Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/pyhst2-2020a/PyHST/Cspace/CCspace.c
Examining data/pyhst2-2020a/PyHST/Cspace/CCspace.h
Examining data/pyhst2-2020a/PyHST/Cspace/Cspace.c
Examining data/pyhst2-2020a/PyHST/Cspace/chambollepock.h
Examining data/pyhst2-2020a/PyHST/Cspace/cpu_main.c
Examining data/pyhst2-2020a/PyHST/Cspace/cpu_main.h
Examining data/pyhst2-2020a/PyHST/Cspace/cpyutils.c
Examining data/pyhst2-2020a/PyHST/Cspace/cpyutils.h
Examining data/pyhst2-2020a/PyHST/Cspace/edftools.c
Examining data/pyhst2-2020a/PyHST/Cspace/edftools.h
Examining data/pyhst2-2020a/PyHST/Cspace/h5tools.c
Examining data/pyhst2-2020a/PyHST/Cspace/pdwt/src/common.h
Examining data/pyhst2-2020a/PyHST/Cspace/pdwt/src/demo.cpp
Examining data/pyhst2-2020a/PyHST/Cspace/pdwt/src/filters.cpp
Examining data/pyhst2-2020a/PyHST/Cspace/pdwt/src/filters.h
Examining data/pyhst2-2020a/PyHST/Cspace/pdwt/src/haar.h
Examining data/pyhst2-2020a/PyHST/Cspace/pdwt/src/io.cpp
Examining data/pyhst2-2020a/PyHST/Cspace/pdwt/src/io.h
Examining data/pyhst2-2020a/PyHST/Cspace/pdwt/src/nonseparable.h
Examining data/pyhst2-2020a/PyHST/Cspace/pdwt/src/separable.h
Examining data/pyhst2-2020a/PyHST/Cspace/pdwt/src/utils.h
Examining data/pyhst2-2020a/PyHST/Cspace/pdwt/src/wt.h
Examining data/pyhst2-2020a/PyHST/Cspace/py3c.h
Examining data/pyhst2-2020a/PyHST/Cspace/py3c/capsulethunk.h
Examining data/pyhst2-2020a/PyHST/Cspace/py3c/comparison.h
Examining data/pyhst2-2020a/PyHST/Cspace/py3c/compat.h
Examining data/pyhst2-2020a/PyHST/Cspace/py3c/fileshim.h
Examining data/pyhst2-2020a/PyHST/Cspace/py3c/py3shims.h
Examining data/pyhst2-2020a/PyHST/Cspace/py3c/tpflags.h
Examining data/pyhst2-2020a/PyHST/Cspace/pyhst_nnfbp.c
Examining data/pyhst2-2020a/PyHST/Cspace/unsharp3D.c
Examining data/pyhst2-2020a/PyHST/Cspace/unsharp3D.h
Examining data/pyhst2-2020a/PyHST/segment/segment.cc
Examining data/pyhst2-2020a/PyHST/segment/segment.h
Examining data/pyhst2-2020a/provaaffinit.cc
FINAL RESULTS:
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:104:11: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
int res=system("./plotbinary.sh tmp_plot.dat");
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:151:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fname2,"%s/%s" , dirname , fname );
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:1119:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(nomeout,"%s",self->params.OUTPUT_FILE_HISTOGRAM);
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:2615:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(nomeout,self->params.LT_pars->LT_KNOWN_REGIONS_FILE, Nfirstslice+ ((int)self->params.SOURCE_Y) );
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:2620:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(nomeout,"%s",self->params.LT_pars->LT_KNOWN_REGIONS_FILE);
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:2776:8: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(nomeout,self->params.OUTPUT_FILE, Nfirstslice+islice+gslice + ((int)self->params.SOURCE_Y) );
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:2782:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(nomeout,self->params.OUTPUT_FILE, "c", Nfirstslice+islice);
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:2785:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(nomeout,self->params.OUTPUT_FILE, "s", Nfirstslice+islice);
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:2792:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(nomeout,"%s",self->params.OUTPUT_FILE);
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:2795:25: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
if(iv==0) sprintf(nomeout,self->params.OUTPUT_FILE,"c");
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:2796:25: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
if(iv==1) sprintf(nomeout,self->params.OUTPUT_FILE,"s");
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:2810:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(nomeout,self->params.OUTPUT_FILE, Nfirstslice+islice );
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:3927:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(nomeout,self->params.OUTPUT_FILE, Nfirstslice+islice +
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:3954:17: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(nomeout,self->params.OUTPUT_FILE, Nfirstslice+islice + gslice );
