Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/python-cffi-1.14.4/testing/embedding/perf-test.c
Examining data/python-cffi-1.14.4/testing/embedding/thread2-test.c
Examining data/python-cffi-1.14.4/testing/embedding/add_recursive-test.c
Examining data/python-cffi-1.14.4/testing/embedding/add1-test.c
Examining data/python-cffi-1.14.4/testing/embedding/tlocal-test.c
Examining data/python-cffi-1.14.4/testing/embedding/thread3-test.c
Examining data/python-cffi-1.14.4/testing/embedding/thread-test.h
Examining data/python-cffi-1.14.4/testing/embedding/add2-test.c
Examining data/python-cffi-1.14.4/testing/embedding/thread1-test.c
Examining data/python-cffi-1.14.4/demo/embedding_test.c
Examining data/python-cffi-1.14.4/demo/manual.c
Examining data/python-cffi-1.14.4/cffi/_cffi_errors.h
Examining data/python-cffi-1.14.4/cffi/parse_c_type.h
Examining data/python-cffi-1.14.4/cffi/_embedding.h
Examining data/python-cffi-1.14.4/cffi/_cffi_include.h
Examining data/python-cffi-1.14.4/c/realize_c_type.c
Examining data/python-cffi-1.14.4/c/wchar_helper_3.h
Examining data/python-cffi-1.14.4/c/_cffi_backend.c
Examining data/python-cffi-1.14.4/c/cdlopen.c
Examining data/python-cffi-1.14.4/c/malloc_closure.h
Examining data/python-cffi-1.14.4/c/cglob.c
Examining data/python-cffi-1.14.4/c/libffi_msvc/ffitarget.h
Examining data/python-cffi-1.14.4/c/libffi_msvc/types.c
Examining data/python-cffi-1.14.4/c/libffi_msvc/win32.c
Examining data/python-cffi-1.14.4/c/libffi_msvc/ffi_common.h
Examining data/python-cffi-1.14.4/c/libffi_msvc/ffi.h
Examining data/python-cffi-1.14.4/c/libffi_msvc/prep_cif.c
Examining data/python-cffi-1.14.4/c/libffi_msvc/ffi.c
Examining data/python-cffi-1.14.4/c/libffi_msvc/fficonfig.h
Examining data/python-cffi-1.14.4/c/wchar_helper.h
Examining data/python-cffi-1.14.4/c/misc_thread_common.h
Examining data/python-cffi-1.14.4/c/misc_thread_posix.h
Examining data/python-cffi-1.14.4/c/parse_c_type.c
Examining data/python-cffi-1.14.4/c/misc_win32.h
Examining data/python-cffi-1.14.4/c/minibuffer.h
Examining data/python-cffi-1.14.4/c/lib_obj.c
Examining data/python-cffi-1.14.4/c/commontypes.c
Examining data/python-cffi-1.14.4/c/call_python.c
Examining data/python-cffi-1.14.4/c/file_emulator.h
Examining data/python-cffi-1.14.4/c/ffi_obj.c
Examining data/python-cffi-1.14.4/c/cffi1_module.c
FINAL RESULTS:
data/python-cffi-1.14.4/c/cffi1_module.c:202:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(module_name_with_lib, module_name);
data/python-cffi-1.14.4/c/lib_obj.c:193:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(funcbuilder.bufferp - 1, format, libname);
data/python-cffi-1.14.4/c/misc_win32.h:219:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mangled_name, "_%s@%d", symbol, i * 4);
data/python-cffi-1.14.4/c/realize_c_type.c:287:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(target, &srcname[1]);
data/python-cffi-1.14.4/c/realize_c_type.c:290:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(target, prefix);
data/python-cffi-1.14.4/c/realize_c_type.c:291:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(target, srcname);
data/python-cffi-1.14.4/c/realize_c_type.c:299:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(target, &srcname[7]);
data/python-cffi-1.14.4/c/realize_c_type.c:302:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(target, &srcname[6]);
data/python-cffi-1.14.4/c/realize_c_type.c:305:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(target, &srcname[5]);
data/python-cffi-1.14.4/c/realize_c_type.c:309:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(target, srcname);
data/python-cffi-1.14.4/cffi/_embedding.h:88:9: [3] (misc) InitializeCriticalSection:
Exceptions can be thrown in low-memory situations. Use
InitializeCriticalSectionAndSpinCount instead.
