Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/ciftilib-1.5.3/example/rewrite.cxx
Examining data/ciftilib-1.5.3/example/xmlinfo.cxx
Examining data/ciftilib-1.5.3/example/datatype.cxx
Examining data/ciftilib-1.5.3/src/Cifti/CiftiBrainModelsMap.cxx
Examining data/ciftilib-1.5.3/src/Cifti/CiftiBrainModelsMap.h
Examining data/ciftilib-1.5.3/src/Cifti/CiftiLabelsMap.cxx
Examining data/ciftilib-1.5.3/src/Cifti/CiftiLabelsMap.h
Examining data/ciftilib-1.5.3/src/Cifti/CiftiMappingType.cxx
Examining data/ciftilib-1.5.3/src/Cifti/CiftiMappingType.h
Examining data/ciftilib-1.5.3/src/Cifti/CiftiParcelsMap.cxx
Examining data/ciftilib-1.5.3/src/Cifti/CiftiParcelsMap.h
Examining data/ciftilib-1.5.3/src/Cifti/CiftiScalarsMap.cxx
Examining data/ciftilib-1.5.3/src/Cifti/CiftiScalarsMap.h
Examining data/ciftilib-1.5.3/src/Cifti/CiftiSeriesMap.cxx
Examining data/ciftilib-1.5.3/src/Cifti/CiftiSeriesMap.h
Examining data/ciftilib-1.5.3/src/Cifti/CiftiVersion.cxx
Examining data/ciftilib-1.5.3/src/Cifti/CiftiVersion.h
Examining data/ciftilib-1.5.3/src/Cifti/CiftiXML.cxx
Examining data/ciftilib-1.5.3/src/Cifti/CiftiXML.h
Examining data/ciftilib-1.5.3/src/Cifti/Label.cxx
Examining data/ciftilib-1.5.3/src/Cifti/Label.h
Examining data/ciftilib-1.5.3/src/Cifti/LabelTable.cxx
Examining data/ciftilib-1.5.3/src/Cifti/LabelTable.h
Examining data/ciftilib-1.5.3/src/Cifti/MetaData.cxx
Examining data/ciftilib-1.5.3/src/Cifti/MetaData.h
Examining data/ciftilib-1.5.3/src/Cifti/StructureEnum.cxx
Examining data/ciftilib-1.5.3/src/Cifti/StructureEnum.h
Examining data/ciftilib-1.5.3/src/Cifti/VolumeSpace.cxx
Examining data/ciftilib-1.5.3/src/Cifti/VolumeSpace.h
Examining data/ciftilib-1.5.3/src/CiftiFile.h
Examining data/ciftilib-1.5.3/src/Common/AString.cxx
Examining data/ciftilib-1.5.3/src/Common/AString.h
Examining data/ciftilib-1.5.3/src/Common/BinaryFile.cxx
Examining data/ciftilib-1.5.3/src/Common/BinaryFile.h
Examining data/ciftilib-1.5.3/src/Common/ByteSwapping.h
Examining data/ciftilib-1.5.3/src/Common/CiftiAssert.h
Examining data/ciftilib-1.5.3/src/Common/CiftiException.cxx
Examining data/ciftilib-1.5.3/src/Common/CiftiException.h
Examining data/ciftilib-1.5.3/src/Common/CiftiMutex.h
Examining data/ciftilib-1.5.3/src/Common/Compact3DLookup.h
Examining data/ciftilib-1.5.3/src/Common/CompactLookup.h
Examining data/ciftilib-1.5.3/src/Common/FloatMatrix.cxx
Examining data/ciftilib-1.5.3/src/Common/FloatMatrix.h
Examining data/ciftilib-1.5.3/src/Common/MathFunctions.cxx
Examining data/ciftilib-1.5.3/src/Common/MathFunctions.h
Examining data/ciftilib-1.5.3/src/Common/MatrixFunctions.h
Examining data/ciftilib-1.5.3/src/Common/MultiDimArray.h
Examining data/ciftilib-1.5.3/src/Common/MultiDimIterator.h
Examining data/ciftilib-1.5.3/src/Common/Vector3D.cxx
Examining data/ciftilib-1.5.3/src/Common/Vector3D.h
Examining data/ciftilib-1.5.3/src/Common/VoxelIJK.h
Examining data/ciftilib-1.5.3/src/Common/XmlAdapter.cxx
Examining data/ciftilib-1.5.3/src/Common/XmlAdapter.h
Examining data/ciftilib-1.5.3/src/Nifti/NiftiHeader.cxx
Examining data/ciftilib-1.5.3/src/Nifti/NiftiHeader.h
Examining data/ciftilib-1.5.3/src/Nifti/nifti1.h
Examining data/ciftilib-1.5.3/src/Nifti/nifti2.h
Examining data/ciftilib-1.5.3/src/NiftiIO.cxx
Examining data/ciftilib-1.5.3/src/NiftiIO.h
Examining data/ciftilib-1.5.3/src/CiftiFile.cxx
FINAL RESULTS:
data/ciftilib-1.5.3/src/Cifti/CiftiXML.cxx:249:69: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int32_t CiftiXML::getIntentInfo(const CiftiVersion& writingVersion, char intentNameOut[16]) const
data/ciftilib-1.5.3/src/Cifti/CiftiXML.h:93:67: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int32_t getIntentInfo(const CiftiVersion& writingVersion, char intentNameOut[16]) const;
data/ciftilib-1.5.3/src/CiftiFile.cxx:475:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char junk[16];
data/ciftilib-1.5.3/src/CiftiFile.cxx:591:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char intentName[16];
data/ciftilib-1.5.3/src/Common/BinaryFile.cxx:71:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open(const AString& filename, const BinaryFile::OpenMode& opmode);
data/ciftilib-1.5.3/src/Common/BinaryFile.cxx:90:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open(const AString& filename, const BinaryFile::OpenMode& opmode);
data/ciftilib-1.5.3/src/Common/BinaryFile.cxx:107:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open(const AString& filename, const BinaryFile::OpenMode& opmode);