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:3966:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(nomeout,self->params.OUTPUT_FILE, "c", Nfirstslice+islice + self->params.patch_ep );
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:3970:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(nomeout,self->params.OUTPUT_FILE, "s", Nfirstslice+islice+ self->params.patch_ep);
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:3980:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(nomeout,"%s",self->params.OUTPUT_FILE);
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:3982:25: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
if(iv==0) sprintf(nomeout,self->params.OUTPUT_FILE,"c");
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:3983:25: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
if(iv==1) sprintf(nomeout,self->params.OUTPUT_FILE,"s");
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:4987:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(nomeout,self->params.PROJ_OUTPUT_FILE, prevnprojs+ iproj );
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:5007:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(nomeout,self->params.PROJ_OUTPUT_FILE, prevnprojs+ iproj );
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:5030:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(nomeout,self->params.PROJ_OUTPUT_FILE, prevnprojs+ iproj );
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:7459:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(output_name, "%s_%04d.edf",self->params.OUTPUT_PAGANIN_FILE, (int) mystart + npj - pstart );
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:7464:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(output_name, "%s_%04d.edf",self->params.OUTPUT_PAGANIN_FILE, (int) mystart + npj+1 - pstart );
data/pyhst2-2020a/PyHST/Cspace/pyhst_nnfbp.c:233:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(nomeout,"%s_nnfbp_%04d.edf",self->params.OUTPUT_FILE_ORIG, Nfirstslice+islice+self->reading_infos.pos_s[0]);
data/pyhst2-2020a/PyHST/Cspace/pyhst_nnfbp.c:151:23: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
xP = dimslice*drand48();
data/pyhst2-2020a/PyHST/Cspace/pyhst_nnfbp.c:152:23: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
yP = dimslice*drand48();
data/pyhst2-2020a/PyHST/Cspace/pyhst_nnfbp.c:154:27: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
xP = dimslice*drand48();
data/pyhst2-2020a/PyHST/Cspace/pyhst_nnfbp.c:155:27: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
yP = dimslice*drand48();
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:100:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* fid = fopen("tmp_plot.dat","wb");
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:142:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[2000];
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:143:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname2[4000];
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:150:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( fname , dir->d_name, strlen( dir->d_name)+1 );
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:294:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(image_cpy, image, imsize_t);
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:296:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(image_cpy2, image, imsize_t);
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:354:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* fid = fopen(fname,"rb");
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:1117:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nomeout[10000];
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:1118:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[4000];
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:1121:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *output = fopen(nomeout,"w") ;
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:1129:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s,"{\nHeaderID = EH:000001:000000:000000 ;\nImage = 1 ;\nByteOrder = LowByteFirst ;\nSize = %ld ;\nDim_1 = %d ;\nDim_2 = %d ;\nDataType = Signed64 ;\nMaxVal = %14.8e ;\nMinVal = %14.8e ;\n",((long int )1000000 *sizeof(long int)),1,1000000,aMax,aMin);
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:1131:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s,"{\nHeaderID = EH:000001:000000:000000 ;\nImage = 1 ;\nByteOrder = HighByteFirst ;\nSize = %ld ;\nDim_1 = %d ;\nDim_2 = %d ;\nDataType = Signed64 ;\nMaxVal = %14.8e ;\nMinVal = %14.8e ;\n",((long int )1000000 *sizeof(long int) ),1,1000000,aMax,aMin);
