stdin

Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/octave-zeromq-1.5.2/src/bind.cc
Examining data/octave-zeromq-1.5.2/src/close.cc
Examining data/octave-zeromq-1.5.2/src/connect.cc
Examining data/octave-zeromq-1.5.2/src/curve_keypair.cc
Examining data/octave-zeromq-1.5.2/src/curve_public.cc
Examining data/octave-zeromq-1.5.2/src/disconnect.cc
Examining data/octave-zeromq-1.5.2/src/errno.cc
Examining data/octave-zeromq-1.5.2/src/getsockopt.cc
Examining data/octave-zeromq-1.5.2/src/globals.cc
Examining data/octave-zeromq-1.5.2/src/has.cc
Examining data/octave-zeromq-1.5.2/src/pkglock.cc
Examining data/octave-zeromq-1.5.2/src/poll.cc
Examining data/octave-zeromq-1.5.2/src/properties.cc
Examining data/octave-zeromq-1.5.2/src/recv.cc
Examining data/octave-zeromq-1.5.2/src/send.cc
Examining data/octave-zeromq-1.5.2/src/setsockopt.cc
Examining data/octave-zeromq-1.5.2/src/socket.cc
Examining data/octave-zeromq-1.5.2/src/socket_class.cc
Examining data/octave-zeromq-1.5.2/src/socket_class.h
Examining data/octave-zeromq-1.5.2/src/strerror.cc
Examining data/octave-zeromq-1.5.2/src/unbind.cc
Examining data/octave-zeromq-1.5.2/src/undef-ah-octave.h
Examining data/octave-zeromq-1.5.2/src/version.cc
Examining data/octave-zeromq-1.5.2/src/z85_decode.cc
Examining data/octave-zeromq-1.5.2/src/z85_encode.cc
Examining data/octave-zeromq-1.5.2/src/zeromq.cc

FINAL RESULTS:

data/octave-zeromq-1.5.2/src/curve_keypair.cc:50:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char privatekey[41];
data/octave-zeromq-1.5.2/src/curve_keypair.cc:51:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char publickey[41];
data/octave-zeromq-1.5.2/src/curve_public.cc:65:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char publickey[41];
data/octave-zeromq-1.5.2/src/getsockopt.cc:218:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char value[1024];
data/octave-zeromq-1.5.2/src/getsockopt.cc:251:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char value[1024];
data/octave-zeromq-1.5.2/src/getsockopt.cc:285:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char value[1024];
data/octave-zeromq-1.5.2/src/getsockopt.cc:305:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char value[1024];
data/octave-zeromq-1.5.2/src/getsockopt.cc:325:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char value[1024];
data/octave-zeromq-1.5.2/src/getsockopt.cc:359:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char value[1024];
data/octave-zeromq-1.5.2/src/getsockopt.cc:379:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char value[1024];
data/octave-zeromq-1.5.2/src/getsockopt.cc:426:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char value[1024];
data/octave-zeromq-1.5.2/src/getsockopt.cc:447:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char value[1024];
data/octave-zeromq-1.5.2/src/socket_class.cc:278:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(zmq_msg_data(&msg), data, sz);
data/octave-zeromq-1.5.2/src/socket_class.cc:337:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy (data, zmq_msg_data (&msg), len);
data/octave-zeromq-1.5.2/src/recv.cc:94:7:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  if (read >= 0)
data/octave-zeromq-1.5.2/src/recv.cc:96:40:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      uint8NDArray data( dim_vector (1,read) );
data/octave-zeromq-1.5.2/src/recv.cc:97:23:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      for (int i=0; i<read; i++)

ANALYSIS SUMMARY:

Hits = 17
Lines analyzed = 3849 in approximately 0.11 seconds (34815 lines/second)
Physical Source Lines of Code (SLOC) = 2351
Hits@level = [0]   3 [1]   3 [2]  14 [3]   0 [4]   0 [5]   0
Hits@level+ = [0+]  20 [1+]  17 [2+]  14 [3+]   0 [4+]   0 [5+]   0
Hits/KSLOC@level+ = [0+] 8.50702 [1+] 7.23097 [2+] 5.95491 [3+]   0 [4+]   0 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.