Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/fact++-1.6.5~dfsg/FaCT++.C/fact.cpp
Examining data/fact++-1.6.5~dfsg/FaCT++.C/fact.h
Examining data/fact++-1.6.5~dfsg/FaCT++.C/test.c
Examining data/fact++-1.6.5~dfsg/FaCT++.JNI/Axioms.cpp
Examining data/fact++-1.6.5~dfsg/FaCT++.JNI/Expressions.cpp
Examining data/fact++-1.6.5~dfsg/FaCT++.JNI/FaCTPlusPlus.cpp
Examining data/fact++-1.6.5~dfsg/FaCT++.JNI/JNIActor.h
Examining data/fact++-1.6.5~dfsg/FaCT++.JNI/JNIMonitor.h
Examining data/fact++-1.6.5~dfsg/FaCT++.JNI/JNISupport.h
Examining data/fact++-1.6.5~dfsg/FaCT++.JNI/KnowledgeExploration.cpp
Examining data/fact++-1.6.5~dfsg/FaCT++.JNI/MemoryStat.cpp
Examining data/fact++-1.6.5~dfsg/FaCT++.JNI/MemoryStat.h
Examining data/fact++-1.6.5~dfsg/FaCT++.JNI/Modularity.cpp
Examining data/fact++-1.6.5~dfsg/FaCT++.JNI/Queries.cpp
Examining data/fact++-1.6.5~dfsg/FaCT++.JNI/SaveLoad.cpp
Examining data/fact++-1.6.5~dfsg/FaCT++.JNI/tJNICache.h
Examining data/fact++-1.6.5~dfsg/FaCT++.JNI/uk_ac_manchester_cs_factplusplus_FaCTPlusPlus.h
Examining data/fact++-1.6.5~dfsg/FaCT++/AD.cpp
Examining data/fact++-1.6.5~dfsg/FaCT++/FaCT.cpp
Examining data/fact++-1.6.5~dfsg/FaCT++/comparser.h
Examining data/fact++-1.6.5~dfsg/FaCT++/comscanner.h
Examining data/fact++-1.6.5~dfsg/FaCT++/lispgrammar.h
Examining data/fact++-1.6.5~dfsg/FaCT++/parser.cpp
Examining data/fact++-1.6.5~dfsg/FaCT++/parser.h
Examining data/fact++-1.6.5~dfsg/FaCT++/scanner.cpp
Examining data/fact++-1.6.5~dfsg/FaCT++/scanner.h
Examining data/fact++-1.6.5~dfsg/Kernel/Actor.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/Actor.h
Examining data/fact++-1.6.5~dfsg/Kernel/AtomicDecomposer.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/BiPointer.h
Examining data/fact++-1.6.5~dfsg/Kernel/Blocking.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/BuildDAG.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/CGLabel.h
Examining data/fact++-1.6.5~dfsg/Kernel/CWDArray.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/CWDArray.h
Examining data/fact++-1.6.5~dfsg/Kernel/CascadedCache.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/ConceptWithDep.h
Examining data/fact++-1.6.5~dfsg/Kernel/DLConceptTaxonomy.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/DLConceptTaxonomy.h
Examining data/fact++-1.6.5~dfsg/Kernel/DataReasoning.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/DataReasoning.h
Examining data/fact++-1.6.5~dfsg/Kernel/DataTypeCenter.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/DataTypeCenter.h
Examining data/fact++-1.6.5~dfsg/Kernel/DataTypeComparator.h
Examining data/fact++-1.6.5~dfsg/Kernel/DeletelessAllocator.h
Examining data/fact++-1.6.5~dfsg/Kernel/DepSet.h
Examining data/fact++-1.6.5~dfsg/Kernel/ExtendedDataRange.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/ExtendedSyntacticLocalityChecker.h
Examining data/fact++-1.6.5~dfsg/Kernel/GeneralSyntacticLocalityChecker.h
Examining data/fact++-1.6.5~dfsg/Kernel/Incremental.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/Input.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/Kernel.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/Kernel.h
Examining data/fact++-1.6.5~dfsg/Kernel/KnowledgeExplorer.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/KnowledgeExplorer.h
Examining data/fact++-1.6.5~dfsg/Kernel/LeveLogger.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/LeveLogger.h
Examining data/fact++-1.6.5~dfsg/Kernel/LocalityChecker.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/LocalityChecker.h
Examining data/fact++-1.6.5~dfsg/Kernel/LogicFeature.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/LogicFeature.h