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:1532:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lt->fftwR , gkern, sizeof(float) * nbins_reb ) ;
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:1542:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lt->fftwR , multisino+is*SLD + ipro*nbins_reb , sizeof(float) * nbins_reb ) ;
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:1618:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(multisino + nsigma* SLD, lt2s->slice_comp , lt2s->dim2s_s*sizeof(float) );
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:1769:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(nomeout, O_RDONLY );
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:2569:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nomeout[10000];
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:2725:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data_orig , dataA + islice*self->params.nprojs_span*num_bins, // nslice_data_granularity *
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:2729:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data_orig , dataA + islice*self->params.nprojs_span*num_bins, // nslice_data_granularity *
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:2822:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data,data_orig , (nslice_data_granularity+try_2by2)* VECTORIALITY*self->params.nprojs_span * num_bins * sizeof(float ));
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:2866:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data+offset,data_orig+offset ,self->params.nprojs_span * num_bins * sizeof(float ));
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:3284:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( dumfftwf , r0+j*num_bins, num_bins*sizeof(float) ) ;
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:3304:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( r0+j*num_bins, dumfftwf , num_bins*sizeof(float) ) ;
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:3339:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(SLICEold, SLICE, VECTORIALITY*dimslice*dimslice*sizeof(float) );
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:3563:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( dumfftwf , drings+j*num_bins, num_bins*sizeof(float) ) ;
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:3580:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( drings+j*num_bins, dumfftwf , num_bins*sizeof(float) ) ;
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:3894:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(self->histovalues, new_histo, 1000000*sizeof(long int));
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:4003:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(nomeout, O_RDWR | O_CREAT , 640);
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:4185:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* filedebug = fopen("rings.dat","w");
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:4310:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(WORK[projection],
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:4323:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(WORKbis,data
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:4346:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(WORKbis ,
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:4444:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( WORK_perproje+((nslices_data) *projection + islice)*(num_bins),
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:4592:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( self->slicesrequest->data,
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:4728:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nomeout[10000];
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:4812:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( transmit_buffer+tot*size1, Tptr + iproj*size0*size1 + (start_slice)*size1 ,(top_slice-start_slice)* size1*sizeof(float) );
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:5882:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ff2_projmean_old, self->ff2_globalmean, Size0*Size1*sizeof(float));
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:7458:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_name[1000];
