Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/octave-interval-3.2.0/src/compatibility/octave.h
Examining data/octave-interval-3.2.0/src/compatibility/octave_4.2.cc
Examining data/octave-interval-3.2.0/src/compatibility/octave_current.cc
Examining data/octave-interval-3.2.0/src/crlibm/acos-td.c
Examining data/octave-interval-3.2.0/src/crlibm/acos-td.h
Examining data/octave-interval-3.2.0/src/crlibm/asin-td.c
Examining data/octave-interval-3.2.0/src/crlibm/asin-td.h
Examining data/octave-interval-3.2.0/src/crlibm/asincos.c
Examining data/octave-interval-3.2.0/src/crlibm/asincos.h
Examining data/octave-interval-3.2.0/src/crlibm/atan_accurate.c
Examining data/octave-interval-3.2.0/src/crlibm/atan_accurate.h
Examining data/octave-interval-3.2.0/src/crlibm/atan_fast.c
Examining data/octave-interval-3.2.0/src/crlibm/atan_fast.h
Examining data/octave-interval-3.2.0/src/crlibm/crlibm.h
Examining data/octave-interval-3.2.0/src/crlibm/crlibm_private.c
Examining data/octave-interval-3.2.0/src/crlibm/crlibm_private.h
Examining data/octave-interval-3.2.0/src/crlibm/csh_fast.c
Examining data/octave-interval-3.2.0/src/crlibm/csh_fast.h
Examining data/octave-interval-3.2.0/src/crlibm/double-extended.h
Examining data/octave-interval-3.2.0/src/crlibm/exp-td-standalone.c
Examining data/octave-interval-3.2.0/src/crlibm/exp-td.c
Examining data/octave-interval-3.2.0/src/crlibm/exp-td.h
Examining data/octave-interval-3.2.0/src/crlibm/expm1-standalone.c
Examining data/octave-interval-3.2.0/src/crlibm/expm1.c
Examining data/octave-interval-3.2.0/src/crlibm/expm1.h
Examining data/octave-interval-3.2.0/src/crlibm/interval.h
Examining data/octave-interval-3.2.0/src/crlibm/log-de.c
Examining data/octave-interval-3.2.0/src/crlibm/log-de.h
Examining data/octave-interval-3.2.0/src/crlibm/log-td.c
Examining data/octave-interval-3.2.0/src/crlibm/log-td.h
Examining data/octave-interval-3.2.0/src/crlibm/log.c
Examining data/octave-interval-3.2.0/src/crlibm/log.h
Examining data/octave-interval-3.2.0/src/crlibm/log10-td.c
Examining data/octave-interval-3.2.0/src/crlibm/log10-td.h
Examining data/octave-interval-3.2.0/src/crlibm/log1p.c
Examining data/octave-interval-3.2.0/src/crlibm/log2-td.c
Examining data/octave-interval-3.2.0/src/crlibm/log2-td.h
Examining data/octave-interval-3.2.0/src/crlibm/log_accurate.c
Examining data/octave-interval-3.2.0/src/crlibm/log_accurate.h
Examining data/octave-interval-3.2.0/src/crlibm/log_fast.c
Examining data/octave-interval-3.2.0/src/crlibm/log_fast.h
Examining data/octave-interval-3.2.0/src/crlibm/pow.c
Examining data/octave-interval-3.2.0/src/crlibm/pow.h
Examining data/octave-interval-3.2.0/src/crlibm/rem_pio2_accurate.c
Examining data/octave-interval-3.2.0/src/crlibm/rem_pio2_accurate.h
Examining data/octave-interval-3.2.0/src/crlibm/scs_lib/addition_scs.c
Examining data/octave-interval-3.2.0/src/crlibm/scs_lib/division_scs.c
Examining data/octave-interval-3.2.0/src/crlibm/scs_lib/double2scs.c
Examining data/octave-interval-3.2.0/src/crlibm/scs_lib/multiplication_scs.c
Examining data/octave-interval-3.2.0/src/crlibm/scs_lib/poly_fct.c
Examining data/octave-interval-3.2.0/src/crlibm/scs_lib/print_scs.c
Examining data/octave-interval-3.2.0/src/crlibm/scs_lib/rand_scs.c
Examining data/octave-interval-3.2.0/src/crlibm/scs_lib/scs.h
Examining data/octave-interval-3.2.0/src/crlibm/scs_lib/scs2double.c
Examining data/octave-interval-3.2.0/src/crlibm/scs_lib/scs2mpf.c
Examining data/octave-interval-3.2.0/src/crlibm/scs_lib/scs2mpfr.c
Examining data/octave-interval-3.2.0/src/crlibm/scs_lib/scs_private.c
Examining data/octave-interval-3.2.0/src/crlibm/scs_lib/scs_private.h
Examining data/octave-interval-3.2.0/src/crlibm/scs_lib/tests/log.h
Examining data/octave-interval-3.2.0/src/crlibm/scs_lib/tests/tbx_timing.h
Examining data/octave-interval-3.2.0/src/crlibm/scs_lib/tests/test_accuracy.c
Examining data/octave-interval-3.2.0/src/crlibm/scs_lib/tests/test_log.c
Examining data/octave-interval-3.2.0/src/crlibm/scs_lib/tests/test_timing.c
Examining data/octave-interval-3.2.0/src/crlibm/scs_lib/wrapper_scs.h
Examining data/octave-interval-3.2.0/src/crlibm/scs_lib/zero_scs.c
Examining data/octave-interval-3.2.0/src/crlibm/trigo_accurate.c
Examining data/octave-interval-3.2.0/src/crlibm/trigo_accurate.h
Examining data/octave-interval-3.2.0/src/crlibm/trigo_fast.c
Examining data/octave-interval-3.2.0/src/crlibm/trigo_fast.h
Examining data/octave-interval-3.2.0/src/crlibm/trigpi.c