InitializeCriticalSection(&_cffi_embed_startup_lock);
data/python-cffi-1.14.4/cffi/_embedding.h:100:5: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
EnterCriticalSection(&_cffi_embed_startup_lock);
data/python-cffi-1.14.4/c/_cffi_backend.c:245:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ct_name[1]; /* string, e.g. "int *" for pointers to ints */
data/python-cffi-1.14.4/c/_cffi_backend.c:414:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, ct_base->ct_name, ct_base->ct_name_position);
data/python-cffi-1.14.4/c/_cffi_backend.c:416:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, extra_text, extra_name_len);
data/python-cffi-1.14.4/c/_cffi_backend.c:418:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, ct_base->ct_name + ct_base->ct_name_position,
data/python-cffi-1.14.4/c/_cffi_backend.c:900:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&r, target, sizeof(type)); \
data/python-cffi-1.14.4/c/_cffi_backend.c:936:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(target, src, size);
data/python-cffi-1.14.4/c/_cffi_backend.c:983:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&real_part, target + 0, sizeof(float));
data/python-cffi-1.14.4/c/_cffi_backend.c:984:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&imag_part, target + sizeof(float), sizeof(float));
data/python-cffi-1.14.4/c/_cffi_backend.c:990:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&r, target, 2*sizeof(double));
data/python-cffi-1.14.4/c/_cffi_backend.c:1229:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err_got[80];
data/python-cffi-1.14.4/c/_cffi_backend.c:1253:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err_got[80];
data/python-cffi-1.14.4/c/_cffi_backend.c:1503:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, srcdata, n);
data/python-cffi-1.14.4/c/_cffi_backend.c:1544:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, cd->c_data, n * ctitem->ct_size);
data/python-cffi-1.14.4/c/_cffi_backend.c:1619:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[sizeof(PY_LONG_LONG)];
data/python-cffi-1.14.4/c/_cffi_backend.c:1757:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, ((CDataObject *)init)->c_data, ct->ct_size);
data/python-cffi-1.14.4/c/_cffi_backend.c:2099:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[128]; /* big enough */
data/python-cffi-1.14.4/c/_cffi_backend.c:2102:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%LE", lvalue);
data/python-cffi-1.14.4/c/_cffi_backend.c:2617:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cdata, src, length);
data/python-cffi-1.14.4/c/_cffi_backend.c:3748:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cd->c_data, data, datasize);
data/python-cffi-1.14.4/c/_cffi_backend.c:4035:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err_buf[80];
data/python-cffi-1.14.4/c/_cffi_backend.c:4087:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ignored[80];
data/python-cffi-1.14.4/c/_cffi_backend.c:4605:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkey, unique_key, keylength * sizeof(void *));
data/python-cffi-1.14.4/c/_cffi_backend.c:4796:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(td->ct_name, name, name_size);
data/python-cffi-1.14.4/c/_cffi_backend.c:4895:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extra_text[32];
data/python-cffi-1.14.4/c/_cffi_backend.c:4912:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(extra_text, "[]");
data/python-cffi-1.14.4/c/_cffi_backend.c:4917:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(extra_text, "[%llu]", (unsigned PY_LONG_LONG)length);
data/python-cffi-1.14.4/c/_cffi_backend.c:4947:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(td->ct_name, "void", name_size);
data/python-cffi-1.14.4/c/_cffi_backend.c:4971:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(td->ct_name, name, namelen + 1);
data/python-cffi-1.14.4/c/_cffi_backend.c:5739:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fb->bufferp, piece, piecelen);
data/python-cffi-1.14.4/c/_cffi_backend.c:6149:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(result, PyBytes_AS_STRING(py_rawerr),
data/python-cffi-1.14.4/c/_cffi_backend.c:6479:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(td->ct_name, ename, name_size);
data/python-cffi-1.14.4/c/_cffi_backend.c:6678:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, ct->ct_name, ct->ct_name_position);
data/python-cffi-1.14.4/c/_cffi_backend.c:6680:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, replace_with, replacelen);
data/python-cffi-1.14.4/c/_cffi_backend.c:6682:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, ct->ct_name + ct->ct_name_position,
data/python-cffi-1.14.4/c/cffi1_module.c:153:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
module_name = (char *)raw[0];
data/python-cffi-1.14.4/c/cffi1_module.c:155:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
exports = (char *)raw[2];
data/python-cffi-1.14.4/c/cffi1_module.c:174:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(exports, (char *)cffi_exports, num_exports * sizeof(void *));
