Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/castle-game-engine-6.4+dfsg1/examples/library/cpp_winapi_library_tester/main.cpp
Examining data/castle-game-engine-6.4+dfsg1/examples/library/ios_tester/ios_tester/AppDelegate.h
Examining data/castle-game-engine-6.4+dfsg1/examples/library/ios_tester/ios_tester/FileOpenController.h
Examining data/castle-game-engine-6.4+dfsg1/examples/library/ios_tester/ios_tester/OpenGLController.h
Examining data/castle-game-engine-6.4+dfsg1/examples/library/ios_tester/ios_tester/Options.h
Examining data/castle-game-engine-6.4+dfsg1/examples/library/ios_tester/ios_tester/OptionsController.h
Examining data/castle-game-engine-6.4+dfsg1/examples/library/ios_tester/ios_tester/ViewInfoController.h
Examining data/castle-game-engine-6.4+dfsg1/examples/library/ios_tester/ios_tester/ViewpointsController.h
Examining data/castle-game-engine-6.4+dfsg1/examples/library/qt_library_tester/glwidget.cpp
Examining data/castle-game-engine-6.4+dfsg1/examples/library/qt_library_tester/glwidget.h
Examining data/castle-game-engine-6.4+dfsg1/examples/library/qt_library_tester/main.cpp
Examining data/castle-game-engine-6.4+dfsg1/examples/library/qt_library_tester/mainwindow.cpp
Examining data/castle-game-engine-6.4+dfsg1/examples/library/qt_library_tester/mainwindow.h
Examining data/castle-game-engine-6.4+dfsg1/src/library/castleengine.h
Examining data/castle-game-engine-6.4+dfsg1/src/library/castlelib_c_loader.cpp
Examining data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/apple_game_center/cge_project_name/game_center/Achievements.h
Examining data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/apple_game_center/cge_project_name/game_center/AutoSignIn.h
Examining data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/apple_game_center/cge_project_name/game_center/GameCenterService.h
Examining data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/facebook/cge_project_name/facebook/FacebookService.h
Examining data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/game_analytics/cge_project_name/game_analytics/GameAnalyticsService.h
Examining data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/google_analytics/cge_project_name/google_analytics/GoogleAnalyticsService.h
Examining data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/in_app_purchases/cge_project_name/in_app_purchases/InAppPurchasesService.h
Examining data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/asm_arm.h
Examining data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/bitwise.c
Examining data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/codebook.c
Examining data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/codebook.h
Examining data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/codec_internal.h
Examining data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/config_types.h
Examining data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/dsp.c
Examining data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/floor0.c
Examining data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/floor1.c
Examining data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/floor_lookup.c
Examining data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/framing.c
Examining data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/info.c
Examining data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/ivorbiscodec.h
Examining data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/ivorbisfile.h
Examining data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/lsp_lookup.h
Examining data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/mapping0.c
Examining data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/mdct.c
Examining data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/mdct.h
Examining data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/mdct_lookup.h
Examining data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/misc.c
Examining data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/misc.h
Examining data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/ogg.h
Examining data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/os.h
Examining data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/os_types.h
Examining data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/res012.c
Examining data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/vorbisfile.c
Examining data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/window_lookup.h
Examining data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/photo_service/cge_project_name/photo_service/PhotoService.h
Examining data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/xcode_project/cge_project_name/AppDelegate.h
Examining data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/xcode_project/cge_project_name/AvailableProduct.h
Examining data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/xcode_project/cge_project_name/MiscellaneousService.h
Examining data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/xcode_project/cge_project_name/OpenGLController.h
Examining data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/xcode_project/cge_project_name/ServiceAbstract.h
Examining data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/xcode_project/cge_project_name/castleiosappglue.h
FINAL RESULTS:
data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/info.c:60:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fulltag, tag);
data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/info.c:79:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fulltag,tag);
data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/misc.c:98:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer,_VDBG_GRAPHFILE);
data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/misc.c:146:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer,_VDBG_GRAPHFILE);
data/castle-game-engine-6.4+dfsg1/src/library/castlelib_c_loader.cpp:136:23: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
