algorithms/statistics/_quantile.c:5194:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctversion[4], rtversion[4]; data/nipy-0.4.2/nipy/algorithms/statistics/_quantile.c:5198:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[200]; data/nipy-0.4.2/nipy/algorithms/statistics/_quantile.c:5237:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char warning[200]; data/nipy-0.4.2/nipy/algorithms/statistics/histogram.c:4514:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctversion[4], rtversion[4]; data/nipy-0.4.2/nipy/algorithms/statistics/histogram.c:4518:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[200]; data/nipy-0.4.2/nipy/algorithms/statistics/histogram.c:4557:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char warning[200]; data/nipy-0.4.2/nipy/algorithms/statistics/intvol.c:649:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ascii_chars[128]; data/nipy-0.4.2/nipy/algorithms/statistics/intvol.c:26572:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctversion[4], rtversion[4]; data/nipy-0.4.2/nipy/algorithms/statistics/intvol.c:26576:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[200]; data/nipy-0.4.2/nipy/algorithms/statistics/intvol.c:26613:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char warning[200]; data/nipy-0.4.2/nipy/labs/bindings/array.c:6014:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctversion[4], rtversion[4]; data/nipy-0.4.2/nipy/labs/bindings/array.c:6018:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[200]; data/nipy-0.4.2/nipy/labs/bindings/array.c:6057:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char warning[200]; data/nipy-0.4.2/nipy/labs/bindings/linalg.c:10732:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctversion[4], rtversion[4]; data/nipy-0.4.2/nipy/labs/bindings/linalg.c:10736:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[200]; data/nipy-0.4.2/nipy/labs/bindings/linalg.c:10775:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char warning[200]; data/nipy-0.4.2/nipy/labs/bindings/wrapper.c:6770:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctversion[4], rtversion[4]; data/nipy-0.4.2/nipy/labs/bindings/wrapper.c:6774:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[200]; data/nipy-0.4.2/nipy/labs/bindings/wrapper.c:6813:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char warning[200]; data/nipy-0.4.2/nipy/labs/glm/kalman.c:5831:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctversion[4], rtversion[4]; data/nipy-0.4.2/nipy/labs/glm/kalman.c:5835:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[200]; data/nipy-0.4.2/nipy/labs/glm/kalman.c:5874:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char warning[200]; data/nipy-0.4.2/nipy/labs/group/glm_twolevel.c:379:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ascii_chars[128]; data/nipy-0.4.2/nipy/labs/group/glm_twolevel.c:7477:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctversion[4], rtversion[4]; data/nipy-0.4.2/nipy/labs/group/glm_twolevel.c:7481:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[200]; data/nipy-0.4.2/nipy/labs/group/glm_twolevel.c:7516:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char warning[200]; data/nipy-0.4.2/nipy/labs/group/onesample.c:379:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ascii_chars[128]; data/nipy-0.4.2/nipy/labs/group/onesample.c:7976:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctversion[4], rtversion[4]; data/nipy-0.4.2/nipy/labs/group/onesample.c:7980:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[200]; data/nipy-0.4.2/nipy/labs/group/onesample.c:8015:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char warning[200]; data/nipy-0.4.2/nipy/labs/group/twosample.c:379:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ascii_chars[128]; data/nipy-0.4.2/nipy/labs/group/twosample.c:7179:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctversion[4], rtversion[4]; data/nipy-0.4.2/nipy/labs/group/twosample.c:7183:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[200]; data/nipy-0.4.2/nipy/labs/group/twosample.c:7218:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char warning[200]; data/nipy-0.4.2/nipy/labs/utils/routines.c:363:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ascii_chars[128]; data/nipy-0.4.2/nipy/labs/utils/routines.c:7698:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctversion[4], rtversion[4]; data/nipy-0.4.2/nipy/labs/utils/routines.c:7702:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[200]; data/nipy-0.4.2/nipy/labs/utils/routines.c:7737:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char warning[200]; data/nipy-0.4.2/nipy/algorithms/graph/_graph.c:110:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define PyUnicode_FromString(s) PyUnicode_Decode(s, strlen(s), "UTF-8", "strict") data/nipy-0.4.2/nipy/algorithms/registration/_registration.c:128:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define PyUnicode_FromString(s) PyUnicode_Decode(s, strlen(s), "UTF-8", "strict") data/nipy-0.4.2/nipy/algorithms/registration/_registration.c:399:87: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define __Pyx_PyByteArray_FromString(s) PyByteArray_FromStringAndSize((const char*)s, strlen((const char*)s)) data/nipy-0.4.2/nipy/algorithms/registration/_registration.c:503:52: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). __PYX_DEFAULT_STRING_ENCODING = (char*) malloc(strlen(default_encoding_c)); data/nipy-0.4.2/nipy/algorithms/registration/_registration.c:8137:53: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return __Pyx_PyUnicode_FromStringAndSize(c_str, strlen(c_str)); data/nipy-0.4.2/nipy/algorithms/segmentation/_segmentation.c:312:87: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define __Pyx_PyByteArray_FromString(s) PyByteArray_FromStringAndSize((const char*)s, strlen((const char*)s)) data/nipy-0.4.2/nipy/algorithms/segmentation/_segmentation.c:420:52: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). __PYX_DEFAULT_STRING_ENCODING = (char*) malloc(strlen(default_encoding_c)); data/nipy-0.4.2/nipy/algorithms/segmentation/_segmentation.c:6597:65: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return __Pyx_PyUnicode_FromStringAndSize(c_str, (Py_ssize_t)strlen(c_str)); data/nipy-0.4.2/nipy/algorithms/statistics/_quantile.c:110:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define PyUnicode_FromString(s) PyUnicode_Decode(s, strlen(s), "UTF-8", "strict") data/nipy-0.4.2/nipy/algorithms/statistics/histogram.c:110:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define PyUnicode_FromString(s) PyUnicode_Decode(s, strlen(s), "UTF-8", "strict") data/nipy-0.4.2/nipy/algorithms/statistics/intvol.c:574:87: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define __Pyx_PyByteArray_FromString(s) PyByteArray_FromStringAndSize((const char*)s, strlen((const char*)s)) data/nipy-0.4.2/nipy/algorithms/statistics/intvol.c:694:52: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). __PYX_DEFAULT_STRING_ENCODING = (char*) malloc(strlen(default_encoding_c)); data/nipy-0.4.2/nipy/algorithms/statistics/intvol.c:26703:65: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return __Pyx_PyUnicode_FromStringAndSize(c_str, (Py_ssize_t)strlen(c_str)); data/nipy-0.4.2/nipy/labs/bindings/array.c:110:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define PyUnicode_FromString(s) PyUnicode_Decode(s, strlen(s), "UTF-8", "strict") data/nipy-0.4.2/nipy/labs/bindings/linalg.c:110:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define PyUnicode_FromString(s) PyUnicode_Decode(s, strlen(s), "UTF-8", "strict") data/nipy-0.4.2/nipy/labs/bindings/wrapper.c:110:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define PyUnicode_FromString(s) PyUnicode_Decode(s, strlen(s), "UTF-8", "strict") data/nipy-0.4.2/nipy/labs/glm/kalman.c:110:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define PyUnicode_FromString(s) PyUnicode_Decode(s, strlen(s), "UTF-8", "strict") data/nipy-0.4.2/nipy/labs/group/glm_twolevel.c:316:87: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define __Pyx_PyByteArray_FromString(s) PyByteArray_FromStringAndSize((const char*)s, strlen((const char*)s)) data/nipy-0.4.2/nipy/labs/group/glm_twolevel.c:424:52: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). __PYX_DEFAULT_STRING_ENCODING = (char*) malloc(strlen(default_encoding_c)); data/nipy-0.4.2/nipy/labs/group/glm_twolevel.c:7603:65: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return __Pyx_PyUnicode_FromStringAndSize(c_str, (Py_ssize_t)strlen(c_str)); data/nipy-0.4.2/nipy/labs/group/onesample.c:316:87: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define __Pyx_PyByteArray_FromString(s) PyByteArray_FromStringAndSize((const char*)s, strlen((const char*)s)) data/nipy-0.4.2/nipy/labs/group/onesample.c:424:52: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). __PYX_DEFAULT_STRING_ENCODING = (char*) malloc(strlen(default_encoding_c)); data/nipy-0.4.2/nipy/labs/group/onesample.c:8102:65: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return __Pyx_PyUnicode_FromStringAndSize(c_str, (Py_ssize_t)strlen(c_str)); data/nipy-0.4.2/nipy/labs/group/twosample.c:316:87: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define __Pyx_PyByteArray_FromString(s) PyByteArray_FromStringAndSize((const char*)s, strlen((const char*)s)) data/nipy-0.4.2/nipy/labs/group/twosample.c:424:52: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). __PYX_DEFAULT_STRING_ENCODING = (char*) malloc(strlen(default_encoding_c)); data/nipy-0.4.2/nipy/labs/group/twosample.c:7305:65: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return __Pyx_PyUnicode_FromStringAndSize(c_str, (Py_ssize_t)strlen(c_str)); data/nipy-0.4.2/nipy/labs/utils/routines.c:301:87: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define __Pyx_PyByteArray_FromString(s) PyByteArray_FromStringAndSize((const char*)s, strlen((const char*)s)) data/nipy-0.4.2/nipy/labs/utils/routines.c:408:52: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). __PYX_DEFAULT_STRING_ENCODING = (char*) malloc(strlen(default_encoding_c)); data/nipy-0.4.2/nipy/labs/utils/routines.c:7824:65: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return __Pyx_PyUnicode_FromStringAndSize(c_str, (Py_ssize_t)strlen(c_str)); ANALYSIS SUMMARY: Hits = 103 Lines analyzed = 179613 in approximately 5.37 seconds (33447 lines/second) Physical Source Lines of Code (SLOC) = 113874 Hits@level = [0] 20 [1] 29 [2] 66 [3] 1 [4] 7 [5] 0 Hits@level+ = [0+] 123 [1+] 103 [2+] 74 [3+] 8 [4+] 7 [5+] 0 Hits/KSLOC@level+ = [0+] 1.08014 [1+] 0.904508 [2+] 0.649841 [3+] 0.0702531 [4+] 0.0614715 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.