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:7463:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_name[1000];
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:7823:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_data ,a_data , dim0*dim1*sizeof(float) );
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:7965:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( a_data, m_data, dim0*dim1*sizeof(float) );
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:8612:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(WORK +iv*blocksino + (projection)*num_bins ,data +iv*blocksino + (projection) * num_bins, num_bins * sizeof(float));
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:8683:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
else memcpy(WORK[projection],data +iv*blocksino + (projection) * num_bins, num_bins * sizeof(float));
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:8694:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(WORKbis,data +iv*blocksino + (0*self->params.nprojs_span +((projection+(( self->params.nprojs_span))/2)% ( self->params.nprojs_span)) )*
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:8713:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(WORKbis ,data +iv*blocksino + (0*self->params.nprojs_span + ((projection+(( self->params.nprojs_span))/2)% ( self->params.nprojs_span)) )*
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:8933:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( WORK_perproje+(projection*3+1)*(num_bins)*oversampling, OVERSAMPLE, (num_bins)*oversampling * sizeof(float));
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:8981:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(SLICEcalc,tmp, sizeof(float)*size*2 ) ;
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:9219:28: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define equalsS(A,i,B ) memcpy( (A)+(i)*dimslice*dimslice, B, dimslice*dimslice*sizeof(float) )
data/pyhst2-2020a/PyHST/Cspace/cpyutils.c:125:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( stringlist[i], strptr , strlen(strptr )+1);
data/pyhst2-2020a/PyHST/Cspace/cpyutils.c:138:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( string, strptr , strlen(strptr )+1);
data/pyhst2-2020a/PyHST/Cspace/cpyutils.c:164:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( res, PyArray_DATA((PyArrayObject*) Otmp) , (*listlenght)*PyArray_ITEMSIZE((PyArrayObject *) Otmp) );
data/pyhst2-2020a/PyHST/Cspace/cpyutils.c:185:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( res , PyArray_DATA((PyArrayObject*) Otmp), (*dim2)*(*dim1)*PyArray_ITEMSIZE((PyArrayObject *) Otmp) );
data/pyhst2-2020a/PyHST/Cspace/cpyutils.c:205:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( res , PyArray_DATA((PyArrayObject*) Otmp), (*dim2)*(*dim1)*PyArray_ITEMSIZE((PyArrayObject *) Otmp) );
data/pyhst2-2020a/PyHST/Cspace/cpyutils.c:232:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( res , PyArray_DATA((PyArrayObject*) Otmp), (*dim5)*(*dim4)*(*dim3) *(*dim2)*(*dim1) * PyArray_ITEMSIZE((PyArrayObject *) Otmp) );
data/pyhst2-2020a/PyHST/Cspace/edftools.c:106:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file=fopen(filename, "r");
data/pyhst2-2020a/PyHST/Cspace/edftools.c:243:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file=fopen(filename, "r");
data/pyhst2-2020a/PyHST/Cspace/edftools.c:495:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( target, mytarget, sizeof(float)*size0*size1 ) ;
data/pyhst2-2020a/PyHST/Cspace/edftools.c:535:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
edffile = fopen( filename ,"r");
data/pyhst2-2020a/PyHST/Cspace/edftools.c:684:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( buffer, target_float,size0*size1*sizeof(float) );
data/pyhst2-2020a/PyHST/Cspace/edftools.c:733:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
edffile = fopen( filename ,"r");
data/pyhst2-2020a/PyHST/Cspace/edftools.c:979:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *output = fopen(nomeout,"w") ;
data/pyhst2-2020a/PyHST/Cspace/edftools.c:987:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[4000];
data/pyhst2-2020a/PyHST/Cspace/edftools.c:992:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s,"{\nHeaderID = EH:000001:000000:000000 ;\nImage = 1 ;\nByteOrder = LowByteFirst ;\nSize = %ld ;\nDim_1 = %d ;\nDim_2 = %d ;\nDataType = Float ;\n",num_y*((long)num_x)*4,num_x,num_y);
