Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/octomap-1.9.3+dfsg/dynamicEDT3D/doxygen.h Examining data/octomap-1.9.3+dfsg/dynamicEDT3D/include/dynamicEDT3D/bucketedqueue.h Examining data/octomap-1.9.3+dfsg/dynamicEDT3D/include/dynamicEDT3D/dynamicEDT3D.h Examining data/octomap-1.9.3+dfsg/dynamicEDT3D/include/dynamicEDT3D/dynamicEDTOctomap.h Examining data/octomap-1.9.3+dfsg/dynamicEDT3D/include/dynamicEDT3D/point.h Examining data/octomap-1.9.3+dfsg/dynamicEDT3D/src/dynamicEDT3D.cpp Examining data/octomap-1.9.3+dfsg/dynamicEDT3D/src/examples/exampleEDT3D.cpp Examining data/octomap-1.9.3+dfsg/dynamicEDT3D/src/examples/exampleEDTOctomap.cpp Examining data/octomap-1.9.3+dfsg/dynamicEDT3D/src/examples/exampleEDTOctomapStamped.cpp Examining data/octomap-1.9.3+dfsg/octomap/doxygen.h Examining data/octomap-1.9.3+dfsg/octomap/include/octomap/AbstractOcTree.h Examining data/octomap-1.9.3+dfsg/octomap/include/octomap/AbstractOccupancyOcTree.h Examining data/octomap-1.9.3+dfsg/octomap/include/octomap/ColorOcTree.h Examining data/octomap-1.9.3+dfsg/octomap/include/octomap/CountingOcTree.h Examining data/octomap-1.9.3+dfsg/octomap/include/octomap/MCTables.h Examining data/octomap-1.9.3+dfsg/octomap/include/octomap/MapCollection.h Examining data/octomap-1.9.3+dfsg/octomap/include/octomap/MapNode.h Examining data/octomap-1.9.3+dfsg/octomap/include/octomap/OcTree.h Examining data/octomap-1.9.3+dfsg/octomap/include/octomap/OcTreeBase.h Examining data/octomap-1.9.3+dfsg/octomap/include/octomap/OcTreeBaseImpl.h Examining data/octomap-1.9.3+dfsg/octomap/include/octomap/OcTreeDataNode.h Examining data/octomap-1.9.3+dfsg/octomap/include/octomap/OcTreeKey.h Examining data/octomap-1.9.3+dfsg/octomap/include/octomap/OcTreeNode.h Examining data/octomap-1.9.3+dfsg/octomap/include/octomap/OcTreeStamped.h Examining data/octomap-1.9.3+dfsg/octomap/include/octomap/OccupancyOcTreeBase.h Examining data/octomap-1.9.3+dfsg/octomap/include/octomap/Pointcloud.h Examining data/octomap-1.9.3+dfsg/octomap/include/octomap/ScanGraph.h Examining data/octomap-1.9.3+dfsg/octomap/include/octomap/math/Pose6D.h Examining data/octomap-1.9.3+dfsg/octomap/include/octomap/math/Quaternion.h Examining data/octomap-1.9.3+dfsg/octomap/include/octomap/math/Utils.h Examining data/octomap-1.9.3+dfsg/octomap/include/octomap/math/Vector3.h Examining data/octomap-1.9.3+dfsg/octomap/include/octomap/octomap.h Examining data/octomap-1.9.3+dfsg/octomap/include/octomap/octomap_deprecated.h Examining data/octomap-1.9.3+dfsg/octomap/include/octomap/octomap_timing.h Examining data/octomap-1.9.3+dfsg/octomap/include/octomap/octomap_types.h Examining data/octomap-1.9.3+dfsg/octomap/include/octomap/octomap_utils.h Examining data/octomap-1.9.3+dfsg/octomap/src/AbstractOcTree.cpp Examining data/octomap-1.9.3+dfsg/octomap/src/AbstractOccupancyOcTree.cpp Examining data/octomap-1.9.3+dfsg/octomap/src/ColorOcTree.cpp Examining data/octomap-1.9.3+dfsg/octomap/src/CountingOcTree.cpp Examining data/octomap-1.9.3+dfsg/octomap/src/OcTree.cpp Examining data/octomap-1.9.3+dfsg/octomap/src/OcTreeNode.cpp Examining data/octomap-1.9.3+dfsg/octomap/src/OcTreeStamped.cpp Examining data/octomap-1.9.3+dfsg/octomap/src/Pointcloud.cpp Examining data/octomap-1.9.3+dfsg/octomap/src/ScanGraph.cpp Examining data/octomap-1.9.3+dfsg/octomap/src/binvox2bt.cpp Examining data/octomap-1.9.3+dfsg/octomap/src/bt2vrml.cpp Examining data/octomap-1.9.3+dfsg/octomap/src/compare_octrees.cpp