stdin

Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/fckit-0.9.0/src/fckit/Log.h
Examining data/fckit-0.9.0/src/fckit/fctest.h
Examining data/fckit-0.9.0/src/fckit/Main.cc
Examining data/fckit-0.9.0/src/fckit/Libfckit.cc
Examining data/fckit-0.9.0/src/fckit/Log.cc
Examining data/fckit-0.9.0/src/fckit/module/fckit_log.cc
Examining data/fckit-0.9.0/src/fckit/module/fckit_mpi.cc
Examining data/fckit-0.9.0/src/fckit/module/fckit_C_interop.cc
Examining data/fckit-0.9.0/src/fckit/module/fckit_resource.cc
Examining data/fckit-0.9.0/src/fckit/module/fckit_owned.cc
Examining data/fckit-0.9.0/src/fckit/module/fckit_buffer.cc
Examining data/fckit-0.9.0/src/fckit/module/fckit_configuration.cc
Examining data/fckit-0.9.0/src/fckit/module/fckit_main.cc
Examining data/fckit-0.9.0/src/fckit/Main.h
Examining data/fckit-0.9.0/src/fckit/Libfckit.h
Examining data/fckit-0.9.0/src/tests/test_cpp.cc
Examining data/fckit-0.9.0/src/tests/test_shared_ptr.cc
Examining data/fckit-0.9.0/src/tests/test_configuration.cc

FINAL RESULTS:

data/fckit-0.9.0/src/fckit/Libfckit.cc:24:31:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
Libfckit::Libfckit() : eckit::system::Library( "fckit" ) {}
data/fckit-0.9.0/src/fckit/Libfckit.h:20:32:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
class Libfckit : public eckit::system::Library {
data/fckit-0.9.0/src/fckit/Log.cc:26:14:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
using eckit::system::Library;
data/fckit-0.9.0/src/fckit/Main.cc:261:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    ::strcpy( what, exception_what.c_str() );
data/fckit-0.9.0/src/fckit/Main.cc:273:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    ::strcpy( file, f.c_str() );
data/fckit-0.9.0/src/fckit/Main.cc:280:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    ::strcpy( function, f.c_str() );
data/fckit-0.9.0/src/fckit/Main.cc:290:10:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    std::strcpy( callstack, f.c_str() );
data/fckit-0.9.0/src/fckit/module/fckit_buffer.cc:26:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy( str, s.c_str() );
data/fckit-0.9.0/src/fckit/module/fckit_configuration.cc:273:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy( value, s.c_str() );
data/fckit-0.9.0/src/fckit/module/fckit_configuration.cc:341:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy( &value[offsets[j]], s[j].c_str() );
data/fckit-0.9.0/src/fckit/module/fckit_configuration.cc:362:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy( json, json_str.c_str() );
data/fckit-0.9.0/src/fckit/module/fckit_main.cc:78:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    ::strcpy( name, v.c_str() );
data/fckit-0.9.0/src/fckit/module/fckit_main.cc:86:10:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    std::strcpy( name, v.c_str() );
data/fckit-0.9.0/src/fckit/module/fckit_mpi.cc:86:10:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    std::strcpy( name, s.c_str() );
data/fckit-0.9.0/src/fckit/module/fckit_resource.cc:48:10:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    std::strcpy( value, v.c_str() );
data/fckit-0.9.0/src/fckit/module/fckit_configuration.cc:161:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char str[length + 1];
data/fckit-0.9.0/src/fckit/fctest.h:63:52:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
! CHECK_EQUAL macro: check if 2 values are exactly equal
data/fckit-0.9.0/src/fckit/fctest.h:67:49:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
! CHECK_EQUAL macro: check if 2 REAL values are equal with a given tolerance
data/fckit-0.9.0/src/fckit/module/fckit_log.cc:24:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (::strlen( msg ) )

ANALYSIS SUMMARY:

Hits = 19
Lines analyzed = 2331 in approximately 0.17 seconds (13386 lines/second)
Physical Source Lines of Code (SLOC) = 1786
Hits@level = [0]   1 [1]   3 [2]   1 [3]   0 [4]  15 [5]   0
Hits@level+ = [0+]  20 [1+]  19 [2+]  16 [3+]  15 [4+]  15 [5+]   0
Hits/KSLOC@level+ = [0+] 11.1982 [1+] 10.6383 [2+] 8.95857 [3+] 8.39866 [4+] 8.39866 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.