data/pyhst2-2020a/PyHST/Cspace/edftools.c:994:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s,"{\nHeaderID = EH:000001:000000:000000 ;\nImage = 1 ;\nByteOrder = HighByteFirst ;\nSize = %ld ;\nDim_1 = %d ;\nDim_2 = %d ;\nDataType = Float ;\n",num_y*((long)num_x)*4,num_x,num_y);
data/pyhst2-2020a/PyHST/Cspace/edftools.c:1009:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *output = fopen(nomeout,"w") ;
data/pyhst2-2020a/PyHST/Cspace/edftools.c:1017:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[4000];
data/pyhst2-2020a/PyHST/Cspace/edftools.c:1022:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s,"{\nHeaderID = EH:000001:000000:000000 ;\nImage = 1 ;\nByteOrder = LowByteFirst ;\nSize = %ld ;\nDim_1 = %d ;\nDim_2 = %d ;\nDataType = Float ;\nFirst_2 = %d ;\nOri_2 = %d ;\n",real_num_y*((long)num_x)*4,num_x,real_num_y, start_y, num_y );
data/pyhst2-2020a/PyHST/Cspace/edftools.c:1024:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s,"{\nHeaderID = EH:000001:000000:000000 ;\nImage = 1 ;\nByteOrder = HighByteFirst ;\nSize = %ld ;\nDim_1 = %d ;\nDim_2 = %d ;\nDataType = Float ;\nFirst_2 = %d ;\nOri_2 = %d ;\n",real_num_y*((long)num_x)*4,num_x,real_num_y, start_y, num_y );
data/pyhst2-2020a/PyHST/Cspace/edftools.c:1041:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(nomeout, O_RDWR );
data/pyhst2-2020a/PyHST/Cspace/h5tools.c:19:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* fid = fopen(fname, "rb");
data/pyhst2-2020a/PyHST/Cspace/h5tools.c:77:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* fid0 = fopen(fname, "rb");
data/pyhst2-2020a/PyHST/Cspace/pdwt/src/demo.cpp:23:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input[512];
data/pyhst2-2020a/PyHST/Cspace/pdwt/src/demo.cpp:31:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input[512];
data/pyhst2-2020a/PyHST/Cspace/pdwt/src/demo.cpp:59:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wname[128];
data/pyhst2-2020a/PyHST/Cspace/pdwt/src/demo.cpp:71:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
what = atoi(argv[1]);
data/pyhst2-2020a/PyHST/Cspace/pdwt/src/demo.cpp:73:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nlevels = atoi(argv[3]);
data/pyhst2-2020a/PyHST/Cspace/pdwt/src/demo.cpp:74:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (argc >= 5) do_separable = atoi(argv[4]);
data/pyhst2-2020a/PyHST/Cspace/pdwt/src/demo.cpp:75:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (argc >= 6) do_swt = atoi(argv[5]);
data/pyhst2-2020a/PyHST/Cspace/pdwt/src/filters.h:636:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wname[16];
data/pyhst2-2020a/PyHST/Cspace/pdwt/src/io.cpp:11:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* fid = fopen(fname, "rb");
data/pyhst2-2020a/PyHST/Cspace/pdwt/src/io.cpp:23:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* fid = fopen(fname, "wb");
data/pyhst2-2020a/PyHST/Cspace/pdwt/src/wt.h:30:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wname[128]; // Wavelet name
data/pyhst2-2020a/PyHST/Cspace/py3c/capsulethunk.h:90:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name_dup, name, name_length);
data/pyhst2-2020a/PyHST/Cspace/pyhst_nnfbp.c:144:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fpM = fopen(self->params.NEURAL_TRAINING_MASK_FILE,"rb");
data/pyhst2-2020a/PyHST/Cspace/pyhst_nnfbp.c:222:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(self->params.NEURAL_TRAINING_RECONSTRUCTION_FILE,"rb");
data/pyhst2-2020a/PyHST/segment/segment.cc:66:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(pagbone_outputfile, O_RDONLY );
data/pyhst2-2020a/PyHST/segment/segment.cc:262:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open( maskbone_outputfile , O_RDWR | O_CREAT , 640);
data/pyhst2-2020a/PyHST/segment/segment.cc:342:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(absbone_outputfile, O_RDONLY );
data/pyhst2-2020a/PyHST/segment/segment.cc:354:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(pagbone_outputfile, O_RDONLY );
data/pyhst2-2020a/PyHST/segment/segment.cc:368:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(maskbone_outputfile, O_RDONLY );
data/pyhst2-2020a/PyHST/segment/segment.cc:453:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open( corrbone_outputfile , O_RDWR | O_CREAT , 640);
data/pyhst2-2020a/PyHST/segment/segment.cc:532:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(pagbone_outputfile, O_RDONLY );
data/pyhst2-2020a/PyHST/segment/segment.cc:544:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(maskbone_outputfile, O_RDONLY );