Examining data/octomap-1.9.3+dfsg/octomap/src/convert_octree.cpp Examining data/octomap-1.9.3+dfsg/octomap/src/edit_octree.cpp Examining data/octomap-1.9.3+dfsg/octomap/src/eval_octree_accuracy.cpp Examining data/octomap-1.9.3+dfsg/octomap/src/graph2tree.cpp Examining data/octomap-1.9.3+dfsg/octomap/src/intersection_example.cpp Examining data/octomap-1.9.3+dfsg/octomap/src/log2graph.cpp Examining data/octomap-1.9.3+dfsg/octomap/src/math/Pose6D.cpp Examining data/octomap-1.9.3+dfsg/octomap/src/math/Quaternion.cpp Examining data/octomap-1.9.3+dfsg/octomap/src/math/Vector3.cpp Examining data/octomap-1.9.3+dfsg/octomap/src/normals_example.cpp Examining data/octomap-1.9.3+dfsg/octomap/src/octree2pointcloud.cpp Examining data/octomap-1.9.3+dfsg/octomap/src/offset_graph.cpp Examining data/octomap-1.9.3+dfsg/octomap/src/simple_example.cpp Examining data/octomap-1.9.3+dfsg/octomap/src/testing/color_tree_histogram.cpp Examining data/octomap-1.9.3+dfsg/octomap/src/testing/test_changedkeys.cpp Examining data/octomap-1.9.3+dfsg/octomap/src/testing/test_color_tree.cpp Examining data/octomap-1.9.3+dfsg/octomap/src/testing/test_io.cpp Examining data/octomap-1.9.3+dfsg/octomap/src/testing/test_iterators.cpp Examining data/octomap-1.9.3+dfsg/octomap/src/testing/test_mapcollection.cpp Examining data/octomap-1.9.3+dfsg/octomap/src/testing/test_pruning.cpp Examining data/octomap-1.9.3+dfsg/octomap/src/testing/test_raycasting.cpp Examining data/octomap-1.9.3+dfsg/octomap/src/testing/test_scans.cpp Examining data/octomap-1.9.3+dfsg/octomap/src/testing/testing.h Examining data/octomap-1.9.3+dfsg/octomap/src/testing/unit_tests.cpp Examining data/octomap-1.9.3+dfsg/octovis/include/octovis/CameraFollowMode.h Examining data/octomap-1.9.3+dfsg/octovis/include/octovis/ColorOcTreeDrawer.h Examining data/octomap-1.9.3+dfsg/octovis/include/octovis/OcTreeDrawer.h Examining data/octomap-1.9.3+dfsg/octovis/include/octovis/OcTreeRecord.h Examining data/octomap-1.9.3+dfsg/octovis/include/octovis/PointcloudDrawer.h Examining data/octomap-1.9.3+dfsg/octovis/include/octovis/SceneObject.h Examining data/octomap-1.9.3+dfsg/octovis/include/octovis/SelectionBox.h Examining data/octomap-1.9.3+dfsg/octovis/include/octovis/TrajectoryDrawer.h Examining data/octomap-1.9.3+dfsg/octovis/include/octovis/ViewerGui.h Examining data/octomap-1.9.3+dfsg/octovis/include/octovis/ViewerSettings.h Examining data/octomap-1.9.3+dfsg/octovis/include/octovis/ViewerSettingsPanel.h Examining data/octomap-1.9.3+dfsg/octovis/include/octovis/ViewerSettingsPanelCamera.h Examining data/octomap-1.9.3+dfsg/octovis/include/octovis/ViewerWidget.h Examining data/octomap-1.9.3+dfsg/octovis/src/CameraFollowMode.cpp Examining data/octomap-1.9.3+dfsg/octovis/src/ColorOcTreeDrawer.cpp Examining data/octomap-1.9.3+dfsg/octovis/src/OcTreeDrawer.cpp Examining data/octomap-1.9.3+dfsg/octovis/src/PointcloudDrawer.cpp Examining data/octomap-1.9.3+dfsg/octovis/src/SceneObject.cpp Examining data/octomap-1.9.3+dfsg/octovis/src/SelectionBox.cpp Examining data/octomap-1.9.3+dfsg/octovis/src/TrajectoryDrawer.cpp Examining data/octomap-1.9.3+dfsg/octovis/src/ViewerGui.cpp Examining data/octomap-1.9.3+dfsg/octovis/src/ViewerSettings.cpp Examining data/octomap-1.9.3+dfsg/octovis/src/ViewerSettingsPanel.cpp Examining data/octomap-1.9.3+dfsg/octovis/src/ViewerSettingsPanelCamera.cpp Examining data/octomap-1.9.3+dfsg/octovis/src/ViewerWidget.cpp