HMODULE hCgeDll = LoadLibrary("castleengine.dll");
data/castle-game-engine-6.4+dfsg1/examples/library/cpp_winapi_library_tester/main.cpp:370:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char applicationConfigDirectory[1000];
data/castle-game-engine-6.4+dfsg1/examples/library/cpp_winapi_library_tester/main.cpp:498:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szFile[MAX_PATH];
data/castle-game-engine-6.4+dfsg1/examples/library/cpp_winapi_library_tester/main.cpp:522:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sName[512];
data/castle-game-engine-6.4+dfsg1/examples/library/qt_library_tester/mainwindow.cpp:110:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sName[512];
data/castle-game-engine-6.4+dfsg1/examples/library/qt_library_tester/mainwindow.cpp:232:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szBuf[8192];
data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/bitwise.c:666:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char flat[4*TESTWORDS]; /* max possible needed size */
data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/codebook.c:749:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
v[i]=((unsigned char *)ptr)[i];
data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/codec_internal.h:84:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char books[16];
data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/codec_internal.h:92:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char class_subbook[8]; /* [VIF_CLASS][subs] */
data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/floor0.c:111:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char MLOOP_1[64]={
data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/floor0.c:118:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char MLOOP_2[64]={
data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/floor0.c:125:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char MLOOP_3[8]={0,1,2,2,3,3,3,3};
data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/framing.c:400:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char t[7];
data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/info.c:302:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[6];
data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/mdct.c:224:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char bitrev[16]={0,8,4,12,2,10,6,14,1,9,5,13,3,11,7,15};
data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/misc.c:73:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[80];
data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/misc.c:99:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out=fopen(buffer,"a");
data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/misc.c:107:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out=fopen("total"_VDBG_GRAPHFILE,"a");
data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/misc.c:126:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *out=fopen("total"_VDBG_GRAPHFILE,"a");
data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/misc.c:129:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[80];
data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/misc.c:147:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out=fopen(buffer,"a");
data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/res012.c:111:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
partword[j]=(char *)alloca(partwords*partitions_per_word*
data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/vorbisfile.c:720:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer,initial,ibytes);
data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/codebook.c:606:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
long lok = oggpack_look(b,read),i;
data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/codebook.c:610:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while(lok<0 && read>1)
data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/codebook.c:611:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
lok = oggpack_look(b, --read);
data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/codebook.c:627:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for(i=0;i<read;i++){
data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/codebook.c:639:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for(i=0;i<read;i++){
data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/codebook.c:656:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for(i=0;i<read;i++){
data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/codebook.c:669:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for(i=0;i<read;i++){
data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/codebook.c:685:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for(i=0;i<read;i++){
data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/codebook.c:695:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(i<read){
data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/info.c:57:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int taglen = strlen(tag)+1; /* +1 for the = we append */
data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/info.c:61:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(fulltag, "=");
data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/info.c:77:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int taglen = strlen(tag)+1; /* +1 for the = we append */
data/castle-game-engine-6.4+dfsg1/tools/build-tool/data/ios/services/ogg_vorbis/cge_project_name/tremolo/src/info.c:80:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(fulltag, "=");
ANALYSIS SUMMARY:
Hits = 41
Lines analyzed = 14092 in approximately 0.86 seconds (16363 lines/second)
Physical Source Lines of Code (SLOC) = 10342
Hits@level = [0] 59 [1] 13 [2] 23 [3] 1 [4] 4 [5] 0
Hits@level+ = [0+] 100 [1+] 41 [2+] 28 [3+] 5 [4+] 4 [5+] 0
Hits/KSLOC@level+ = [0+] 9.66931 [1+] 3.96442 [2+] 2.70741 [3+] 0.483465 [4+] 0.386772 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.