data/pyhst2-2020a/PyHST/segment/segment.cc:557:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(corrected_outputfile, O_RDONLY );
data/pyhst2-2020a/PyHST/segment/segment.cc:600:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open( outputfile , O_RDWR | O_CREAT , 640);
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:78:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define myread( a,b,c ) {int res=read(a,b,c); if(res<-1) printf(" gcc casse les pieds\n");}
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:148:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strncmp( dir->d_name, prefix, strlen( prefix) )==0 ) {
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:150:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy( fname , dir->d_name, strlen( dir->d_name)+1 );
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:448:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( self->CURRENT_NAME )==0 ) {
data/pyhst2-2020a/PyHST/Cspace/CCspace.c:1134:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len=strlen(s);
data/pyhst2-2020a/PyHST/Cspace/cpyutils.c:124:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
stringlist[i] = (char *) malloc( sizeof(char)*strlen(strptr )+1 );
data/pyhst2-2020a/PyHST/Cspace/cpyutils.c:125:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy( stringlist[i], strptr , strlen(strptr )+1);
data/pyhst2-2020a/PyHST/Cspace/cpyutils.c:137:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string= (char *) malloc( sizeof(char)*strlen(strptr )+1 );
data/pyhst2-2020a/PyHST/Cspace/cpyutils.c:138:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy( string, strptr , strlen(strptr )+1);
data/pyhst2-2020a/PyHST/Cspace/edftools.c:91:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t read;
data/pyhst2-2020a/PyHST/Cspace/edftools.c:113:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
*hsize = (*hsize) + read;
data/pyhst2-2020a/PyHST/Cspace/edftools.c:234:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t read;
data/pyhst2-2020a/PyHST/Cspace/edftools.c:996:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len=strlen(s);
data/pyhst2-2020a/PyHST/Cspace/edftools.c:1026:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len=strlen(s);
data/pyhst2-2020a/PyHST/Cspace/edftools.c:1050:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t res_read = read( fd, dum, nlines*num_x*sizeof(float) );
data/pyhst2-2020a/PyHST/Cspace/pdwt/src/demo.cpp:72:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(wname, argv[2], 128);
data/pyhst2-2020a/PyHST/Cspace/pdwt/src/io.cpp:32:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(input); // <string.h> must be included
data/pyhst2-2020a/PyHST/Cspace/py3c/capsulethunk.h:83:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t name_length = (strlen(name) + 1) * sizeof(char);
data/pyhst2-2020a/PyHST/segment/segment.cc:72:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read( fd, input_data , sizeof(float)* (Rend-Rstart)*SIZEY*SIZEX );
data/pyhst2-2020a/PyHST/segment/segment.cc:348:2: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read( fd, abs_data , sizeof(float)* (Rend-Rstart)*SIZEY*SIZEX );
data/pyhst2-2020a/PyHST/segment/segment.cc:360:2: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read( fd, pag_data , sizeof(float)* (Rend-Rstart)*SIZEY*SIZEX );
data/pyhst2-2020a/PyHST/segment/segment.cc:374:2: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read( fd, mask_data , sizeof(float)* (Rend-Rstart)*SIZEY*SIZEX );
data/pyhst2-2020a/PyHST/segment/segment.cc:538:2: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read( fd, pagbone_data , sizeof(float)* (Rend-Rstart)*SIZEY*SIZEX );
data/pyhst2-2020a/PyHST/segment/segment.cc:550:2: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read( fd, mask_data , sizeof(float)* (Rend-Rstart)*SIZEY*SIZEX );
data/pyhst2-2020a/PyHST/segment/segment.cc:563:2: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read( fd, corrected_data , sizeof(float)* (Rend-Rstart)*SIZEY*SIZEX );
ANALYSIS SUMMARY:
Hits = 149
Lines analyzed = 24176 in approximately 0.70 seconds (34361 lines/second)
Physical Source Lines of Code (SLOC) = 18306
Hits@level = [0] 295 [1] 25 [2] 95 [3] 4 [4] 25 [5] 0
Hits@level+ = [0+] 444 [1+] 149 [2+] 124 [3+] 29 [4+] 25 [5+] 0
Hits/KSLOC@level+ = [0+] 24.2543 [1+] 8.13941 [2+] 6.77374 [3+] 1.58418 [4+] 1.36567 [5+] 0
Dot directories skipped = 2 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.