Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/renaissance-0.9.0/Source/Renaissance.h Examining data/renaissance-0.9.0/Source/Markup.h Examining data/renaissance-0.9.0/Source/GNUstep.h Examining data/renaissance-0.9.0/Source/Markup/GSMarkupDecoderBackend.h Examining data/renaissance-0.9.0/Source/Markup/GSMarkupTagInstance.h Examining data/renaissance-0.9.0/Source/Markup/GSMarkupCoder.h Examining data/renaissance-0.9.0/Source/Markup/GSMarkupLocalizer.h Examining data/renaissance-0.9.0/Source/Markup/GSMarkupBundleAdditions.h Examining data/renaissance-0.9.0/Source/Markup/MarkupCommonInclude.h Examining data/renaissance-0.9.0/Source/Markup/GSMarkupAwaker.h Examining data/renaissance-0.9.0/Source/Markup/GSMarkupConnector.h Examining data/renaissance-0.9.0/Source/Markup/GSMarkupTagObject.h Examining data/renaissance-0.9.0/Source/Markup/GSMarkupDecoder.h Examining data/renaissance-0.9.0/Source/Markup/GSMarkupCoding.h Examining data/renaissance-0.9.0/Source/AutoLayout/NSViewSize.h Examining data/renaissance-0.9.0/Source/AutoLayout/GSAutoLayoutVBox.h Examining data/renaissance-0.9.0/Source/AutoLayout/GSAutoLayoutDefaults.h Examining data/renaissance-0.9.0/Source/AutoLayout/GSAutoLayoutStandardManager.h Examining data/renaissance-0.9.0/Source/AutoLayout/GSAutoLayoutSpace.h Examining data/renaissance-0.9.0/Source/AutoLayout/GSAutoLayoutBox.h Examining data/renaissance-0.9.0/Source/AutoLayout/GSAutoLayoutManager.h Examining data/renaissance-0.9.0/Source/AutoLayout/GSAutoLayoutVSpace.h Examining data/renaissance-0.9.0/Source/AutoLayout/GSAutoLayoutGrid.h Examining data/renaissance-0.9.0/Source/AutoLayout/GSAutoLayoutHBox.h Examining data/renaissance-0.9.0/Source/AutoLayout/GSAutoLayoutProportionalManager.h Examining data/renaissance-0.9.0/Source/AutoLayout/GSAutoLayoutHSpace.h Examining data/renaissance-0.9.0/Source/AutoLayout/GSAutoLayoutManagerPrivate.h Examining data/renaissance-0.9.0/Source/AutoLayout/AutoLayoutCommonInclude.h Examining data/renaissance-0.9.0/Source/TagLibrary/GSMarkupTagPopUpButtonItem.h Examining data/renaissance-0.9.0/Source/TagLibrary/GSMarkupTagWindow.h Examining data/renaissance-0.9.0/Source/TagLibrary/GSMarkupTagPanel.h Examining data/renaissance-0.9.0/Source/TagLibrary/GSMarkupTagTableView.h Examining data/renaissance-0.9.0/Source/TagLibrary/TagCommonInclude.h Examining data/renaissance-0.9.0/Source/TagLibrary/GSMarkupTagGridRow.h Examining data/renaissance-0.9.0/Source/TagLibrary/GSMarkupTagLabel.h Examining data/renaissance-0.9.0/Source/TagLibrary/GSMarkupTagPopUpButton.h Examining data/renaissance-0.9.0/Source/TagLibrary/GSMarkupTagMatrix.h Examining data/renaissance-0.9.0/Source/TagLibrary/GSMarkupTagControl.h Examining data/renaissance-0.9.0/Source/TagLibrary/GSMarkupTagMatrixRow.h Examining data/renaissance-0.9.0/Source/TagLibrary/GSMarkupTagImage.h Examining data/renaissance-0.9.0/Source/TagLibrary/GSMarkupTagSecureTextField.h Examining data/renaissance-0.9.0/Source/TagLibrary/GSMarkupTagButton.h Examining data/renaissance-0.9.0/Source/TagLibrary/GSMarkupTagBrowser.h Examining