data/python-cffi-1.14.4/c/cffi1_module.c:203:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(module_name_with_lib, ".lib");
data/python-cffi-1.14.4/c/ffi_obj.c:601:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, ct->ct_name, ct->ct_name_position);
data/python-cffi-1.14.4/c/ffi_obj.c:604:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, ct->ct_name + ct->ct_name_position,
data/python-cffi-1.14.4/c/ffi_obj.c:655:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, replace_with, replace_with_len);
data/python-cffi-1.14.4/c/lib_obj.c:22:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char doc[1];
data/python-cffi-1.14.4/c/libffi_msvc/ffi.c:116:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(argp, *p_argv, z);
data/python-cffi-1.14.4/c/libffi_msvc/ffi.c:431:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define BYTES(text) memcpy(tramp, text, sizeof(text)), tramp += sizeof(text)-1
data/python-cffi-1.14.4/c/libffi_msvc/ffi.h:187:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[FFI_SIZEOF_ARG];
data/python-cffi-1.14.4/c/libffi_msvc/ffi.h:218:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tramp[FFI_TRAMPOLINE_SIZE];
data/python-cffi-1.14.4/c/libffi_msvc/ffi.h:238:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tramp[FFI_TRAMPOLINE_SIZE];
data/python-cffi-1.14.4/c/libffi_msvc/ffi_common.h:23:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
# define memcpy(d, s, n) bcopy ((s), (d), (n))
data/python-cffi-1.14.4/c/libffi_msvc/ffi_common.h:23:27: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
# define memcpy(d, s, n) bcopy ((s), (d), (n))
data/python-cffi-1.14.4/c/malloc_closure.h:40:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen ("/proc/self/status", "r");
data/python-cffi-1.14.4/c/minibuffer.h:83:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(self->mb_data + left, src_view.buf, count);
data/python-cffi-1.14.4/c/misc_win32.h:143:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_small_buf[40]; /* Room for "Windows Error 0xFFFFFFFFFFFFFFFF" */
data/python-cffi-1.14.4/c/misc_win32.h:171:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s_small_buf, "Windows Error 0x%X", err);
data/python-cffi-1.14.4/c/misc_win32.h:236:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[32];
data/python-cffi-1.14.4/c/misc_win32.h:240:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "error 0x%x", (unsigned int)dw);
data/python-cffi-1.14.4/c/realize_c_type.c:196:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char got[64];
data/python-cffi-1.14.4/c/realize_c_type.c:228:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(got, "%llu (0x%llx)", value, value);
data/python-cffi-1.14.4/c/realize_c_type.c:230:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(got, "%lld", (long long)value);
data/python-cffi-1.14.4/c/wchar_helper.h:129:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(err_got, "unicode string of length %zd",
data/python-cffi-1.14.4/c/wchar_helper.h:136:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(err_got, "larger-than-0xFFFF character");
data/python-cffi-1.14.4/c/wchar_helper.h:159:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(err_got, "unicode string of length %zd",
data/python-cffi-1.14.4/c/wchar_helper_3.h:63:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(err_got, "unicode string of length %zd",
data/python-cffi-1.14.4/c/wchar_helper_3.h:71:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(err_got, "larger-than-0xFFFF character");
data/python-cffi-1.14.4/c/wchar_helper_3.h:83:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(err_got, "unicode string of length %zd",
data/python-cffi-1.14.4/cffi/_cffi_include.h:184:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((PyObject *(*)(char *, struct _cffi_ctypedescr *))_cffi_exports[10])
data/python-cffi-1.14.4/cffi/_cffi_include.h:186:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *(*)(PyObject *, struct _cffi_ctypedescr *))_cffi_exports[11])
data/python-cffi-1.14.4/cffi/_cffi_include.h:196:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((PyObject *(*)(char *, struct _cffi_ctypedescr *))_cffi_exports[16])
data/python-cffi-1.14.4/cffi/_cffi_include.h:198:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((int(*)(char *, struct _cffi_ctypedescr *, PyObject *))_cffi_exports[17])
data/python-cffi-1.14.4/cffi/_cffi_include.h:200:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((PyObject *(*)(char *, struct _cffi_ctypedescr *))_cffi_exports[18])
data/python-cffi-1.14.4/cffi/_cffi_include.h:211:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
PyObject *, char **))_cffi_exports[23])
data/python-cffi-1.14.4/cffi/_cffi_include.h:213:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((int(*)(char *, struct _cffi_ctypedescr *, PyObject *))_cffi_exports[24])
data/python-cffi-1.14.4/cffi/_cffi_include.h:216:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((void(*)(struct _cffi_externpy_s *, char *))_cffi_exports[_CFFI_CPIDX])
data/python-cffi-1.14.4/demo/manual.c:60:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (_cffi_convert_array_from_object((char *)x1, _cffi_types[1], arg1) < 0)
