Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/double-conversion-3.1.5/double-conversion/bignum-dtoa.cc
Examining data/double-conversion-3.1.5/double-conversion/bignum-dtoa.h
Examining data/double-conversion-3.1.5/double-conversion/bignum.cc
Examining data/double-conversion-3.1.5/double-conversion/bignum.h
Examining data/double-conversion-3.1.5/double-conversion/cached-powers.cc
Examining data/double-conversion-3.1.5/double-conversion/cached-powers.h
Examining data/double-conversion-3.1.5/double-conversion/diy-fp.cc
Examining data/double-conversion-3.1.5/double-conversion/diy-fp.h
Examining data/double-conversion-3.1.5/double-conversion/double-conversion.cc
Examining data/double-conversion-3.1.5/double-conversion/double-conversion.h
Examining data/double-conversion-3.1.5/double-conversion/fast-dtoa.cc
Examining data/double-conversion-3.1.5/double-conversion/fast-dtoa.h
Examining data/double-conversion-3.1.5/double-conversion/fixed-dtoa.cc
Examining data/double-conversion-3.1.5/double-conversion/fixed-dtoa.h
Examining data/double-conversion-3.1.5/double-conversion/ieee.h
Examining data/double-conversion-3.1.5/double-conversion/strtod.cc
Examining data/double-conversion-3.1.5/double-conversion/strtod.h
Examining data/double-conversion-3.1.5/double-conversion/utils.h
Examining data/double-conversion-3.1.5/test/cctest/cctest.cc
Examining data/double-conversion-3.1.5/test/cctest/cctest.h
Examining data/double-conversion-3.1.5/test/cctest/checks.h
Examining data/double-conversion-3.1.5/test/cctest/gay-fixed.cc
Examining data/double-conversion-3.1.5/test/cctest/gay-fixed.h
Examining data/double-conversion-3.1.5/test/cctest/gay-precision.cc
Examining data/double-conversion-3.1.5/test/cctest/gay-precision.h
Examining data/double-conversion-3.1.5/test/cctest/gay-shortest-single.cc
Examining data/double-conversion-3.1.5/test/cctest/gay-shortest-single.h
Examining data/double-conversion-3.1.5/test/cctest/gay-shortest.cc
Examining data/double-conversion-3.1.5/test/cctest/gay-shortest.h
Examining data/double-conversion-3.1.5/test/cctest/test-bignum-dtoa.cc
Examining data/double-conversion-3.1.5/test/cctest/test-bignum.cc
Examining data/double-conversion-3.1.5/test/cctest/test-conversions.cc
Examining data/double-conversion-3.1.5/test/cctest/test-diy-fp.cc
Examining data/double-conversion-3.1.5/test/cctest/test-dtoa.cc
Examining data/double-conversion-3.1.5/test/cctest/test-fast-dtoa.cc
Examining data/double-conversion-3.1.5/test/cctest/test-fixed-dtoa.cc
Examining data/double-conversion-3.1.5/test/cctest/test-ieee.cc
Examining data/double-conversion-3.1.5/test/cctest/test-strtod.cc
FINAL RESULTS:
data/double-conversion-3.1.5/double-conversion/double-conversion.cc:102:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[kMaxExponentLength + 1];
data/double-conversion-3.1.5/double-conversion/double-conversion.cc:174:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char decimal_rep[kDecimalRepCapacity];
data/double-conversion-3.1.5/double-conversion/double-conversion.cc:219:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char decimal_rep[kDecimalRepCapacity];
data/double-conversion-3.1.5/double-conversion/double-conversion.cc:252:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char decimal_rep[kDecimalRepCapacity];
data/double-conversion-3.1.5/double-conversion/double-conversion.cc:307:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char decimal_rep[kDecimalRepCapacity];
data/double-conversion-3.1.5/double-conversion/double-conversion.cc:830:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[kBufferSize]; // NOLINT: size is known at compile time.
data/double-conversion-3.1.5/double-conversion/strtod.cc:450:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char copy_buffer[kMaxSignificantDecimalDigits];
data/double-conversion-3.1.5/double-conversion/strtod.cc:500:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char copy_buffer[kMaxSignificantDecimalDigits];
data/double-conversion-3.1.5/double-conversion/utils.h:355:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char VerifySizesAreEqual[sizeof(Dest) == sizeof(Source) ? 1 : -1];
data/double-conversion-3.1.5/test/cctest/test-bignum-dtoa.cc:59:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_container[kBufferSize];
data/double-conversion-3.1.5/test/cctest/test-bignum-dtoa.cc:262:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_container[kBufferSize];
data/double-conversion-3.1.5/test/cctest/test-bignum-dtoa.cc:325:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_container[kBufferSize];
data/double-conversion-3.1.5/test/cctest/test-bignum-dtoa.cc:343:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_container[kBufferSize];
data/double-conversion-3.1.5/test/cctest/test-bignum-dtoa.cc:361:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_container[kBufferSize];
data/double-conversion-3.1.5/test/cctest/test-bignum-dtoa.cc:382:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_container[kBufferSize];
data/double-conversion-3.1.5/test/cctest/test-bignum.cc:52:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[kBufferSize];
data/double-conversion-3.1.5/test/cctest/test-bignum.cc:121:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[kBufferSize];
data/double-conversion-3.1.5/test/cctest/test-bignum.cc:159:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[kBufferSize];
data/double-conversion-3.1.5/test/cctest/test-bignum.cc:258:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[kBufferSize];
data/double-conversion-3.1.5/test/cctest/test-bignum.cc:348:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[kBufferSize];
data/double-conversion-3.1.5/test/cctest/test-bignum.cc:448:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[kBufferSize];
data/double-conversion-3.1.5/test/cctest/test-bignum.cc:549:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[kBufferSize];
data/double-conversion-3.1.5/test/cctest/test-bignum.cc:650:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[kBufferSize];
data/double-conversion-3.1.5/test/cctest/test-bignum.cc:980:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[kBufferSize];
data/double-conversion-3.1.5/test/cctest/test-bignum.cc:1362:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[kBufferSize];
