Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/spglib-1.16.0/example/example.c Examining data/spglib-1.16.0/example/tetrahedron.c Examining data/spglib-1.16.0/python/_spglib.c Examining data/spglib-1.16.0/ruby/getspg.c Examining data/spglib-1.16.0/rust/spglib-sys/wrapper.h Examining data/spglib-1.16.0/src/arithmetic.c Examining data/spglib-1.16.0/src/arithmetic.h Examining data/spglib-1.16.0/src/cell.c Examining data/spglib-1.16.0/src/cell.h Examining data/spglib-1.16.0/src/debug.c Examining data/spglib-1.16.0/src/debug.h Examining data/spglib-1.16.0/src/delaunay.c Examining data/spglib-1.16.0/src/delaunay.h Examining data/spglib-1.16.0/src/determination.c Examining data/spglib-1.16.0/src/determination.h Examining data/spglib-1.16.0/src/hall_symbol.c Examining data/spglib-1.16.0/src/hall_symbol.h Examining data/spglib-1.16.0/src/kgrid.c Examining data/spglib-1.16.0/src/kgrid.h Examining data/spglib-1.16.0/src/kpoint.c Examining data/spglib-1.16.0/src/kpoint.h Examining data/spglib-1.16.0/src/mathfunc.c Examining data/spglib-1.16.0/src/mathfunc.h Examining data/spglib-1.16.0/src/niggli.c Examining data/spglib-1.16.0/src/niggli.h Examining data/spglib-1.16.0/src/overlap.c Examining data/spglib-1.16.0/src/overlap.h Examining data/spglib-1.16.0/src/pointgroup.c Examining data/spglib-1.16.0/src/pointgroup.h Examining data/spglib-1.16.0/src/primitive.c Examining data/spglib-1.16.0/src/primitive.h Examining data/spglib-1.16.0/src/refinement.c Examining data/spglib-1.16.0/src/refinement.h Examining data/spglib-1.16.0/src/site_symmetry.c Examining data/spglib-1.16.0/src/site_symmetry.h Examining data/spglib-1.16.0/src/sitesym_database.c Examining data/spglib-1.16.0/src/sitesym_database.h Examining data/spglib-1.16.0/src/spacegroup.c Examining data/spglib-1.16.0/src/spacegroup.h Examining data/spglib-1.16.0/src/spg_database.c Examining data/spglib-1.16.0/src/spg_database.h Examining data/spglib-1.16.0/src/spglib.c Examining data/spglib-1.16.0/src/spglib.h Examining data/spglib-1.16.0/src/spglib_f.c Examining data/spglib-1.16.0/src/spin.c Examining data/spglib-1.16.0/src/spin.h Examining data/spglib-1.16.0/src/symmetry.c Examining data/spglib-1.16.0/src/symmetry.h Examining data/spglib-1.16.0/src/test.c Examining data/spglib-1.16.0/src/version.h FINAL RESULTS: data/spglib-1.16.0/src/debug.h:40:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define debug_print(...) printf(__VA_ARGS__) data/spglib-1.16.0/src/debug.h:66:28: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define warning_print(...) fprintf (stderr, __VA_ARGS__) data/spglib-1.16.0/src/kpoint.c:44:28: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define warning_print(...) fprintf(stderr,__VA_ARGS__) data/spglib-1.16.0/src/niggli.c:76:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define debug_print(...) printf(__VA_ARGS__) data/spglib-1.16.0/src/niggli.c:102:28: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define warning_print(...) fprintf(stderr,__VA_ARGS__) data/spglib-1.16.0/example/example.c:360:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char symbol[21]; data/spglib-1.16.0/example/example.c:385:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char symbol[7]; data/spglib-1.16.0/example/example.c:761:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ptsymbol[6]; data/spglib-1.16.0/example/tetrahedron.c:115:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen("frequency.dat", "r"); data/spglib-1.16.0/example/tetrahedron.c:166:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen("dos.dat", "w"); data/spglib-1.16.0/python/_spglib.c:503:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char symbol[6]; data/spglib-1.16.0/ruby/getspg.c:56:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char symbol[6]; data/spglib-1.16.0/src/arithmetic.c:67:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char arithmetic_crystal_class_symbols[74][7] = { data/spglib-1.16.0/src/arithmetic.c:144:21: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. int arth_get_symbol(char symbol[7], const int spgroup_number) data/spglib-1.16.0/src/arithmetic.c:153:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(symbol, arithmetic_crystal_class_symbols[arth_number], 7); data/spglib-1.16.0/src/arithmetic.h:38:21: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. int arth_get_symbol(char symbol[7], const int spgroup_number); data/spglib-1.16.0/src/niggli.c:207:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p->lattice, lattice_, sizeof(double) * 9); data/spglib-1.16.0/src/niggli.c:216:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(lattice_, p->lattice, sizeof(double) * 9); data/spglib-1.16.0/src/niggli.c:230:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p->lattice, lat_tmp, sizeof(double) * 9); data/spglib-1.16.0/src/overlap.c:410:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(write, read, value_size); data/spglib-1.16.0/src/pointgroup.c:49:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char symbol[6]; data/spglib-1.16.0/src/pointgroup.c:50:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char schoenflies[4]; data/spglib-1.16.0/src/pointgroup.c:463:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pointgroup.symbol, pointgroup_type.symbol, 