Examining data/fact++-1.6.5~dfsg/Kernel/Modularity.h
Examining data/fact++-1.6.5~dfsg/Kernel/ModuleMethod.h
Examining data/fact++-1.6.5~dfsg/Kernel/ModuleType.h
Examining data/fact++-1.6.5~dfsg/Kernel/OntologyBasedModularizer.h
Examining data/fact++-1.6.5~dfsg/Kernel/Preprocess.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/PriorityMatrix.h
Examining data/fact++-1.6.5~dfsg/Kernel/ProgressIndicatorInterface.h
Examining data/fact++-1.6.5~dfsg/Kernel/RAutomaton.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/RAutomaton.h
Examining data/fact++-1.6.5~dfsg/Kernel/Reasoner.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/Reasoner.h
Examining data/fact++-1.6.5~dfsg/Kernel/ReasonerNom.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/ReasonerNom.h
Examining data/fact++-1.6.5~dfsg/Kernel/Relevance.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/RoleMaster.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/RoleMaster.h
Examining data/fact++-1.6.5~dfsg/Kernel/SaveLoad.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/SaveLoadManager.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/SaveLoadManager.h
Examining data/fact++-1.6.5~dfsg/Kernel/SearchableStack.h
Examining data/fact++-1.6.5~dfsg/Kernel/SemanticLocalityChecker.h
Examining data/fact++-1.6.5~dfsg/Kernel/SigIndex.h
Examining data/fact++-1.6.5~dfsg/Kernel/SortedReasoning.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/SyntacticLocalityChecker.h
Examining data/fact++-1.6.5~dfsg/Kernel/Tactic.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/TaxGatheringWalker.h
Examining data/fact++-1.6.5~dfsg/Kernel/Taxonomy.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/Taxonomy.h
Examining data/fact++-1.6.5~dfsg/Kernel/TaxonomyCreator.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/TaxonomyCreator.h
Examining data/fact++-1.6.5~dfsg/Kernel/ToDoList.h
Examining data/fact++-1.6.5~dfsg/Kernel/WalkerInterface.h
Examining data/fact++-1.6.5~dfsg/Kernel/configure.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/configure.h
Examining data/fact++-1.6.5~dfsg/Kernel/counter.h
Examining data/fact++-1.6.5~dfsg/Kernel/cpm.h
Examining data/fact++-1.6.5~dfsg/Kernel/cppi.h
Examining data/fact++-1.6.5~dfsg/Kernel/dir_util.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/dir_util.h
Examining data/fact++-1.6.5~dfsg/Kernel/dlCompletionGraph.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/dlCompletionGraph.h
Examining data/fact++-1.6.5~dfsg/Kernel/dlCompletionTree.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/dlCompletionTree.h
Examining data/fact++-1.6.5~dfsg/Kernel/dlCompletionTreeArc.h
Examining data/fact++-1.6.5~dfsg/Kernel/dlDag.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/dlDag.h
Examining data/fact++-1.6.5~dfsg/Kernel/dlTBox.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/dlTBox.h
Examining data/fact++-1.6.5~dfsg/Kernel/dlVHash.h
Examining data/fact++-1.6.5~dfsg/Kernel/dlVHashImpl.h
Examining data/fact++-1.6.5~dfsg/Kernel/dlVertex.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/dlVertex.h
Examining data/fact++-1.6.5~dfsg/Kernel/dltree.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/dltree.h
Examining data/fact++-1.6.5~dfsg/Kernel/dumpInterface.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/dumpInterface.h
Examining data/fact++-1.6.5~dfsg/Kernel/dumpLisp.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/dumpLisp.h
Examining data/fact++-1.6.5~dfsg/Kernel/eFPPCantRegName.h
Examining data/fact++-1.6.5~dfsg/Kernel/eFPPCycleInRIA.h
Examining data/fact++-1.6.5~dfsg/Kernel/eFPPInconsistentKB.h