data/renaissance-0.9.0/Source/TagLibrary/GSMarkupTagView.h Examining data/renaissance-0.9.0/Source/TagLibrary/GSMarkupTagTableColumn.h Examining data/renaissance-0.9.0/Source/TagLibrary/GSMarkupTagSplitView.h Examining data/renaissance-0.9.0/Source/TagLibrary/GSMarkupTagTextView.h Examining data/renaissance-0.9.0/Source/TagLibrary/GSMarkupTagScrollView.h Examining data/renaissance-0.9.0/Source/TagLibrary/GSMarkupTagVspace.h Examining data/renaissance-0.9.0/Source/TagLibrary/GSMarkupWindowController.h Examining data/renaissance-0.9.0/Source/TagLibrary/GSMarkupTagTextField.h Examining data/renaissance-0.9.0/Source/TagLibrary/GSMarkupTagFormItem.h Examining data/renaissance-0.9.0/Source/TagLibrary/GSMarkupTagHspace.h Examining data/renaissance-0.9.0/Source/TagLibrary/GSMarkupTagMenuSeparator.h Examining data/renaissance-0.9.0/Source/TagLibrary/GSMarkupTagForm.h Examining data/renaissance-0.9.0/Source/TagLibrary/GSMarkupTagVbox.h Examining data/renaissance-0.9.0/Source/TagLibrary/GSMarkupDocument.h Examining data/renaissance-0.9.0/Source/TagLibrary/GSMarkupTagMenuItem.h Examining data/renaissance-0.9.0/Source/TagLibrary/GSMarkupApplicationMain.h Examining data/renaissance-0.9.0/Source/TagLibrary/GSMarkupTagOutlineView.h Examining data/renaissance-0.9.0/Source/TagLibrary/GSMarkupTagGrid.h Examining data/renaissance-0.9.0/Source/TagLibrary/GSMarkupTagBox.h Examining data/renaissance-0.9.0/Source/TagLibrary/GSMarkupTagHbox.h Examining data/renaissance-0.9.0/Source/TagLibrary/GSMarkupTagColorWell.h Examining data/renaissance-0.9.0/Source/TagLibrary/GSMarkupTagMenu.h Examining data/renaissance-0.9.0/Source/TagLibrary/GSMarkupTagMatrixCell.h Examining data/renaissance-0.9.0/Source/TagLibrary/GSMarkupTagObjectAdditions.h Examining data/renaissance-0.9.0/Source/TagLibrary/GSMarkupTagSpace.h Examining data/renaissance-0.9.0/Examples/Applications/Ink/Document.h Examining data/renaissance-0.9.0/Examples/Applications/SimpleEditor/TextDocument.h Examining data/renaissance-0.9.0/Examples/Applications/Templates/Standard/MainController.h Examining data/renaissance-0.9.0/Examples/Applications/Finger/NSTextViewAdd.h Examining data/renaissance-0.9.0/Examples/Applications/Finger/FingerWindow.h Examining data/renaissance-0.9.0/Examples/Applications/Finger/PreferencesController.h Examining data/renaissance-0.9.0/Examples/Applications/Finger/Finger.h Examining data/renaissance-0.9.0/Examples/Applications/Finger/Controller.h Examining data/renaissance-0.9.0/Examples/Applications/Calculator/Calculator.h FINAL RESULTS: data/renaissance-0.9.0/Examples/Applications/Calculator/Calculator.h:54:10: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. - (void) equal: (id)sender; ANALYSIS SUMMARY: Hits = 1 Lines analyzed = 5387 in approximately 0.22 seconds (25052 lines/second) Physical Source Lines of Code (SLOC) = 1253 Hits@level = [0] 0 [1] 1 [2] 0 [3] 0 [4] 0 [5] 0 Hits@level+ = [0+] 1 [1+] 1 [2+] 0 [3+] 0 [4+] 0 [5+] 0 Hits/KSLOC@level+ = [0+] 0.798085 [1+] 0.798085 [2+] 0 [3+] 0 [4+] 0 [5+] 0 Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.