6); data/spglib-1.16.0/src/pointgroup.c:464:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pointgroup.schoenflies, pointgroup_type.schoenflies, 4); data/spglib-1.16.0/src/pointgroup.h:69:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char symbol[6]; data/spglib-1.16.0/src/pointgroup.h:70:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char schoenflies[4]; data/spglib-1.16.0/src/refinement.c:53:37: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char (*site_symmetry_symbols)[7], data/spglib-1.16.0/src/refinement.c:65:41: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char (*site_symmetry_symbols)[7], data/spglib-1.16.0/src/refinement.c:73:29: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char (*site_symmetry_symbols)[7], data/spglib-1.16.0/src/refinement.c:80:38: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. SPGCONST char (*site_symmetry_symbols_prim)[7], data/spglib-1.16.0/src/refinement.c:91:31: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char choice[6]); data/spglib-1.16.0/src/refinement.c:178:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char (*site_symmetry_symbols)[7]; data/spglib-1.16.0/src/refinement.c:334:37: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char (*site_symmetry_symbols)[7], data/spglib-1.16.0/src/refinement.c:349:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char (*site_symmetry_symbols_bravais)[7]; data/spglib-1.16.0/src/refinement.c:457:41: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char (*site_symmetry_symbols)[7], data/spglib-1.16.0/src/refinement.c:466:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char (*site_symmetry_symbols_prim)[7]; data/spglib-1.16.0/src/refinement.c:488:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char (*)[7]) malloc(sizeof(char[7]) * primitive->size)) == NULL) { data/spglib-1.16.0/src/refinement.c:585:43: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char (*site_symmetry_symbols)[7], data/spglib-1.16.0/src/refinement.c:592:52: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. SPGCONST char (*site_symmetry_symbols_prim)[7], data/spglib-1.16.0/src/refinement.c:775:31: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char choice[6]) data/spglib-1.16.0/src/refinement.h:46:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char (*site_symmetry_symbols)[7]; data/spglib-1.16.0/src/site_symmetry.c:65:32: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char (*site_symmetry_symbols)[7], data/spglib-1.16.0/src/site_symmetry.c:73:33: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static int get_Wyckoff_notation(char site_sym_symbol[7], data/spglib-1.16.0/src/site_symmetry.c:84:34: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char (*site_symmetry_symbols)[7], data/spglib-1.16.0/src/site_symmetry.c:285:32: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char (*site_symmetry_symbols)[7], data/spglib-1.16.0/src/site_symmetry.c:346:33: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static int get_Wyckoff_notation(char site_sym_symbol[7], data/spglib-1.16.0/src/site_symmetry.h:44:34: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char (*site_symmetry_symbols)[7], data/spglib-1.16.0/src/sitesym_database.c:1778:37: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. void ssmdb_get_site_symmetry_symbol(char symbol[7], const int index) data/spglib-1.16.0/src/sitesym_database.h:42:37: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. void ssmdb_get_site_symmetry_symbol(char symbol[7], const int index); data/spglib-1.16.0/src/spacegroup.c:864:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(spacegroup->schoenflies, spacegroup_type.schoenflies, 7); data/spglib-1.16.0/src/spacegroup.c:865:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(spacegroup->hall_symbol, spacegroup_type.hall_symbol, 17); data/spglib-1.16.0/src/spacegroup.c:866:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(spacegroup->international, spacegroup_type.international, 32); data/spglib-1.16.0/src/spacegroup.c:867:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(spacegroup->international_long, spacegroup_type.international_full, 20); data/spglib-1.16.0/src/spacegroup.c:868:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(spacegroup->international_short, data/spglib-1.16.0/src/spacegroup.c:870:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(spacegroup->choice, spacegroup_type.choice, 6); data/spglib-1.16.0/src/spacegroup.h:47:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char schoenflies[7]; data/spglib-1.16.0/src/spacegroup.h:48:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hall_symbol[17]; data/spglib-1.16.0/src/spacegroup.h:49:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char international[32]; data/spglib-1.16.0/src/spacegroup.h:50:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char international_long[20]; data/spglib-1.16.0/src/spacegroup.h:51:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char international_short[11]; data/spglib-1.16.0/src/spacegroup.h:52:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char choice[6]; data/spglib-1.16.0/src/spg_database.h:43:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char