Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/cbor2-5.2.0/source/decoder.c
Examining data/cbor2-5.2.0/source/decoder.h
Examining data/cbor2-5.2.0/source/encoder.c
Examining data/cbor2-5.2.0/source/encoder.h
Examining data/cbor2-5.2.0/source/halffloat.c
Examining data/cbor2-5.2.0/source/halffloat.h
Examining data/cbor2-5.2.0/source/module.c
Examining data/cbor2-5.2.0/source/module.h
Examining data/cbor2-5.2.0/source/tags.c
Examining data/cbor2-5.2.0/source/tags.h
FINAL RESULTS:
data/cbor2-5.2.0/source/decoder.c:350:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, data, size);
data/cbor2-5.2.0/source/decoder.c:416:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
union { uint64_t value; char buf[sizeof(uint64_t)]; } u64;
data/cbor2-5.2.0/source/decoder.c:417:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
union { uint32_t value; char buf[sizeof(uint32_t)]; } u32;
data/cbor2-5.2.0/source/decoder.c:418:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
union { uint16_t value; char buf[sizeof(uint16_t)]; } u16;
data/cbor2-5.2.0/source/decoder.c:419:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
union { uint8_t value; char buf[sizeof(uint8_t)]; } u8;
data/cbor2-5.2.0/source/decoder.c:1523:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[sizeof(uint16_t)];
data/cbor2-5.2.0/source/decoder.c:1541:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[sizeof(float)];
data/cbor2-5.2.0/source/decoder.c:1561:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[sizeof(double)];
data/cbor2-5.2.0/source/encoder.c:341:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[sizeof(LeadByte) + sizeof(uint64_t)];
data/cbor2-5.2.0/source/encoder.c:1392:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[sizeof(double)];
data/cbor2-5.2.0/source/encoder.c:1494:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[sizeof(double)];
data/cbor2-5.2.0/source/encoder.c:1500:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[sizeof(float)];
data/cbor2-5.2.0/source/encoder.c:1505:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[sizeof(uint16_t)];
data/cbor2-5.2.0/source/decoder.c:76:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
Py_VISIT(self->read);
data/cbor2-5.2.0/source/decoder.c:88:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
Py_CLEAR(self->read);
data/cbor2-5.2.0/source/decoder.c:177:45: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
PyObject *ret = PyMethod_GET_SELF(self->read);
data/cbor2-5.2.0/source/decoder.c:187:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
PyObject *tmp, *read;
data/cbor2-5.2.0/source/decoder.c:194:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!(read && PyCallable_Check(read))) {
data/cbor2-5.2.0/source/decoder.c:194:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!(read && PyCallable_Check(read))) {
data/cbor2-5.2.0/source/decoder.c:201:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
tmp = self->read;
data/cbor2-5.2.0/source/decoder.c:202:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
self->read = read;
data/cbor2-5.2.0/source/decoder.c:345:50: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
obj = PyObject_CallFunctionObjArgs(self->read, size_obj, NULL);
data/cbor2-5.2.0/source/decoder.c:1633:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
save_read = self->read;
data/cbor2-5.2.0/source/decoder.c:1637:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (self->read) {
data/cbor2-5.2.0/source/decoder.c:1639:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
Py_DECREF(self->read);
data/cbor2-5.2.0/source/decoder.h:8:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
PyObject *read; // cached read() method of fp
data/cbor2-5.2.0/source/module.c:947:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
INTERN_STRING(read);
ANALYSIS SUMMARY:
Hits = 27
Lines analyzed = 5698 in approximately 0.26 seconds (21967 lines/second)
Physical Source Lines of Code (SLOC) = 4751
Hits@level = [0] 0 [1] 14 [2] 13 [3] 0 [4] 0 [5] 0
Hits@level+ = [0+] 27 [1+] 27 [2+] 13 [3+] 0 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 5.68301 [1+] 5.68301 [2+] 2.73627 [3+] 0 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.