Examining data/octave-interval-3.2.0/src/crlibm/trigpi.h
Examining data/octave-interval-3.2.0/src/crlibm/triple-double.c
Examining data/octave-interval-3.2.0/src/crlibm/triple-double.h
Examining data/octave-interval-3.2.0/src/crlibm_function.cc
Examining data/octave-interval-3.2.0/src/intervaltotext.cc
Examining data/octave-interval-3.2.0/src/mpfr_commons.h
Examining data/octave-interval-3.2.0/src/mpfr_function_d.cc
Examining data/octave-interval-3.2.0/src/mpfr_linspace_d.cc
Examining data/octave-interval-3.2.0/src/mpfr_matrix_sqr_d.cc
Examining data/octave-interval-3.2.0/src/mpfr_to_string_d.cc
Examining data/octave-interval-3.2.0/src/mpfr_vector_dot_d.cc
Examining data/octave-interval-3.2.0/src/mpfr_vector_sum_d.cc
Examining data/octave-interval-3.2.0/src/__setround__.cc
Examining data/octave-interval-3.2.0/src/mpfr_matrix_mul_d.cc
FINAL RESULTS:
data/octave-interval-3.2.0/src/crlibm/scs_lib/multiplication_scs.c:33:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(s);printf(" ");
data/octave-interval-3.2.0/src/intervaltotext.cc:485:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (stat.buf, stat.signed_template, x);
data/octave-interval-3.2.0/src/intervaltotext.cc:487:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (stat.buf, stat.unsigned_template, x);
data/octave-interval-3.2.0/src/intervaltotext.cc:542:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (stat.buf,
data/octave-interval-3.2.0/src/intervaltotext.cc:819:18: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
std::sprintf (stat.buf, stat.radius_template, r_uint);
data/octave-interval-3.2.0/src/intervaltotext.cc:961:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
std::strcpy (unsigned_template, s.c_str ());
data/octave-interval-3.2.0/src/intervaltotext.cc:967:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
std::strcpy (signed_template, s.c_str ());
data/octave-interval-3.2.0/src/intervaltotext.cc:971:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
std::strcpy (radius_template, s.c_str ());
data/octave-interval-3.2.0/src/mpfr_to_string_d.cc:237:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (buf, "%s0x%u.%08x%05xp%+d",
data/octave-interval-3.2.0/src/crlibm/scs_lib/tests/test_log.c:415:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(42);
data/octave-interval-3.2.0/src/crlibm/scs_lib/tests/test_timing.c:106:3: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(42);
data/octave-interval-3.2.0/src/crlibm/scs_lib/tests/test_accuracy.c:273:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fct = atoi(argv[1]);
data/octave-interval-3.2.0/src/crlibm/scs_lib/tests/test_accuracy.c:274:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bcl = (argc >= 3)? atoi(argv[2]) : 1000;
data/octave-interval-3.2.0/src/crlibm/scs_lib/wrapper_scs.h:381:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[10];
data/octave-interval-3.2.0/src/crlibm/scs_lib/wrapper_scs.h:412:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%x", aa.scsnb.h_word[0]);
data/octave-interval-3.2.0/src/crlibm/scs_lib/wrapper_scs.h:419:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%x", aa.scsnb.h_word[0]);
data/octave-interval-3.2.0/src/intervaltotext.cc:116:32: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
layout.total_width = atol (overall_width.c_str ());
data/octave-interval-3.2.0/src/intervaltotext.cc:188:27: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
layout.number_width = atol (width.c_str ());
data/octave-interval-3.2.0/src/intervaltotext.cc:207:35: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
layout.number_precision = atol (precision.c_str ());
data/octave-interval-3.2.0/src/intervaltotext.cc:248:29: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
layout.radius_width = atol (radius_width.c_str ());
data/octave-interval-3.2.0/src/mpfr_to_string_d.cc:134:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf [768];
data/octave-interval-3.2.0/src/mpfr_to_string_d.cc:191:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "%f", mantissa);
ANALYSIS SUMMARY:
Hits = 22
Lines analyzed = 54076 in approximately 1.82 seconds (29666 lines/second)
Physical Source Lines of Code (SLOC) = 34629
Hits@level = [0] 95 [1] 0 [2] 11 [3] 2 [4] 9 [5] 0
Hits@level+ = [0+] 117 [1+] 22 [2+] 22 [3+] 11 [4+] 9 [5+] 0
Hits/KSLOC@level+ = [0+] 3.37867 [1+] 0.635306 [2+] 0.635306 [3+] 0.317653 [4+] 0.259898 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.