data/double-conversion-3.1.5/test/cctest/test-bignum.cc:1393:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[kBufferSize];
data/double-conversion-3.1.5/test/cctest/test-conversions.cc:17:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[kBufferSize];
data/double-conversion-3.1.5/test/cctest/test-conversions.cc:177:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[kBufferSize];
data/double-conversion-3.1.5/test/cctest/test-conversions.cc:333:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[kBufferSize];
data/double-conversion-3.1.5/test/cctest/test-conversions.cc:603:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[kBufferSize];
data/double-conversion-3.1.5/test/cctest/test-conversions.cc:760:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[kBufferSize];
data/double-conversion-3.1.5/test/cctest/test-conversions.cc:962:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[kBufferSize];
data/double-conversion-3.1.5/test/cctest/test-dtoa.cc:82:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_container[kBufferSize];
data/double-conversion-3.1.5/test/cctest/test-dtoa.cc:338:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_container[kBufferSize];
data/double-conversion-3.1.5/test/cctest/test-dtoa.cc:395:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_container[kBufferSize];
data/double-conversion-3.1.5/test/cctest/test-dtoa.cc:424:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_container[kBufferSize];
data/double-conversion-3.1.5/test/cctest/test-dtoa.cc:444:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_container[kBufferSize];
data/double-conversion-3.1.5/test/cctest/test-dtoa.cc:464:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_container[kBufferSize];
data/double-conversion-3.1.5/test/cctest/test-dtoa.cc:487:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_container[kBufferSize];
data/double-conversion-3.1.5/test/cctest/test-fast-dtoa.cc:31:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_container[kBufferSize];
data/double-conversion-3.1.5/test/cctest/test-fast-dtoa.cc:101:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_container[kBufferSize];
data/double-conversion-3.1.5/test/cctest/test-fast-dtoa.cc:177:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_container[kBufferSize];
data/double-conversion-3.1.5/test/cctest/test-fast-dtoa.cc:278:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_container[kBufferSize];
data/double-conversion-3.1.5/test/cctest/test-fast-dtoa.cc:307:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_container[kBufferSize];
data/double-conversion-3.1.5/test/cctest/test-fast-dtoa.cc:336:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_container[kBufferSize];
data/double-conversion-3.1.5/test/cctest/test-fixed-dtoa.cc:42:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_container[kBufferSize];
data/double-conversion-3.1.5/test/cctest/test-fixed-dtoa.cc:496:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_container[kBufferSize];
data/double-conversion-3.1.5/test/cctest/test-strtod.cc:657:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[kBufferSize];
data/double-conversion-3.1.5/test/cctest/test-strtod.cc:724:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[kBufferSize];
data/double-conversion-3.1.5/double-conversion/utils.h:199:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t length = strlen(string);
data/double-conversion-3.1.5/double-conversion/utils.h:287:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ASSERT(static_cast<size_t>(n) <= strlen(s));
data/double-conversion-3.1.5/double-conversion/utils.h:307:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ASSERT(strlen(buffer_.start()) == static_cast<size_t>(position_));
data/double-conversion-3.1.5/test/cctest/test-bignum-dtoa.cc:46:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(representation.start());
data/double-conversion-3.1.5/test/cctest/test-bignum.cc:42:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bignum->AssignHexString(Vector<const char>(str, strlen(str)));
data/double-conversion-3.1.5/test/cctest/test-bignum.cc:47:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bignum->AssignDecimalString(Vector<const char>(str, strlen(str)));
data/double-conversion-3.1.5/test/cctest/test-conversions.cc:1770:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
double result = converter.StringToDouble(str, strlen(str),
data/double-conversion-3.1.5/test/cctest/test-conversions.cc:1773:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((strlen(str) == static_cast<unsigned>(*processed_characters_count)));
data/double-conversion-3.1.5/test/cctest/test-conversions.cc:1776:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ASSERT(strlen(str) < ARRAY_SIZE(buffer16));
data/double-conversion-3.1.5/test/cctest/test-conversions.cc:1777:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(str);
data/double-conversion-3.1.5/test/cctest/test-conversions.cc:3895:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
float result = converter.StringToFloat(str, strlen(str),
data/double-conversion-3.1.5/test/cctest/test-conversions.cc:3898:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((strlen(str) == static_cast<unsigned>(*processed_characters_count)));
data/double-conversion-3.1.5/test/cctest/test-conversions.cc:3901:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ASSERT(strlen(str) < ARRAY_SIZE(buffer16));
data/double-conversion-3.1.5/test/cctest/test-conversions.cc:3902:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(str);
data/double-conversion-3.1.5/test/cctest/test-dtoa.cc:69:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(representation.start());
data/double-conversion-3.1.5/test/cctest/test-fast-dtoa.cc:21:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(representation.start());
data/double-conversion-3.1.5/test/cctest/test-strtod.cc:15:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return Vector<const char>(str, strlen(str));
ANALYSIS SUMMARY:
Hits = 66
Lines analyzed = 327462 in approximately 21.88 seconds (14964 lines/second)
Physical Source Lines of Code (SLOC) = 321780
Hits@level = [0] 7 [1] 17 [2] 49 [3] 0 [4] 0 [5] 0
Hits@level+ = [0+] 73 [1+] 66 [2+] 49 [3+] 0 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 0.226863 [1+] 0.205109 [2+] 0.152278 [3+] 0 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.