Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/gap-float-0.9.1+ds/src/c_poly.C
Examining data/gap-float-0.9.1+ds/src/cpoly.C
Examining data/gap-float-0.9.1+ds/src/cxsc.C
Examining data/gap-float-0.9.1+ds/src/cxsc_poly.C
Examining data/gap-float-0.9.1+ds/src/float.c
Examining data/gap-float-0.9.1+ds/src/floattypes.h
Examining data/gap-float-0.9.1+ds/src/fplll.C
Examining data/gap-float-0.9.1+ds/src/mp_poly.C
Examining data/gap-float-0.9.1+ds/src/mpc.c
Examining data/gap-float-0.9.1+ds/src/mpd.c
Examining data/gap-float-0.9.1+ds/src/mpfi.c
Examining data/gap-float-0.9.1+ds/src/mpfr.c
FINAL RESULTS:
data/gap-float-0.9.1+ds/src/mpc.c:423:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(c+slen, CSTR_STRING(FLOAT_INFINITY_STRING));
data/gap-float-0.9.1+ds/src/mpc.c:441:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(c+slen, CSTR_STRING(FLOAT_I_STRING));
data/gap-float-0.9.1+ds/src/mpfi.c:537:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(c+slen, "(%s)", CSTR_STRING(FLOAT_INFINITY_STRING));
data/gap-float-0.9.1+ds/src/float.c:60:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p->_mp_d, ADDR_INT(obj), s*sizeof(mp_limb_t));
data/gap-float-0.9.1+ds/src/float.c:94:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ADDR_INT(res), z[0]._mp_d, mpz_size(z)*sizeof(mp_limb_t));
data/gap-float-0.9.1+ds/src/mpfi.c:541:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(c+slen, "(%ld)", -exp);
data/gap-float-0.9.1+ds/src/mpfr.c:454:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s+slen,"%ld",exp);
data/gap-float-0.9.1+ds/src/mpfi.c:546:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SET_LEN_STRING(str, strlen(c));
data/gap-float-0.9.1+ds/src/mpfr.c:445:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int slen = strlen(s);
data/gap-float-0.9.1+ds/src/mpfr.c:455:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen(s)+1;
ANALYSIS SUMMARY:
Hits = 10
Lines analyzed = 5711 in approximately 0.17 seconds (32740 lines/second)
Physical Source Lines of Code (SLOC) = 4535
Hits@level = [0] 16 [1] 3 [2] 4 [3] 0 [4] 3 [5] 0
Hits@level+ = [0+] 26 [1+] 10 [2+] 7 [3+] 3 [4+] 3 [5+] 0
Hits/KSLOC@level+ = [0+] 5.73319 [1+] 2.20507 [2+] 1.54355 [3+] 0.661521 [4+] 0.661521 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.