Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/pivy-0.6.5/interfaces/coin_header_includes.h
Examining data/pivy-0.6.5/SoPyScript/SoPyScript.h
Examining data/pivy-0.6.5/SoPyScript/SoPyScript.cpp
Examining data/pivy-0.6.5/fake_headers/stddef.h
Examining data/pivy-0.6.5/fake_headers/stdlib.h
Examining data/pivy-0.6.5/fake_headers/qwindowdefs.h
Examining data/pivy-0.6.5/fake_headers/GL/glx.h
Examining data/pivy-0.6.5/fake_headers/GL/glext.h
Examining data/pivy-0.6.5/fake_headers/GL/glu.h
Examining data/pivy-0.6.5/fake_headers/GL/gl.h
Examining data/pivy-0.6.5/fake_headers/time.h
Examining data/pivy-0.6.5/fake_headers/qevent.h
Examining data/pivy-0.6.5/fake_headers/stdint.h
Examining data/pivy-0.6.5/fake_headers/sys/time.h
Examining data/pivy-0.6.5/fake_headers/sys/unistd.h
Examining data/pivy-0.6.5/fake_headers/sys/types.h
Examining data/pivy-0.6.5/fake_headers/X11/Intrinsic.h
Examining data/pivy-0.6.5/fake_headers/X11/Xresource.h
Examining data/pivy-0.6.5/fake_headers/stdio.h
Examining data/pivy-0.6.5/fake_headers/Xm/Xm.h
Examining data/pivy-0.6.5/fake_headers/wchar.h
Examining data/pivy-0.6.5/fake_headers/inttypes.h
Examining data/pivy-0.6.5/fake_headers/stdarg.h
Examining data/pivy-0.6.5/fake_headers/Inventor/C/glue/dl.h
Examining data/pivy-0.6.5/fake_headers/Inventor/C/glue/gl.h
Examining data/pivy-0.6.5/fake_headers/Inventor/C/threads/wpool.h
Examining data/pivy-0.6.5/fake_headers/Inventor/C/threads/worker.h
Examining data/pivy-0.6.5/fake_headers/Inventor/C/threads/fifo.h
Examining data/pivy-0.6.5/fake_headers/Inventor/C/threads/sync.h
Examining data/pivy-0.6.5/fake_headers/Inventor/C/threads/thread.h
Examining data/pivy-0.6.5/fake_headers/Inventor/C/threads/mutex.h
Examining data/pivy-0.6.5/fake_headers/Inventor/C/threads/barrier.h
Examining data/pivy-0.6.5/fake_headers/Inventor/C/threads/condvar.h
Examining data/pivy-0.6.5/fake_headers/Inventor/C/threads/sched.h
Examining data/pivy-0.6.5/fake_headers/Inventor/C/threads/recmutex.h
Examining data/pivy-0.6.5/fake_headers/Inventor/C/threads/rwmutex.h
Examining data/pivy-0.6.5/fake_headers/Inventor/C/threads/common.h
Examining data/pivy-0.6.5/fake_headers/Inventor/C/threads/storage.h
Examining data/pivy-0.6.5/fake_headers/Inventor/C/tidbits.h
Examining data/pivy-0.6.5/fake_headers/Inventor/C/base/time.h
Examining data/pivy-0.6.5/fake_headers/Inventor/C/base/hash.h
Examining data/pivy-0.6.5/fake_headers/Inventor/C/base/heap.h
Examining data/pivy-0.6.5/fake_headers/Inventor/C/base/memalloc.h
Examining data/pivy-0.6.5/fake_headers/Inventor/C/base/list.h
Examining data/pivy-0.6.5/fake_headers/Inventor/C/base/string.h
Examining data/pivy-0.6.5/fake_headers/Inventor/C/base/rbptree.h
Examining data/pivy-0.6.5/fake_headers/Inventor/C/errors/debugerror.h
Examining data/pivy-0.6.5/fake_headers/Inventor/C/errors/error.h
Examining data/pivy-0.6.5/fake_headers/math.h
Examining data/pivy-0.6.5/fake_headers/gtk/gtk.h
Examining data/pivy-0.6.5/fake_headers/assert.h
Examining data/pivy-0.6.5/fake_headers/OpenGL/glext.h
Examining data/pivy-0.6.5/fake_headers/OpenGL/glu.h
Examining data/pivy-0.6.5/fake_headers/OpenGL/gl.h
Examining data/pivy-0.6.5/fake_headers/qobject.h
Examining data/pivy-0.6.5/fake_headers/string.h
Examining data/pivy-0.6.5/fake_headers/windows.h
Examining data/pivy-0.6.5/examples/extend/ShapeScale.cpp
Examining data/pivy-0.6.5/examples/extend/ShapeScale.h
Examining data/pivy-0.6.5/examples/QtDesigner/cpp/mainwindow.cpp
Examining data/pivy-0.6.5/examples/QtDesigner/cpp/main.cpp
Examining data/pivy-0.6.5/examples/QtDesigner/cpp/mainwindow.h
Examining data/pivy-0.6.5/examples/SoPyScript/soqtexamin.cpp
Examining data/pivy-0.6.5/examples/SoPyScript/sowinexamin.cpp
FINAL RESULTS:
data/pivy-0.6.5/examples/QtDesigner/cpp/mainwindow.cpp:37:48: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
this->material->diffuseColor = SbColor(1.0f*(random()%256)/255,
data/pivy-0.6.5/examples/QtDesigner/cpp/mainwindow.cpp:38:48: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
1.0f*(random()%256)/255,
data/pivy-0.6.5/examples/QtDesigner/cpp/mainwindow.cpp:39:48: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
1.0f*(random()%256)/255);
data/pivy-0.6.5/SoPyScript/SoPyScript.cpp:409:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (in->read(typeVal)) {
data/pivy-0.6.5/SoPyScript/SoPyScript.cpp:412:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
} else if (in->read(typeVal) && typeVal == "[") {
data/pivy-0.6.5/SoPyScript/SoPyScript.cpp:413:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (in->read(typeVal) && typeVal != "]") {
data/pivy-0.6.5/SoPyScript/SoPyScript.cpp:421:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
in->read(name)) {
ANALYSIS SUMMARY:
Hits = 7
Lines analyzed = 1815 in approximately 0.17 seconds (10823 lines/second)
Physical Source Lines of Code (SLOC) = 1507
Hits@level = [0] 2 [1] 4 [2] 0 [3] 3 [4] 0 [5] 0
Hits@level+ = [0+] 9 [1+] 7 [2+] 3 [3+] 3 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 5.97213 [1+] 4.64499 [2+] 1.99071 [3+] 1.99071 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.