Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/spglib-1.16.0/example/example.c
Examining data/spglib-1.16.0/example/tetrahedron.c
Examining data/spglib-1.16.0/python/_spglib.c
Examining data/spglib-1.16.0/ruby/getspg.c
Examining data/spglib-1.16.0/rust/spglib-sys/wrapper.h
Examining data/spglib-1.16.0/src/arithmetic.c
Examining data/spglib-1.16.0/src/arithmetic.h
Examining data/spglib-1.16.0/src/cell.c
Examining data/spglib-1.16.0/src/cell.h
Examining data/spglib-1.16.0/src/debug.c
Examining data/spglib-1.16.0/src/debug.h
Examining data/spglib-1.16.0/src/delaunay.c
Examining data/spglib-1.16.0/src/delaunay.h
Examining data/spglib-1.16.0/src/determination.c
Examining data/spglib-1.16.0/src/determination.h
Examining data/spglib-1.16.0/src/hall_symbol.c
Examining data/spglib-1.16.0/src/hall_symbol.h
Examining data/spglib-1.16.0/src/kgrid.c
Examining data/spglib-1.16.0/src/kgrid.h
Examining data/spglib-1.16.0/src/kpoint.c
Examining data/spglib-1.16.0/src/kpoint.h
Examining data/spglib-1.16.0/src/mathfunc.c
Examining data/spglib-1.16.0/src/mathfunc.h
Examining data/spglib-1.16.0/src/niggli.c
Examining data/spglib-1.16.0/src/niggli.h
Examining data/spglib-1.16.0/src/overlap.c
Examining data/spglib-1.16.0/src/overlap.h
Examining data/spglib-1.16.0/src/pointgroup.c
Examining data/spglib-1.16.0/src/pointgroup.h
Examining data/spglib-1.16.0/src/primitive.c
Examining data/spglib-1.16.0/src/primitive.h
Examining data/spglib-1.16.0/src/refinement.c
Examining data/spglib-1.16.0/src/refinement.h
Examining data/spglib-1.16.0/src/site_symmetry.c
Examining data/spglib-1.16.0/src/site_symmetry.h
Examining data/spglib-1.16.0/src/sitesym_database.c
Examining data/spglib-1.16.0/src/sitesym_database.h
Examining data/spglib-1.16.0/src/spacegroup.c
Examining data/spglib-1.16.0/src/spacegroup.h
Examining data/spglib-1.16.0/src/spg_database.c
Examining data/spglib-1.16.0/src/spg_database.h
Examining data/spglib-1.16.0/src/spglib.c
Examining data/spglib-1.16.0/src/spglib.h
Examining data/spglib-1.16.0/src/spglib_f.c
Examining data/spglib-1.16.0/src/spin.c
Examining data/spglib-1.16.0/src/spin.h
Examining data/spglib-1.16.0/src/symmetry.c
Examining data/spglib-1.16.0/src/symmetry.h
Examining data/spglib-1.16.0/src/test.c
Examining data/spglib-1.16.0/src/version.h
FINAL RESULTS:
data/spglib-1.16.0/src/debug.h:40:26: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define debug_print(...) printf(__VA_ARGS__)
data/spglib-1.16.0/src/debug.h:66:28: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define warning_print(...) fprintf (stderr, __VA_ARGS__)
data/spglib-1.16.0/src/kpoint.c:44:28: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define warning_print(...) fprintf(stderr,__VA_ARGS__)
data/spglib-1.16.0/src/niggli.c:76:26: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define debug_print(...) printf(__VA_ARGS__)
data/spglib-1.16.0/src/niggli.c:102:28: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define warning_print(...) fprintf(stderr,__VA_ARGS__)
data/spglib-1.16.0/example/example.c:360:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symbol[21];
data/spglib-1.16.0/example/example.c:385:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symbol[7];
data/spglib-1.16.0/example/example.c:761:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ptsymbol[6];
data/spglib-1.16.0/example/tetrahedron.c:115:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen("frequency.dat", "r");
data/spglib-1.16.0/example/tetrahedron.c:166:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen("dos.dat", "w");
data/spglib-1.16.0/python/_spglib.c:503:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symbol[6];
data/spglib-1.16.0/ruby/getspg.c:56:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symbol[6];
data/spglib-1.16.0/src/arithmetic.c:67:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char arithmetic_crystal_class_symbols[74][7] = {
data/spglib-1.16.0/src/arithmetic.c:144:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int arth_get_symbol(char symbol[7], const int spgroup_number)
data/spglib-1.16.0/src/arithmetic.c:153:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(symbol, arithmetic_crystal_class_symbols[arth_number], 7);
data/spglib-1.16.0/src/arithmetic.h:38:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int arth_get_symbol(char symbol[7], const int spgroup_number);
data/spglib-1.16.0/src/niggli.c:207:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->lattice, lattice_, sizeof(double) * 9);
data/spglib-1.16.0/src/niggli.c:216:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lattice_, p->lattice, sizeof(double) * 9);
data/spglib-1.16.0/src/niggli.c:230:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->lattice, lat_tmp, sizeof(double) * 9);
data/spglib-1.16.0/src/overlap.c:410:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(write, read, value_size);
data/spglib-1.16.0/src/pointgroup.c:49:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symbol[6];
data/spglib-1.16.0/src/pointgroup.c:50:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char schoenflies[4];
data/spglib-1.16.0/src/pointgroup.c:463:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pointgroup.symbol, pointgroup_type.symbol, 6);