data/python-cffi-1.14.4/c/_cffi_backend.c:402:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int base_name_len = strlen(ct_base->ct_name);
data/python-cffi-1.14.4/c/_cffi_backend.c:403:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int extra_name_len = strlen(extra_text);
data/python-cffi-1.14.4/c/_cffi_backend.c:4791:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name_size = strlen(ptypes->name) + 1;
data/python-cffi-1.14.4/c/_cffi_backend.c:4809:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
td->ct_name_position = strlen(td->ct_name);
data/python-cffi-1.14.4/c/_cffi_backend.c:4941:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int name_size = strlen("void") + 1;
data/python-cffi-1.14.4/c/_cffi_backend.c:4950:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
td->ct_name_position = strlen("void");
data/python-cffi-1.14.4/c/_cffi_backend.c:4962:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int namelen = strlen(name);
data/python-cffi-1.14.4/c/_cffi_backend.c:5760:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fb_cat_name(fb, repl, strlen(repl));
data/python-cffi-1.14.4/c/_cffi_backend.c:5762:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(repl) - 1; /* between '(*' and ')' */
data/python-cffi-1.14.4/c/_cffi_backend.c:5780:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fb_cat_name(fb, farg->ct_name, strlen(farg->ct_name));
data/python-cffi-1.14.4/c/_cffi_backend.c:5793:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(fresult->ct_name) - fresult->ct_name_position + 1);
data/python-cffi-1.14.4/c/_cffi_backend.c:6474:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name_size = strlen(ename) + 1;
data/python-cffi-1.14.4/c/_cffi_backend.c:6675:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namelen = strlen(ct->ct_name);
data/python-cffi-1.14.4/c/_cffi_backend.c:6676:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
replacelen = strlen(replace_with);
data/python-cffi-1.14.4/c/_cffi_backend.c:6721:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(start);
data/python-cffi-1.14.4/c/call_python.c:101:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
index = search_in_globals(&types_builder->ctx, s, strlen(s));
data/python-cffi-1.14.4/c/cdlopen.c:303:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nenums[i].name = e; e += strlen(e) + 1;
data/python-cffi-1.14.4/c/cffi1_module.c:201:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
module_name_with_lib = alloca(strlen(module_name) + 5);
data/python-cffi-1.14.4/c/commontypes.c:197:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return entry + strlen(entry) + 1;
data/python-cffi-1.14.4/c/commontypes.c:206:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
PyObject *o = PyText_FromString(s + strlen(s) + 1);
data/python-cffi-1.14.4/c/ffi_obj.c:100:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
index = search_in_globals(&ffi->types_builder.ctx, name, strlen(name));
data/python-cffi-1.14.4/c/ffi_obj.c:150:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t length = strlen(input_text);
data/python-cffi-1.14.4/c/ffi_obj.c:595:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
base_name_len = strlen(ct->ct_name);
data/python-cffi-1.14.4/c/ffi_obj.c:637:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
replace_with_len = strlen(replace_with);
data/python-cffi-1.14.4/c/ffi_obj.c:1205:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(s->name));
data/python-cffi-1.14.4/c/lib_obj.c:175:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(format) + strlen(libname));
data/python-cffi-1.14.4/c/lib_obj.c:175:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(format) + strlen(libname));
data/python-cffi-1.14.4/c/lib_obj.c:220:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
index = search_in_globals(&types_builder->ctx, s, strlen(s));
data/python-cffi-1.14.4/c/misc_win32.h:215:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *mangled_name = alloca(1 + strlen(symbol) + 1 + 3 + 1);
data/python-cffi-1.14.4/c/realize_c_type.c:308:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(target, "$");
data/python-cffi-1.14.4/c/realize_c_type.c:345:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *name = alloca(8 + strlen(s->name));
data/python-cffi-1.14.4/c/realize_c_type.c:524:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *name = alloca(6 + strlen(e->name));
data/python-cffi-1.14.4/c/realize_c_type.c:722:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = alloca(2 + strlen(ct->ct_name));
data/python-cffi-1.14.4/c/realize_c_type.c:725:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = search_in_struct_unions(&builder->ctx, p, strlen(p));
ANALYSIS SUMMARY:
Hits = 119
Lines analyzed = 17984 in approximately 0.44 seconds (41144 lines/second)
Physical Source Lines of Code (SLOC) = 14263
Hits@level = [0] 18 [1] 34 [2] 73 [3] 2 [4] 10 [5] 0
Hits@level+ = [0+] 137 [1+] 119 [2+] 85 [3+] 12 [4+] 10 [5+] 0
Hits/KSLOC@level+ = [0+] 9.60527 [1+] 8.34327 [2+] 5.95948 [3+] 0.841338 [4+] 0.701115 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.