data/ciftilib-1.5.3/src/Common/BinaryFile.cxx:125:5: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open(filename, fileMode);
data/ciftilib-1.5.3/src/Common/BinaryFile.cxx:152:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void BinaryFile::open(const AString& filename, const OpenMode& opmode)
data/ciftilib-1.5.3/src/Common/BinaryFile.cxx:170:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
m_impl->open(filename, opmode);
data/ciftilib-1.5.3/src/Common/BinaryFile.cxx:208:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void ZFileImpl::open(const AString& filename, const BinaryFile::OpenMode& opmode)
data/ciftilib-1.5.3/src/Common/BinaryFile.cxx:333:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void QFileImpl::open(const AString& filename, const BinaryFile::OpenMode& opmode)
data/ciftilib-1.5.3/src/Common/BinaryFile.cxx:342:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!m_file.open(mode))
data/ciftilib-1.5.3/src/Common/BinaryFile.cxx:417:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void StrFileImpl::open(const AString& filename, const BinaryFile::OpenMode& opmode)
data/ciftilib-1.5.3/src/Common/BinaryFile.cxx:440:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
m_file = fopen(ASTRING_TO_CSTR(filename), mode);
data/ciftilib-1.5.3/src/Common/BinaryFile.h:56:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open(const AString& filename, const OpenMode& opmode = READ);
data/ciftilib-1.5.3/src/Common/BinaryFile.h:71:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
virtual void open(const AString& filename, const OpenMode& opmode) = 0;
data/ciftilib-1.5.3/src/Nifti/NiftiHeader.cxx:403:56: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void NiftiHeader::setIntent(const int32_t& code, const char name[16])
data/ciftilib-1.5.3/src/Nifti/NiftiHeader.cxx:411:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void NiftiHeader::setDescription(const char descrip[80])
data/ciftilib-1.5.3/src/Nifti/NiftiHeader.cxx:643:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer2, &buffer1, sizeof(nifti_1_header));
data/ciftilib-1.5.3/src/Nifti/NiftiHeader.cxx:672:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extender[4];
data/ciftilib-1.5.3/src/Nifti/NiftiHeader.cxx:794:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&m_header, &header, sizeof(nifti_2_header));
data/ciftilib-1.5.3/src/Nifti/NiftiHeader.cxx:916:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char padding[16] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
data/ciftilib-1.5.3/src/Nifti/NiftiHeader.cxx:1025:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&header, &m_header, sizeof(nifti_2_header));//first copy everything, then fix static and computed fields
data/ciftilib-1.5.3/src/Nifti/NiftiHeader.h:74:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void setIntent(const int32_t& code, const char name[16]);
data/ciftilib-1.5.3/src/Nifti/NiftiHeader.h:75:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void setDescription(const char descrip[80]);
data/ciftilib-1.5.3/src/Nifti/nifti1.h:168:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data_type[10]; /*!< ++UNUSED++ */ /* char data_type[10]; */ /* 4 */
data/ciftilib-1.5.3/src/Nifti/nifti1.h:169:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char db_name[18]; /*!< ++UNUSED++ */ /* char db_name[18]; */ /* 14 */
data/ciftilib-1.5.3/src/Nifti/nifti1.h:202:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char descrip[80]; /*!< any text you like. */ /* char descrip[80]; */ /* 148 */
data/ciftilib-1.5.3/src/Nifti/nifti1.h:203:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aux_file[24]; /*!< auxiliary filename. */ /* char aux_file[24]; */ /* 228 */
data/ciftilib-1.5.3/src/Nifti/nifti1.h:219:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char intent_name[16];/*!< 'name' or meaning of data. */ /* 328 */
data/ciftilib-1.5.3/src/Nifti/nifti1.h:221:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[4] ; /*!< MUST be "ni1\0" or "n+1\0". */ /* 344 */
data/ciftilib-1.5.3/src/Nifti/nifti1.h:306:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
struct nifti1_extender { char extension[4] ; } ;
data/ciftilib-1.5.3/src/Nifti/nifti2.h:80:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[8] ; /*!< MUST be valid signature. */ /* char magic[4]; */ /* 4 */
data/ciftilib-1.5.3/src/Nifti/nifti2.h:97:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char descrip[80]; /*!< any text you like. */ /* char descrip[80]; */ /* 240 */
