Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/purify-2.0.0/cpp/AlgorithmUpdate.cc Examining data/purify-2.0.0/cpp/AlgorithmUpdate.h Examining data/purify-2.0.0/cpp/cmdl.cc Examining data/purify-2.0.0/cpp/cmdl.h Examining data/purify-2.0.0/cpp/example/casa.cc Examining data/purify-2.0.0/cpp/example/clean_vla.cc Examining data/purify-2.0.0/cpp/example/generate_vis_data.cc Examining data/purify-2.0.0/cpp/example/gridding.cc Examining data/purify-2.0.0/cpp/example/padmm_random_coverage.cc Examining data/purify-2.0.0/cpp/example/padmm_reweighted_simulation.cc Examining data/purify-2.0.0/cpp/example/padmm_simulation.cc Examining data/purify-2.0.0/cpp/example/resample.cc Examining data/purify-2.0.0/cpp/example/rm_gridding_example.cc Examining data/purify-2.0.0/cpp/example/sara_padmm_random_coverage.cc Examining data/purify-2.0.0/cpp/example/sdmm_m31_simulation.cc Examining data/purify-2.0.0/cpp/example/sdmm_random_coverage.cc Examining data/purify-2.0.0/cpp/example/sdmm_vla.cc Examining data/purify-2.0.0/cpp/example/time_gridding_degridding.cc Examining data/purify-2.0.0/cpp/main.cc Examining data/purify-2.0.0/cpp/purify/FFTOperator.cc Examining data/purify-2.0.0/cpp/purify/FFTOperator.h Examining data/purify-2.0.0/cpp/purify/MeasurementOperator.cc Examining data/purify-2.0.0/cpp/purify/MeasurementOperator.h Examining data/purify-2.0.0/cpp/purify/PSFOperator.cc Examining data/purify-2.0.0/cpp/purify/PSFOperator.h Examining data/purify-2.0.0/cpp/purify/RMOperator.cc Examining data/purify-2.0.0/cpp/purify/RMOperator.h Examining data/purify-2.0.0/cpp/purify/casacore.cc Examining data/purify-2.0.0/cpp/purify/casacore.h Examining data/purify-2.0.0/cpp/purify/clean.cc Examining data/purify-2.0.0/cpp/purify/clean.h Examining data/purify-2.0.0/cpp/purify/config.in.h Examining data/purify-2.0.0/cpp/purify/kernels.cc Examining data/purify-2.0.0/cpp/purify/kernels.h Examining data/purify-2.0.0/cpp/purify/logging.disabled.h Examining data/purify-2.0.0/cpp/purify/logging.h Examining data/purify-2.0.0/cpp/purify/pfitsio.cc Examining data/purify-2.0.0/cpp/purify/pfitsio.h Examining data/purify-2.0.0/cpp/purify/types.h Examining data/purify-2.0.0/cpp/purify/utilities.cc Examining data/purify-2.0.0/cpp/purify/utilities.h Examining data/purify-2.0.0/cpp/purify/logging.enabled.h Examining data/purify-2.0.0/cpp/tests/FFT_operator.cc Examining data/purify-2.0.0/cpp/tests/casacore.cc Examining data/purify-2.0.0/cpp/tests/directories.in.h Examining data/purify-2.0.0/cpp/tests/measurement_operator.cc Examining data/purify-2.0.0/cpp/tests/purify_fitsio.cc Examining data/purify-2.0.0/cpp/tests/sparse.cc Examining data/purify-2.0.0/cpp/tests/utils.cc FINAL RESULTS: data/purify-2.0.0/cpp/cmdl.cc:47:9: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. c = getopt_long(argc, argv, "a:bc:defghijklmnopqrst", long_options, &option_index); data/purify-2.0.0/cpp/main.cc:252:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). out_diagnostic.open(params.name + "_diagnostic", std::ios_base::app); data/purify-2.0.0/cpp/purify/pfitsio.cc:106:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). image.read(contents); ANALYSIS SUMMARY: Hits = 3 Lines analyzed = 10082 in approximately 0.41 seconds (24744 lines/second) Physical Source Lines of Code (SLOC) = 8410 Hits@level = [0] 10 [1] 1 [2] 1 [3] 1 [4] 0 [5] 0 Hits@level+ = [0+] 13 [1+] 3 [2+] 2 [3+] 1 [4+] 0 [5+] 0 Hits/KSLOC@level+ = [0+] 1.54578 [1+] 0.356718 [2+] 0.237812 [3+] 0.118906 [4+] 0 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.