Examining data/fact++-1.6.5~dfsg/Kernel/eFPPNonSimpleRole.h
Examining data/fact++-1.6.5~dfsg/Kernel/eFPPSaveLoad.h
Examining data/fact++-1.6.5~dfsg/Kernel/eFPPTimeout.h
Examining data/fact++-1.6.5~dfsg/Kernel/eFaCTPlusPlus.h
Examining data/fact++-1.6.5~dfsg/Kernel/flags.h
Examining data/fact++-1.6.5~dfsg/Kernel/fpp_assert.h
Examining data/fact++-1.6.5~dfsg/Kernel/globaldef.h
Examining data/fact++-1.6.5~dfsg/Kernel/grammar.h
Examining data/fact++-1.6.5~dfsg/Kernel/growingArray.h
Examining data/fact++-1.6.5~dfsg/Kernel/growingArrayP.h
Examining data/fact++-1.6.5~dfsg/Kernel/ifOptions.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/ifOptions.h
Examining data/fact++-1.6.5~dfsg/Kernel/logging.h
Examining data/fact++-1.6.5~dfsg/Kernel/mergableLabel.h
Examining data/fact++-1.6.5~dfsg/Kernel/modelCacheConst.h
Examining data/fact++-1.6.5~dfsg/Kernel/modelCacheIan.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/modelCacheIan.h
Examining data/fact++-1.6.5~dfsg/Kernel/modelCacheInterface.h
Examining data/fact++-1.6.5~dfsg/Kernel/modelCacheSingleton.h
Examining data/fact++-1.6.5~dfsg/Kernel/parseTime.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/parseTime.h
Examining data/fact++-1.6.5~dfsg/Kernel/procTimer.h
Examining data/fact++-1.6.5~dfsg/Kernel/tAxiom.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/tAxiom.h
Examining data/fact++-1.6.5~dfsg/Kernel/tAxiomSet.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/tAxiomSet.h
Examining data/fact++-1.6.5~dfsg/Kernel/tBranchingContext.h
Examining data/fact++-1.6.5~dfsg/Kernel/tConcept.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/tConcept.h
Examining data/fact++-1.6.5~dfsg/Kernel/tCounter.h
Examining data/fact++-1.6.5~dfsg/Kernel/tDLAxiom.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/tDLAxiom.h
Examining data/fact++-1.6.5~dfsg/Kernel/tDLExpression.h
Examining data/fact++-1.6.5~dfsg/Kernel/tDag2Interface.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/tDag2Interface.h
Examining data/fact++-1.6.5~dfsg/Kernel/tDataEntry.h
Examining data/fact++-1.6.5~dfsg/Kernel/tDataType.h
Examining data/fact++-1.6.5~dfsg/Kernel/tDataTypeBool.h
Examining data/fact++-1.6.5~dfsg/Kernel/tDataTypeManager.h
Examining data/fact++-1.6.5~dfsg/Kernel/tDepSet.h
Examining data/fact++-1.6.5~dfsg/Kernel/tExpressionManager.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/tExpressionManager.h
Examining data/fact++-1.6.5~dfsg/Kernel/tExpressionPrinterLISP.h
Examining data/fact++-1.6.5~dfsg/Kernel/tExpressionTranslator.h
Examining data/fact++-1.6.5~dfsg/Kernel/tFastSet.h
Examining data/fact++-1.6.5~dfsg/Kernel/tHeadTailCache.h
Examining data/fact++-1.6.5~dfsg/Kernel/tIndividual.h
Examining data/fact++-1.6.5~dfsg/Kernel/tKBFlags.h
Examining data/fact++-1.6.5~dfsg/Kernel/tLabeller.h
Examining data/fact++-1.6.5~dfsg/Kernel/tLexeme.h
Examining data/fact++-1.6.5~dfsg/Kernel/tNAryQueue.h
Examining data/fact++-1.6.5~dfsg/Kernel/tNECollection.h
Examining data/fact++-1.6.5~dfsg/Kernel/tNameSet.h
Examining data/fact++-1.6.5~dfsg/Kernel/tNamedEntry.h
Examining data/fact++-1.6.5~dfsg/Kernel/tOntology.h
Examining data/fact++-1.6.5~dfsg/Kernel/tOntologyAtom.h
Examining data/fact++-1.6.5~dfsg/Kernel/tOntologyLoader.h
Examining data/fact++-1.6.5~dfsg/Kernel/tOntologyPrinterLISP.h
Examining data/fact++-1.6.5~dfsg/Kernel/tProgressMonitor.h
Examining data/fact++-1.6.5~dfsg/Kernel/tRareSaveStack.h
Examining data/fact++-1.6.5~dfsg/Kernel/tRelated.h
Examining data/fact++-1.6.5~dfsg/Kernel/tRestorer.h
Examining data/fact++-1.6.5~dfsg/Kernel/tRole.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/tRole.h