data/ciftilib-1.5.3/src/Nifti/nifti2.h:98:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aux_file[24]; /*!< auxiliary filename. */ /* char aux_file[24]; */ /* 320 */
data/ciftilib-1.5.3/src/Nifti/nifti2.h:113:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char intent_name[16]; /*!< 'name' or meaning of data. */ /* char intent_name[16]; */ /* 508 */
data/ciftilib-1.5.3/src/Nifti/nifti2.h:115:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unused_str[15]; /*!< unused, filled with \0 */ /* 525 */
data/ciftilib-1.5.3/src/NiftiIO.cxx:38:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
m_file.open(filename);
data/ciftilib-1.5.3/src/NiftiIO.cxx:65:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
m_file.open(filename, BinaryFile::READ_WRITE_TRUNCATE);//for cifti on-disk writing, replace structure with along row needs to RMW
data/ciftilib-1.5.3/src/NiftiIO.cxx:67:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
m_file.open(filename, BinaryFile::WRITE_TRUNCATE);
data/ciftilib-1.5.3/src/Cifti/CiftiBrainModelsMap.cxx:539:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while(!done && xml.read())
data/ciftilib-1.5.3/src/Cifti/CiftiBrainModelsMap.cxx:639:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while(!done && xml.read())
data/ciftilib-1.5.3/src/Cifti/CiftiBrainModelsMap.cxx:769:28: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while(!done && xml.read())
data/ciftilib-1.5.3/src/Cifti/CiftiBrainModelsMap.cxx:828:28: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while(!done && xml.read())
data/ciftilib-1.5.3/src/Cifti/CiftiBrainModelsMap.cxx:945:28: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while(!done && xml.read())
data/ciftilib-1.5.3/src/Cifti/CiftiBrainModelsMap.cxx:997:28: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while(!done && xml.read())
data/ciftilib-1.5.3/src/Cifti/CiftiLabelsMap.cxx:145:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while(!done && xml.read())
data/ciftilib-1.5.3/src/Cifti/CiftiLabelsMap.cxx:203:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while(!done && xml.read())
data/ciftilib-1.5.3/src/Cifti/CiftiLabelsMap.cxx:282:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while(!done && xml.read())
data/ciftilib-1.5.3/src/Cifti/CiftiLabelsMap.cxx:386:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while(!done && xml.read())
data/ciftilib-1.5.3/src/Cifti/CiftiParcelsMap.cxx:401:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while(!done && xml.read())
data/ciftilib-1.5.3/src/Cifti/CiftiParcelsMap.cxx:507:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while(!done && xml.read())
data/ciftilib-1.5.3/src/Cifti/CiftiParcelsMap.cxx:635:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while(!done && xml.read())
data/ciftilib-1.5.3/src/Cifti/CiftiParcelsMap.cxx:777:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while(!done && xml.read())
data/ciftilib-1.5.3/src/Cifti/CiftiScalarsMap.cxx:131:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while(!done && xml.read())
data/ciftilib-1.5.3/src/Cifti/CiftiScalarsMap.cxx:187:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while(!done && xml.read())
data/ciftilib-1.5.3/src/Cifti/CiftiScalarsMap.cxx:257:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while(!done && xml.read())
data/ciftilib-1.5.3/src/Cifti/CiftiScalarsMap.cxx:342:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while(!done && xml.read())
data/ciftilib-1.5.3/src/Cifti/CiftiSeriesMap.cxx:128:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while(!done && xml.read())
data/ciftilib-1.5.3/src/Cifti/CiftiSeriesMap.cxx:214:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while(!done && xml.read())
data/ciftilib-1.5.3/src/Cifti/CiftiXML.cxx:376:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!xml.read()) break;
data/ciftilib-1.5.3/src/Cifti/CiftiXML.cxx:441:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while(!done && xml.read())
data/ciftilib-1.5.3/src/Cifti/CiftiXML.cxx:509:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while(!done && xml.read())
data/ciftilib-1.5.3/src/Cifti/CiftiXML.cxx:595:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!xml.read()) break;
data/ciftilib-1.5.3/src/Cifti/CiftiXML.cxx:718:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while(!done && xml.read())
data/ciftilib-1.5.3/src/Cifti/LabelTable.cxx:821:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while(!done && xml.read())
