Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/numba-0.51.2/numba/_arraystruct.h
Examining data/numba-0.51.2/numba/_dispatcher.c
Examining data/numba-0.51.2/numba/_dispatcher.h
Examining data/numba-0.51.2/numba/_dispatcherimpl.cpp
Examining data/numba-0.51.2/numba/_dynfunc.c
Examining data/numba-0.51.2/numba/_dynfuncmod.c
Examining data/numba-0.51.2/numba/_hashtable.c
Examining data/numba-0.51.2/numba/_hashtable.h
Examining data/numba-0.51.2/numba/_helperlib.c
Examining data/numba-0.51.2/numba/_helpermod.c
Examining data/numba-0.51.2/numba/_lapack.c
Examining data/numba-0.51.2/numba/_npymath_exports.c
Examining data/numba-0.51.2/numba/_numba_common.h
Examining data/numba-0.51.2/numba/_pymodule.h
Examining data/numba-0.51.2/numba/_random.c
Examining data/numba-0.51.2/numba/_typeof.c
Examining data/numba-0.51.2/numba/_typeof.h
Examining data/numba-0.51.2/numba/_unicodetype_db.h
Examining data/numba-0.51.2/numba/capsulethunk.h
Examining data/numba-0.51.2/numba/cext/cext.h
Examining data/numba-0.51.2/numba/cext/dictobject.c
Examining data/numba-0.51.2/numba/cext/dictobject.h
Examining data/numba-0.51.2/numba/cext/listobject.c
Examining data/numba-0.51.2/numba/cext/listobject.h
Examining data/numba-0.51.2/numba/cext/utils.c
Examining data/numba-0.51.2/numba/core/runtime/_nrt_python.c
Examining data/numba-0.51.2/numba/core/runtime/_nrt_pythonmod.c
Examining data/numba-0.51.2/numba/core/runtime/nrt.c
Examining data/numba-0.51.2/numba/core/runtime/nrt.h
Examining data/numba-0.51.2/numba/core/runtime/nrt_external.h
Examining data/numba-0.51.2/numba/core/typeconv/_typeconv.cpp
Examining data/numba-0.51.2/numba/core/typeconv/test.cpp
Examining data/numba-0.51.2/numba/core/typeconv/typeconv.cpp
Examining data/numba-0.51.2/numba/core/typeconv/typeconv.hpp
Examining data/numba-0.51.2/numba/cuda/cudadrv/_extras.c
Examining data/numba-0.51.2/numba/experimental/jitclass/_box.c
Examining data/numba-0.51.2/numba/mathnames.h
Examining data/numba-0.51.2/numba/mviewbuf.c
Examining data/numba-0.51.2/numba/np/ufunc/_internal.c
Examining data/numba-0.51.2/numba/np/ufunc/_internal.h
Examining data/numba-0.51.2/numba/np/ufunc/_num_threads.c
Examining data/numba-0.51.2/numba/np/ufunc/_ufunc.c
Examining data/numba-0.51.2/numba/np/ufunc/gufunc_scheduler.cpp
Examining data/numba-0.51.2/numba/np/ufunc/gufunc_scheduler.h
Examining data/numba-0.51.2/numba/np/ufunc/omppool.cpp
Examining data/numba-0.51.2/numba/np/ufunc/tbbpool.cpp
Examining data/numba-0.51.2/numba/np/ufunc/workqueue.c
Examining data/numba-0.51.2/numba/np/ufunc/workqueue.h
Examining data/numba-0.51.2/numba/pycc/modulemixin.c
FINAL RESULTS:
data/numba-0.51.2/numba/_dynfunc.c:239:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, tmp);
data/numba-0.51.2/numba/core/runtime/nrt.c:443:4: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, args);
data/numba-0.51.2/numba/np/ufunc/workqueue.c:152:5: [3] (misc) InitializeCriticalSection:
Exceptions can be thrown in low-memory situations. Use
InitializeCriticalSectionAndSpinCount instead.