Examining data/fact++-1.6.5~dfsg/Kernel/tSaveList.h
Examining data/fact++-1.6.5~dfsg/Kernel/tSaveStack.h
Examining data/fact++-1.6.5~dfsg/Kernel/tSetAsTree.h
Examining data/fact++-1.6.5~dfsg/Kernel/tSignature.h
Examining data/fact++-1.6.5~dfsg/Kernel/tSignatureUpdater.h
Examining data/fact++-1.6.5~dfsg/Kernel/taxNamEntry.h
Examining data/fact++-1.6.5~dfsg/Kernel/taxVertex.cpp
Examining data/fact++-1.6.5~dfsg/Kernel/taxVertex.h
Examining data/fact++-1.6.5~dfsg/Kernel/tsttree.h
Examining data/fact++-1.6.5~dfsg/Kernel/AtomicDecomposer.h
FINAL RESULTS:
data/fact++-1.6.5~dfsg/FaCT++/FaCT.cpp:254:6: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
Out.open ( argc == 3 ? argv [2] : "dl.res" );
data/fact++-1.6.5~dfsg/FaCT++/comscanner.h:42:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char LexBuff [ MaxIDLength + 1 ];
data/fact++-1.6.5~dfsg/FaCT++/comscanner.h:66:66: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned long GetNumber ( void ) const { return (unsigned long) atol(LexBuff); }
data/fact++-1.6.5~dfsg/Kernel/LeveLogger.cpp:35:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
LLprivate.open(filename);
data/fact++-1.6.5~dfsg/Kernel/configure.h:51:39: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
long GetLong ( void ) const { return atol ( Value.c_str() ); }
data/fact++-1.6.5~dfsg/Kernel/configure.h:85:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Line [MaxConfLineLen+1]; // \0
data/fact++-1.6.5~dfsg/Kernel/ifOptions.cpp:41:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
iValue = atoi ( s.c_str() );
data/fact++-1.6.5~dfsg/Kernel/tDataEntry.h:206:24: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
comp = ComparableDT(atol(getName()));
data/fact++-1.6.5~dfsg/Kernel/tDataEntry.h:212:26: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
comp = ComparableDT ( atol(getName()), 0 );
data/fact++-1.6.5~dfsg/FaCT++/comscanner.h:71:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ return strlen(Word) == strlen(LexBuff) ? !strcmp ( Word, LexBuff ) : false; }
data/fact++-1.6.5~dfsg/FaCT++/comscanner.h:71:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ return strlen(Word) == strlen(LexBuff) ? !strcmp ( Word, LexBuff ) : false; }
data/fact++-1.6.5~dfsg/Kernel/SaveLoad.cpp:215:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( maxLength < (curLength = strlen((*p)->getName())) )
data/fact++-1.6.5~dfsg/Kernel/SaveLoad.cpp:277:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( maxLength < (curLength = strlen((*p)->getName())) )
data/fact++-1.6.5~dfsg/Kernel/configure.cpp:145:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for ( p=pValue+strlen(pValue)-1; isspace (*p) && p!=pValue; --p ) *p=0;
data/fact++-1.6.5~dfsg/Kernel/configure.cpp:168:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen (Line);
data/fact++-1.6.5~dfsg/Kernel/configure.cpp:223:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Line [strlen(Line)-1] = (char) 0; // kill ']' of section
data/fact++-1.6.5~dfsg/Kernel/configure.h:92:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ return ( Line [0] == '[' && Line [strlen(Line)-1] == ']' ); }
data/fact++-1.6.5~dfsg/Kernel/dlDag.h:94:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(str);
ANALYSIS SUMMARY:
Hits = 18
Lines analyzed = 46891 in approximately 1.14 seconds (41188 lines/second)
Physical Source Lines of Code (SLOC) = 28407
Hits@level = [0] 5 [1] 9 [2] 9 [3] 0 [4] 0 [5] 0
Hits@level+ = [0+] 23 [1+] 18 [2+] 9 [3+] 0 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 0.80966 [1+] 0.633647 [2+] 0.316823 [3+] 0 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.