Examining data/octomap-1.9.3+dfsg/octovis/src/main.cpp FINAL RESULTS: data/octomap-1.9.3+dfsg/octomap/include/octomap/octomap_types.h:72:39: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define OCTOMAP_DEBUG(...) fprintf(stderr, __VA_ARGS__), fflush(stderr) data/octomap-1.9.3+dfsg/octomap/include/octomap/octomap_types.h:76:67: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define OCTOMAP_WARNING(...) fprintf(stderr, "WARNING: "), fprintf(stderr, __VA_ARGS__), fflush(stderr) data/octomap-1.9.3+dfsg/octomap/include/octomap/octomap_types.h:78:65: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define OCTOMAP_ERROR(...) fprintf(stderr, "ERROR: "), fprintf(stderr, __VA_ARGS__), fflush(stderr) data/octomap-1.9.3+dfsg/octomap/src/ColorOcTree.cpp:226:17: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. FILE *gui = popen("gnuplot ", "w"); data/octomap-1.9.3+dfsg/dynamicEDT3D/include/dynamicEDT3D/dynamicEDT3D.h:122:31: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). BucketPrioQueue<INTPOINT3D> open; data/octomap-1.9.3+dfsg/dynamicEDT3D/src/dynamicEDT3D.cpp:316:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). while (!open.empty()) { data/octomap-1.9.3+dfsg/dynamicEDT3D/src/dynamicEDT3D.cpp:317:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). INTPOINT3D p = open.pop(); data/octomap-1.9.3+dfsg/dynamicEDT3D/src/dynamicEDT3D.cpp:366:4: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). open.push(nc.sqdist, INTPOINT3D(nx,ny,nz)); data/octomap-1.9.3+dfsg/dynamicEDT3D/src/dynamicEDT3D.cpp:377:5: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). open.push(nc.sqdist, INTPOINT3D(nx,ny,nz)); data/octomap-1.9.3+dfsg/dynamicEDT3D/src/dynamicEDT3D.cpp:505:5: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). open.push(newSqDistance, INTPOINT3D(nx,ny,nz)); data/octomap-1.9.3+dfsg/dynamicEDT3D/src/dynamicEDT3D.cpp:561:4: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). open.push(0, INTPOINT3D(x,y,z)); data/octomap-1.9.3+dfsg/dynamicEDT3D/src/dynamicEDT3D.cpp:574:3: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). open.push(0, INTPOINT3D(x,y,z)); data/octomap-1.9.3+dfsg/octomap/src/eval_octree_accuracy.cpp:82:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). max_scan_no = atoi(argv[++arg]); data/octomap-1.9.3+dfsg/octomap/src/graph2tree.cpp:155:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). max_scan_no = atoi(argv[++arg]); data/octomap-1.9.3+dfsg/octomap/src/graph2tree.cpp:228:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). logfile.open((treeFilename+".log").c_str()); data/octomap-1.9.3+dfsg/octomap/src/testing/test_iterators.cpp:234:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). maxDepth = (unsigned char)atoi(argv[2]); data/octomap-1.9.3+dfsg/octomap/include/octomap/AbstractOcTree.h:130:28: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). static AbstractOcTree* read(const std::string& filename); data/octomap-1.9.3+dfsg/octomap/include/octomap/AbstractOcTree.h:134:28: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). static AbstractOcTree* read(std::istream &s); data/octomap-1.9.3+dfsg/octomap/include/octomap/MapCollection.h:83:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bool read(std::string filename); data/octomap-1.9.3+dfsg/octomap/include/octomap/Pointcloud.h:115:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::istream& read(std::istream &s); data/octomap-1.9.3+dfsg/octomap/include/octomap/math/Pose6D.h:180:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::istream& read(std::istream &s); data/octomap-1.9.3+dfsg/octomap/include/octomap/math/Quaternion.h:188:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::istream& read(std::istream &s); data/octomap-1.9.3+dfsg/octomap/include/octomap/math/Vector3.h:308:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::istream& read(std::istream &s); data/octomap-1.9.3+dfsg/octomap/src/AbstractOcTree.cpp:74:35: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). AbstractOcTree* AbstractOcTree::read(const std::string& filename){ data/octomap-1.9.3+dfsg/octomap/src/AbstractOcTree.cpp:82:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). return read(file); data/octomap-1.9.3+dfsg/octomap/src/AbstractOcTree.cpp:87:35: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). AbstractOcTree* AbstractOcTree::read(std::istream &s){ data/octomap-1.9.3+dfsg/octomap/src/AbstractOccupancyOcTree.cpp:105:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). s.read((char*)&tree_type, sizeof(tree_type)); data/octomap-1.9.3+dfsg/octomap/src/AbstractOccupancyOcTree.cpp:110:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). s.read((char*)&res, sizeof(res)); data/octomap-1.9.3+dfsg/octomap/src/AbstractOccupancyOcTree.cpp:116:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). s.read((char*)&size, sizeof(size)); data/octomap-1.9.3+dfsg/octomap/src/ColorOcTree.cpp:48:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). s.read((char*) &value, sizeof(value)); // occupancy data/octomap-1.9.3+dfsg/octomap/src/ColorOcTree.cpp:49:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). s.read((char*) &color, sizeof(Color)); // color data/octomap-1.9.3+dfsg/octomap/src/Pointcloud.cpp:280:29: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::istream& Pointcloud::read(std::istream &s){ data/octomap-1.9.3+dfsg/octomap/src/Pointcloud.cpp:299:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). s.read((char*)&pc_size, sizeof(pc_size)); data/octomap-1.9.3+dfsg/octomap/src/ScanGraph.cpp:73:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). s.read((char*)&uintId, sizeof(uintId)); data/octomap-1.9.3+dfsg/octomap/src/ScanGraph.cpp:96:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). this->pose.trans().read(s); data/octomap-1.9.3+dfsg/octomap/src/ScanGraph.cpp:100:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rot.read(s); data/octomap-1.9.3+dfsg/octomap/src/ScanGraph.cpp:119:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). s.read((char*)&first_id, sizeof(first_id)); data/octomap-1.9.3+dfsg/octomap/src/ScanGraph.cpp:120:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). s.read((char*)&second_id, sizeof(second_id)); data/octomap-1.9.3+dfsg/octomap/src/ScanGraph.cpp:128:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). s.read((char*)&weight, sizeof(weight)); data/octomap-1.9.3+dfsg/octomap/src/ScanGraph.cpp:157:22: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). this->constraint.read(s); data/octomap-1.9.3+dfsg/octomap/src/ScanGraph.cpp:380:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). s.read((char*)&graph_size, sizeof(graph_size)); data/octomap-1.9.3+dfsg/octomap/src/ScanGraph.cpp:403:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). s.read((char*)&num_edges, sizeof(num_edges)); data/octomap-1.9.3+dfsg/octomap/src/compare_octrees.cpp:70:49: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). OcTree* tree1 = dynamic_cast<OcTree*>(OcTree::read(filename1)); data/octomap-1.9.3+dfsg/octomap/src/compare_octrees.cpp:71:49: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). OcTree* tree2 = dynamic_cast<OcTree*>(OcTree::read(filename2)); data/octomap-1.9.3+dfsg/octomap/src/convert_octree.cpp:95:28: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). tree = AbstractOcTree::read(file); data/octomap-1.9.3+dfsg/octomap/src/math/Pose6D.cpp:119:25: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::istream& Pose6D::read(std::istream &s) { data/octomap-1.9.3+dfsg/octomap/src/math/Pose6D.cpp:120:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). translation.read(s); data/octomap-1.9.3+dfsg/octomap/src/math/Pose6D.cpp:121:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rotation.read(s); data/octomap-1.9.3+dfsg/octomap/src/math/Quaternion.cpp:261:29: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::istream& Quaternion::read(std::istream &s) { data/octomap-1.9.3+dfsg/octomap/src/math/Quaternion.cpp:281:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). s.read((char*)&temp, sizeof(temp)); data/octomap-1.9.3+dfsg/octomap/src/math/Quaternion.cpp:284:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). s.read((char*)&val, sizeof(val)); data/octomap-1.9.3+dfsg/octomap/src/math/Vector3.cpp:69:26: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::istream& Vector3::read(std::istream &s) { data/octomap-1.9.3+dfsg/octomap/src/math/Vector3.cpp:89:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). s.read((char*)&temp, sizeof(temp)); data/octomap-1.9.3+dfsg/octomap/src/math/Vector3.cpp:92:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). s.read((char*)&val, sizeof(val)); data/octomap-1.9.3+dfsg/octomap/src/testing/test_color_tree.cpp:68:47: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). AbstractOcTree* read_tree = AbstractOcTree::read(filename); data/octomap-1.9.3+dfsg/octomap/src/testing/test_io.cpp:35:56: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). AbstractOcTree* readTreeAbstract = AbstractOcTree::read("empty.ot"); data/octomap-1.9.3+dfsg/octomap/src/testing/test_io.cpp:102:56: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). AbstractOcTree* readTreeAbstract = AbstractOcTree::read(filenameOt); data/octomap-1.9.3+dfsg/octomap/src/testing/test_io.cpp:138:56: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). AbstractOcTree* readTreeAbstract = AbstractOcTree::read(filenameColor); data/octomap-1.9.3+dfsg/octomap/src/testing/test_io.cpp:166:56: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). AbstractOcTree* readTreeAbstract = AbstractOcTree::read(filenameStamped); data/octomap-1.9.3+dfsg/octovis/src/ViewerGui.cpp:456:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). pc->read(s); data/octomap-1.9.3+dfsg/octovis/src/ViewerGui.cpp:494:42: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). AbstractOcTree* tree = AbstractOcTree::read(m_filename); ANALYSIS SUMMARY: Hits = 61 Lines analyzed = 17542 in approximately 0.69 seconds (25568 lines/second) Physical Source Lines of Code (SLOC) = 9786 Hits@level = [0] 47 [1] 45 [2] 12 [3] 0 [4] 4 [5] 0 Hits@level+ = [0+] 108 [1+] 61 [2+] 16 [3+] 4 [4+] 4 [5+] 0 Hits/KSLOC@level+ = [0+] 11.0362 [1+] 6.23339 [2+] 1.63499 [3+] 0.408747 [4+] 0.408747 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.