data/ciftilib-1.5.3/src/Cifti/MetaData.cxx:360:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (!done && xml.read())//false means no node was available to read, it will throw on malformed xml
data/ciftilib-1.5.3/src/Cifti/MetaData.cxx:424:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (!done && xml.read())
data/ciftilib-1.5.3/src/Common/BinaryFile.cxx:76:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read(void* dataOut, const int64_t& count, int64_t* numRead);
data/ciftilib-1.5.3/src/Common/BinaryFile.cxx:95:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read(void* dataOut, const int64_t& count, int64_t* numRead);
data/ciftilib-1.5.3/src/Common/BinaryFile.cxx:112:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read(void* dataOut, const int64_t& count, int64_t* numRead);
data/ciftilib-1.5.3/src/Common/BinaryFile.cxx:174:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void BinaryFile::read(void* dataOut, const int64_t& count, int64_t* numRead)
data/ciftilib-1.5.3/src/Common/BinaryFile.cxx:178:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
m_impl->read(dataOut, count, numRead);
data/ciftilib-1.5.3/src/Common/BinaryFile.cxx:256:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void ZFileImpl::read(void* dataOut, const int64_t& count, int64_t* numRead)
data/ciftilib-1.5.3/src/Common/BinaryFile.cxx:368:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void QFileImpl::read(void* dataOut, const int64_t& count, int64_t* numRead)
data/ciftilib-1.5.3/src/Common/BinaryFile.cxx:375:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
readret = m_file.read(((char*)dataOut) + total, maxToRead);//QFile chokes on large reads also
data/ciftilib-1.5.3/src/Common/BinaryFile.cxx:474:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void StrFileImpl::read(void* dataOut, const int64_t& count, int64_t* numRead)
data/ciftilib-1.5.3/src/Common/BinaryFile.h:63:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read(void* dataOut, const int64_t& count, int64_t* numRead = NULL);//throw if numRead is NULL and (error or end of file reached early)
data/ciftilib-1.5.3/src/Common/BinaryFile.h:77:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual void read(void* dataOut, const int64_t& count, int64_t* numRead) = 0;
data/ciftilib-1.5.3/src/Common/XmlAdapter.cxx:133:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while(!done && xml.read())
data/ciftilib-1.5.3/src/Common/XmlAdapter.cxx:164:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (xml.read())
data/ciftilib-1.5.3/src/Nifti/NiftiHeader.cxx:631:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void NiftiHeader::read(BinaryFile& inFile)
data/ciftilib-1.5.3/src/Nifti/NiftiHeader.cxx:635:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inFile.read(&buffer1, sizeof(nifti_1_header));
data/ciftilib-1.5.3/src/Nifti/NiftiHeader.cxx:644:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inFile.read(((char*)&buffer2) + sizeof(nifti_1_header), sizeof(nifti_2_header) - sizeof(nifti_1_header));
data/ciftilib-1.5.3/src/Nifti/NiftiHeader.cxx:673:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inFile.read(extender, 4);
data/ciftilib-1.5.3/src/Nifti/NiftiHeader.cxx:691:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inFile.read(&esize, sizeof(int32_t));
data/ciftilib-1.5.3/src/Nifti/NiftiHeader.cxx:693:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inFile.read(&ecode, sizeof(int32_t));
data/ciftilib-1.5.3/src/Nifti/NiftiHeader.cxx:700:28: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inFile.read(tempExtension->m_bytes.data(), esize - 2 * sizeof(int32_t));
data/ciftilib-1.5.3/src/Nifti/NiftiHeader.h:53:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read(BinaryFile& inFile);
data/ciftilib-1.5.3/src/NiftiIO.cxx:39:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
m_header.read(m_file);
data/ciftilib-1.5.3/src/NiftiIO.h:109:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
m_file.read(m_scratch.data(), m_scratch.size(), &numRead);
ANALYSIS SUMMARY:
Hits = 92
Lines analyzed = 19167 in approximately 0.59 seconds (32361 lines/second)
Physical Source Lines of Code (SLOC) = 13606
Hits@level = [0] 1 [1] 51 [2] 41 [3] 0 [4] 0 [5] 0
Hits@level+ = [0+] 93 [1+] 92 [2+] 41 [3+] 0 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 6.83522 [1+] 6.76172 [2+] 3.01338 [3+] 0 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.