data/spglib-1.16.0/src/pointgroup.c:464:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pointgroup.schoenflies, pointgroup_type.schoenflies, 4);
data/spglib-1.16.0/src/pointgroup.h:69:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symbol[6];
data/spglib-1.16.0/src/pointgroup.h:70:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char schoenflies[4];
data/spglib-1.16.0/src/refinement.c:53:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char (*site_symmetry_symbols)[7],
data/spglib-1.16.0/src/refinement.c:65:41: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char (*site_symmetry_symbols)[7],
data/spglib-1.16.0/src/refinement.c:73:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char (*site_symmetry_symbols)[7],
data/spglib-1.16.0/src/refinement.c:80:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
SPGCONST char (*site_symmetry_symbols_prim)[7],
data/spglib-1.16.0/src/refinement.c:91:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char choice[6]);
data/spglib-1.16.0/src/refinement.c:178:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char (*site_symmetry_symbols)[7];
data/spglib-1.16.0/src/refinement.c:334:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char (*site_symmetry_symbols)[7],
data/spglib-1.16.0/src/refinement.c:349:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char (*site_symmetry_symbols_bravais)[7];
data/spglib-1.16.0/src/refinement.c:457:41: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char (*site_symmetry_symbols)[7],
data/spglib-1.16.0/src/refinement.c:466:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char (*site_symmetry_symbols_prim)[7];
data/spglib-1.16.0/src/refinement.c:488:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char (*)[7]) malloc(sizeof(char[7]) * primitive->size)) == NULL) {
data/spglib-1.16.0/src/refinement.c:585:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char (*site_symmetry_symbols)[7],
data/spglib-1.16.0/src/refinement.c:592:52: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
SPGCONST char (*site_symmetry_symbols_prim)[7],
data/spglib-1.16.0/src/refinement.c:775:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char choice[6])
data/spglib-1.16.0/src/refinement.h:46:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char (*site_symmetry_symbols)[7];
data/spglib-1.16.0/src/site_symmetry.c:65:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char (*site_symmetry_symbols)[7],
data/spglib-1.16.0/src/site_symmetry.c:73:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int get_Wyckoff_notation(char site_sym_symbol[7],
data/spglib-1.16.0/src/site_symmetry.c:84:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char (*site_symmetry_symbols)[7],
data/spglib-1.16.0/src/site_symmetry.c:285:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char (*site_symmetry_symbols)[7],
data/spglib-1.16.0/src/site_symmetry.c:346:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int get_Wyckoff_notation(char site_sym_symbol[7],
data/spglib-1.16.0/src/site_symmetry.h:44:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char (*site_symmetry_symbols)[7],
data/spglib-1.16.0/src/sitesym_database.c:1778:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void ssmdb_get_site_symmetry_symbol(char symbol[7], const int index)
data/spglib-1.16.0/src/sitesym_database.h:42:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void ssmdb_get_site_symmetry_symbol(char symbol[7], const int index);
data/spglib-1.16.0/src/spacegroup.c:864:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(spacegroup->schoenflies, spacegroup_type.schoenflies, 7);
data/spglib-1.16.0/src/spacegroup.c:865:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(spacegroup->hall_symbol, spacegroup_type.hall_symbol, 17);
data/spglib-1.16.0/src/spacegroup.c:866:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(spacegroup->international, spacegroup_type.international, 32);
data/spglib-1.16.0/src/spacegroup.c:867:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(spacegroup->international_long, spacegroup_type.international_full, 20);
data/spglib-1.16.0/src/spacegroup.c:868:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(spacegroup->international_short,
data/spglib-1.16.0/src/spacegroup.c:870:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(spacegroup->choice, spacegroup_type.choice, 6);
data/spglib-1.16.0/src/spacegroup.h:47:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char schoenflies[7];
data/spglib-1.16.0/src/spacegroup.h:48:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hall_symbol[17];
data/spglib-1.16.0/src/spacegroup.h:49:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char international[32];
data/spglib-1.16.0/src/spacegroup.h:50:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char international_long[20];
data/spglib-1.16.0/src/spacegroup.h:51:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char international_short[11];
data/spglib-1.16.0/src/spacegroup.h:52:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char choice[6];
data/spglib-1.16.0/src/spg_database.h:43:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char schoenflies[7];