InitializeCriticalSection(&qc->cs);
data/numba-0.51.2/numba/np/ufunc/workqueue.c:159:5: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
EnterCriticalSection(&qc->cs);
data/numba-0.51.2/numba/_dynfunc.c:314:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char state[0];
data/numba-0.51.2/numba/_dynfunc.c:431:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(gen->state, initial_state, gen_state_size);
data/numba-0.51.2/numba/_hashtable.c:341:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_Numba_HASHTABLE_ENTRY_DATA(entry), data, data_size);
data/numba-0.51.2/numba/_hashtable.h:42:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(DATA, _Numba_HASHTABLE_ENTRY_DATA(ENTRY), DATA_SIZE); \
data/numba-0.51.2/numba/_typeof.c:56:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char static_buf[40];
data/numba-0.51.2/numba/_typeof.c:81:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->buf, src->buf, src->n);
data/numba-0.51.2/numba/_typeof.c:165:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(w->buf + w->n, s, N);
data/numba-0.51.2/numba/cext/dictobject.c:416:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, dk->key_size);
data/numba-0.51.2/numba/cext/dictobject.c:421:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, dk->val_size);
data/numba-0.51.2/numba/cext/dictobject.c:810:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&d->keys->methods, &oldkeys->methods, sizeof(type_based_methods_table));
data/numba-0.51.2/numba/cext/dictobject.c:819:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newentries, oldentries, numentries * oldkeys->entry_size);
data/numba-0.51.2/numba/cext/dictobject.c:836:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(
data/numba-0.51.2/numba/cext/dictobject.c:1017:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&d->keys->methods, methods, sizeof(type_based_methods_table));
data/numba-0.51.2/numba/cext/dictobject.c:1044:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char got_key[4];
data/numba-0.51.2/numba/cext/dictobject.c:1045:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char got_value[8];
data/numba-0.51.2/numba/cext/dictobject.c:1124:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
CHECK (memcpy(got_value, "7654321", d->keys->val_size));
data/numba-0.51.2/numba/cext/dictobject.c:1128:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
CHECK (memcpy(got_value, "1234567", d->keys->val_size));
data/numba-0.51.2/numba/cext/dictobject.c:1133:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
CHECK (memcpy(got_value, "1234569", d->keys->val_size));
data/numba-0.51.2/numba/cext/dictobject.c:1137:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
CHECK (memcpy(got_value, "0_0_0_1", d->keys->val_size));
data/numba-0.51.2/numba/cext/dictobject.c:1141:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
CHECK (memcpy(got_value, "0_0_0_2", d->keys->val_size));
data/numba-0.51.2/numba/cext/dictobject.c:1145:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
CHECK (memcpy(got_value, "0_0_0_3", d->keys->val_size));
data/numba-0.51.2/numba/cext/listobject.c:90:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, lp->item_size);
data/numba-0.51.2/numba/cext/listobject.c:128:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lp->methods, methods, sizeof(list_type_based_methods_table));
data/numba-0.51.2/numba/cext/listobject.c:609:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char got_item[4] = "\x00\x00\x00\x00";
data/numba-0.51.2/numba/cuda/cudadrv/_extras.c:15:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reserved[CUDA_IPC_HANDLE_SIZE];
data/numba-0.51.2/numba/np/ufunc/_internal.c:512:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(functions, ufunc->functions,
data/numba-0.51.2/numba/np/ufunc/_internal.c:516:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, ufunc->data, sizeof(void *) * ufunc->ntypes);
data/numba-0.51.2/numba/np/ufunc/_internal.c:519:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(types, ufunc->types, sizeof(char) * ufunc->ntypes *
data/numba-0.51.2/numba/np/ufunc/omppool.cpp:169:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(count_space, dimensions, arg_len * sizeof(size_t));
data/numba-0.51.2/numba/np/ufunc/tbbpool.cpp:164:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(count_space, dimensions, arg_len * sizeof(size_t));
data/numba-0.51.2/numba/np/ufunc/workqueue.c:405:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(count_space, dimensions, arg_len * sizeof(size_t));
data/numba-0.51.2/numba/_dynfunc.c:234:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str = PyObject_Malloc(strlen(tmp) + 1);
data/numba-0.51.2/numba/_typeof.c:162:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t N = strlen(s) + 1;
ANALYSIS SUMMARY:
Hits = 37
Lines analyzed = 21185 in approximately 0.73 seconds (29095 lines/second)
Physical Source Lines of Code (SLOC) = 16701
Hits@level = [0] 108 [1] 2 [2] 31 [3] 2 [4] 2 [5] 0
Hits@level+ = [0+] 145 [1+] 37 [2+] 35 [3+] 4 [4+] 2 [5+] 0
Hits/KSLOC@level+ = [0+] 8.68211 [1+] 2.21544 [2+] 2.09568 [3+] 0.239507 [4+] 0.119753 [5+] 0
Dot directories skipped = 2 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.