schoenflies[7]; data/spglib-1.16.0/src/spg_database.h:44:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hall_symbol[17]; data/spglib-1.16.0/src/spg_database.h:45:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char international[32]; data/spglib-1.16.0/src/spg_database.h:46:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char international_full[20]; data/spglib-1.16.0/src/spg_database.h:47:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char international_short[11]; data/spglib-1.16.0/src/spg_database.h:48:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char choice[6]; data/spglib-1.16.0/src/spglib.c:154:30: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static int get_international(char symbol[11], data/spglib-1.16.0/src/spglib.c:161:28: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static int get_schoenflies(char symbol[7], data/spglib-1.16.0/src/spglib.c:655:27: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. int spg_get_international(char symbol[11], data/spglib-1.16.0/src/spglib.c:672:29: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. int spgat_get_international(char symbol[11], data/spglib-1.16.0/src/spglib.c:690:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. int spg_get_schoenflies(char symbol[7], data/spglib-1.16.0/src/spglib.c:707:27: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. int spgat_get_schoenflies(char symbol[7], data/spglib-1.16.0/src/spglib.c:725:24: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. int spg_get_pointgroup(char symbol[6], data/spglib-1.16.0/src/spglib.c:741:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(symbol, pointgroup.symbol, 6); data/spglib-1.16.0/src/spglib.c:785:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char arth_symbol[7]; data/spglib-1.16.0/src/spglib.c:802:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(spglibtype.schoenflies, spgtype.schoenflies, 7); data/spglib-1.16.0/src/spglib.c:803:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(spglibtype.hall_symbol, spgtype.hall_symbol, 17); data/spglib-1.16.0/src/spglib.c:804:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(spglibtype.choice, spgtype.choice, 6); data/spglib-1.16.0/src/spglib.c:805:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(spglibtype.international, spgtype.international, 32); data/spglib-1.16.0/src/spglib.c:806:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(spglibtype.international_full, spgtype.international_full, 20); data/spglib-1.16.0/src/spglib.c:807:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(spglibtype.international_short, spgtype.international_short, 11); data/spglib-1.16.0/src/spglib.c:809:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(spglibtype.pointgroup_international, pointgroup.symbol, 6); data/spglib-1.16.0/src/spglib.c:810:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(spglibtype.pointgroup_schoenflies, pointgroup.schoenflies, 4); data/spglib-1.16.0/src/spglib.c:813:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(spglibtype.arithmetic_crystal_class_symbol, arth_symbol, 7); data/spglib-1.16.0/src/spglib.c:1337:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dataset->international_symbol, spacegroup->international_short, 11); data/spglib-1.16.0/src/spglib.c:1338:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dataset->hall_symbol, spacegroup->hall_symbol, 17); data/spglib-1.16.0/src/spglib.c:1339:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dataset->choice, spacegroup->choice, 6); data/spglib-1.16.0/src/spglib.c:1456:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dataset->pointgroup_symbol, pointgroup.symbol, 6); data/spglib-1.16.0/src/spglib.c:2011:30: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static int get_international(char symbol[11], data/spglib-1.16.0/src/spglib.c:2036:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(symbol, dataset->international_symbol, 11); data/spglib-1.16.0/src/spglib.c:2054:28: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static int get_schoenflies(char symbol[7], data/spglib-1.16.0/src/spglib.c:2081:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(symbol, spgtype.schoenflies, 7); data/spglib-1.16.0/src/spglib.h:114:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char international_symbol[11]; data/spglib-1.16.0/src/spglib.h:115:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hall_symbol[17]; data/spglib-1.16.0/src/spglib.h:116:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char choice[6]; data/spglib-1.16.0/src/spglib.h:124:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char (*site_symmetry_symbols)[7]; data/spglib-1.16.0/src/spglib.h:136:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pointgroup_symbol[6]; data/spglib-1.16.0/src/spglib.h:141:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char international_short[11]; data/spglib-1.16.0/src/spglib.h:142:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char international_full[20]; data/spglib-1.16.0/src/spglib.h:143:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char international[32]; data/spglib-1.16.0/src/spglib.h:144:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char schoenflies[7]; data/spglib-1.16.0/src/spglib.h:145:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hall_symbol[17]; data/spglib-1.16.0/src/spglib.h:146:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char