data/spglib-1.16.0/src/spg_database.h:44:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hall_symbol[17];
data/spglib-1.16.0/src/spg_database.h:45:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char international[32];
data/spglib-1.16.0/src/spg_database.h:46:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char international_full[20];
data/spglib-1.16.0/src/spg_database.h:47:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char international_short[11];
data/spglib-1.16.0/src/spg_database.h:48:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char choice[6];
data/spglib-1.16.0/src/spglib.c:154:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int get_international(char symbol[11],
data/spglib-1.16.0/src/spglib.c:161:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int get_schoenflies(char symbol[7],
data/spglib-1.16.0/src/spglib.c:655:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int spg_get_international(char symbol[11],
data/spglib-1.16.0/src/spglib.c:672:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int spgat_get_international(char symbol[11],
data/spglib-1.16.0/src/spglib.c:690:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int spg_get_schoenflies(char symbol[7],
data/spglib-1.16.0/src/spglib.c:707:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int spgat_get_schoenflies(char symbol[7],
data/spglib-1.16.0/src/spglib.c:725:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int spg_get_pointgroup(char symbol[6],
data/spglib-1.16.0/src/spglib.c:741:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(symbol, pointgroup.symbol, 6);
data/spglib-1.16.0/src/spglib.c:785:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arth_symbol[7];
data/spglib-1.16.0/src/spglib.c:802:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(spglibtype.schoenflies, spgtype.schoenflies, 7);
data/spglib-1.16.0/src/spglib.c:803:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(spglibtype.hall_symbol, spgtype.hall_symbol, 17);
data/spglib-1.16.0/src/spglib.c:804:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(spglibtype.choice, spgtype.choice, 6);
data/spglib-1.16.0/src/spglib.c:805:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(spglibtype.international, spgtype.international, 32);
data/spglib-1.16.0/src/spglib.c:806:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(spglibtype.international_full, spgtype.international_full, 20);
data/spglib-1.16.0/src/spglib.c:807:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(spglibtype.international_short, spgtype.international_short, 11);
data/spglib-1.16.0/src/spglib.c:809:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(spglibtype.pointgroup_international, pointgroup.symbol, 6);
data/spglib-1.16.0/src/spglib.c:810:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(spglibtype.pointgroup_schoenflies, pointgroup.schoenflies, 4);
data/spglib-1.16.0/src/spglib.c:813:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(spglibtype.arithmetic_crystal_class_symbol, arth_symbol, 7);
data/spglib-1.16.0/src/spglib.c:1337:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dataset->international_symbol, spacegroup->international_short, 11);
data/spglib-1.16.0/src/spglib.c:1338:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dataset->hall_symbol, spacegroup->hall_symbol, 17);
data/spglib-1.16.0/src/spglib.c:1339:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dataset->choice, spacegroup->choice, 6);
data/spglib-1.16.0/src/spglib.c:1456:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dataset->pointgroup_symbol, pointgroup.symbol, 6);
data/spglib-1.16.0/src/spglib.c:2011:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int get_international(char symbol[11],
data/spglib-1.16.0/src/spglib.c:2036:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(symbol, dataset->international_symbol, 11);
data/spglib-1.16.0/src/spglib.c:2054:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int get_schoenflies(char symbol[7],
data/spglib-1.16.0/src/spglib.c:2081:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(symbol, spgtype.schoenflies, 7);
data/spglib-1.16.0/src/spglib.h:114:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char international_symbol[11];
data/spglib-1.16.0/src/spglib.h:115:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hall_symbol[17];
data/spglib-1.16.0/src/spglib.h:116:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char choice[6];
data/spglib-1.16.0/src/spglib.h:124:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char (*site_symmetry_symbols)[7];
data/spglib-1.16.0/src/spglib.h:136:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pointgroup_symbol[6];
data/spglib-1.16.0/src/spglib.h:141:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char international_short[11];
data/spglib-1.16.0/src/spglib.h:142:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char international_full[20];
data/spglib-1.16.0/src/spglib.h:143:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char international[32];
data/spglib-1.16.0/src/spglib.h:144:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char schoenflies[7];
data/spglib-1.16.0/src/spglib.h:145:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hall_symbol[17];