choice[6]; data/spglib-1.16.0/src/spglib.h:147:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pointgroup_international[6]; data/spglib-1.16.0/src/spglib.h:148:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pointgroup_schoenflies[4]; data/spglib-1.16.0/src/spglib.h:150:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char arithmetic_crystal_class_symbol[7]; data/spglib-1.16.0/src/spglib.h:301:29: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. int spg_get_international(char symbol[11], data/spglib-1.16.0/src/spglib.h:308:31: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. int spgat_get_international(char symbol[11], data/spglib-1.16.0/src/spglib.h:318:27: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. int spg_get_schoenflies(char symbol[7], data/spglib-1.16.0/src/spglib.h:325:29: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. int spgat_get_schoenflies(char symbol[7], data/spglib-1.16.0/src/spglib.h:335:26: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. int spg_get_pointgroup(char symbol[6], data/spglib-1.16.0/src/spglib_f.c:57:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char symbol[11], data/spglib-1.16.0/src/spglib_f.c:69:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char symbol[7], data/spglib-1.16.0/src/spglib_f.c:121:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char symbol[11], data/spglib-1.16.0/src/spglib_f.c:128:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char symbol_c[11]; data/spglib-1.16.0/src/spglib_f.c:163:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char symbol[7], data/spglib-1.16.0/src/spglib_f.c:170:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char symbol_c[10]; data/spglib-1.16.0/src/test.c:446:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char symbol[21]; data/spglib-1.16.0/src/test.c:473:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char symbol[7]; data/spglib-1.16.0/src/test.c:1083:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ptsymbol[6]; data/spglib-1.16.0/example/tetrahedron.c:68:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ssize_t read; data/spglib-1.16.0/src/overlap.c:404:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const void *read; data/spglib-1.16.0/src/overlap.c:410:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). memcpy(write, read, value_size); data/spglib-1.16.0/src/spglib.c:371:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(dataset->international_symbol, ""); data/spglib-1.16.0/src/spglib.c:372:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(dataset->hall_symbol, ""); data/spglib-1.16.0/src/spglib.c:373:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(dataset->choice, ""); data/spglib-1.16.0/src/spglib.c:788:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(spglibtype.schoenflies, ""); data/spglib-1.16.0/src/spglib.c:789:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(spglibtype.hall_symbol, ""); data/spglib-1.16.0/src/spglib.c:790:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(spglibtype.choice, ""); data/spglib-1.16.0/src/spglib.c:791:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(spglibtype.international, ""); data/spglib-1.16.0/src/spglib.c:792:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(spglibtype.international_full, ""); data/spglib-1.16.0/src/spglib.c:793:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(spglibtype.international_short, ""); data/spglib-1.16.0/src/spglib.c:794:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(spglibtype.pointgroup_international, ""); data/spglib-1.16.0/src/spglib.c:795:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(spglibtype.pointgroup_schoenflies, ""); data/spglib-1.16.0/src/spglib.c:797:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(spglibtype.arithmetic_crystal_class_symbol, ""); data/spglib-1.16.0/src/spglib.c:1293:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(dataset->international_symbol, ""); data/spglib-1.16.0/src/spglib.c:1294:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(dataset->hall_symbol, ""); data/spglib-1.16.0/src/spglib.c:1295:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(dataset->choice, ""); data/spglib-1.16.0/src/spglib.c:1317:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(dataset->pointgroup_symbol, ""); data/spglib-1.16.0/src/spglib_f.c:134:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). length = strlen(symbol_c); data/spglib-1.16.0/src/spglib_f.c:135:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(symbol, symbol_c, length); data/spglib-1.16.0/src/spglib_f.c:176:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). length = strlen(symbol_c); data/spglib-1.16.0/src/spglib_f.c:177:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(symbol, symbol_c, length); ANALYSIS SUMMARY: Hits = 144 Lines analyzed = 32658 in approximately 1.23 seconds (26585 lines/second) Physical Source Lines of Code (SLOC) = 27880 Hits@level = [0] 210 [1] 23 [2] 116 [3] 0 [4] 5 [5] 0 Hits@level+ = [0+] 354 [1+] 144 [2+] 121 [3+] 5 [4+] 5 [5+] 0 Hits/KSLOC@level+ = [0+] 12.6973 [1+] 5.16499 [2+] 4.34003 [3+] 0.17934 [4+] 0.17934 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.