data/spglib-1.16.0/src/spglib.h:146:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char choice[6];
data/spglib-1.16.0/src/spglib.h:147:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pointgroup_international[6];
data/spglib-1.16.0/src/spglib.h:148:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pointgroup_schoenflies[4];
data/spglib-1.16.0/src/spglib.h:150:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arithmetic_crystal_class_symbol[7];
data/spglib-1.16.0/src/spglib.h:301:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int spg_get_international(char symbol[11],
data/spglib-1.16.0/src/spglib.h:308:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int spgat_get_international(char symbol[11],
data/spglib-1.16.0/src/spglib.h:318:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int spg_get_schoenflies(char symbol[7],
data/spglib-1.16.0/src/spglib.h:325:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int spgat_get_schoenflies(char symbol[7],
data/spglib-1.16.0/src/spglib.h:335:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int spg_get_pointgroup(char symbol[6],
data/spglib-1.16.0/src/spglib_f.c:57:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symbol[11],
data/spglib-1.16.0/src/spglib_f.c:69:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symbol[7],
data/spglib-1.16.0/src/spglib_f.c:121:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symbol[11],
data/spglib-1.16.0/src/spglib_f.c:128:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symbol_c[11];
data/spglib-1.16.0/src/spglib_f.c:163:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symbol[7],
data/spglib-1.16.0/src/spglib_f.c:170:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symbol_c[10];
data/spglib-1.16.0/src/test.c:446:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symbol[21];
data/spglib-1.16.0/src/test.c:473:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symbol[7];
data/spglib-1.16.0/src/test.c:1083:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ptsymbol[6];
data/spglib-1.16.0/example/tetrahedron.c:68:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t read;
data/spglib-1.16.0/src/overlap.c:404:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const void *read;
data/spglib-1.16.0/src/overlap.c:410:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
memcpy(write, read, value_size);
data/spglib-1.16.0/src/spglib.c:371:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(dataset->international_symbol, "");
data/spglib-1.16.0/src/spglib.c:372:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(dataset->hall_symbol, "");
data/spglib-1.16.0/src/spglib.c:373:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(dataset->choice, "");
data/spglib-1.16.0/src/spglib.c:788:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(spglibtype.schoenflies, "");
data/spglib-1.16.0/src/spglib.c:789:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(spglibtype.hall_symbol, "");
data/spglib-1.16.0/src/spglib.c:790:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(spglibtype.choice, "");
data/spglib-1.16.0/src/spglib.c:791:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(spglibtype.international, "");
data/spglib-1.16.0/src/spglib.c:792:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(spglibtype.international_full, "");
data/spglib-1.16.0/src/spglib.c:793:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(spglibtype.international_short, "");
data/spglib-1.16.0/src/spglib.c:794:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(spglibtype.pointgroup_international, "");
data/spglib-1.16.0/src/spglib.c:795:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(spglibtype.pointgroup_schoenflies, "");
data/spglib-1.16.0/src/spglib.c:797:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(spglibtype.arithmetic_crystal_class_symbol, "");
data/spglib-1.16.0/src/spglib.c:1293:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(dataset->international_symbol, "");
data/spglib-1.16.0/src/spglib.c:1294:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(dataset->hall_symbol, "");
data/spglib-1.16.0/src/spglib.c:1295:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(dataset->choice, "");
data/spglib-1.16.0/src/spglib.c:1317:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(dataset->pointgroup_symbol, "");
data/spglib-1.16.0/src/spglib_f.c:134:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(symbol_c);
data/spglib-1.16.0/src/spglib_f.c:135:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(symbol, symbol_c, length);
data/spglib-1.16.0/src/spglib_f.c:176:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(symbol_c);
data/spglib-1.16.0/src/spglib_f.c:177:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(symbol, symbol_c, length);
ANALYSIS SUMMARY:
Hits = 144
Lines analyzed = 32658 in approximately 1.23 seconds (26585 lines/second)
Physical Source Lines of Code (SLOC) = 27880
Hits@level = [0] 210 [1] 23 [2] 116 [3] 0 [4] 5 [5] 0
Hits@level+ = [0+] 354 [1+] 144 [2+] 121 [3+] 5 [4+] 5 [5+] 0
Hits/KSLOC@level+ = [0+] 12.6973 [1+] 5.16499 [2+] 4.34003 [3+] 0.17934 [4+] 0.17934 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.