Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/gifticlib-1.0.9/gifti_tool.c
Examining data/gifticlib-1.0.9/gifti_xml.c
Examining data/gifticlib-1.0.9/gifti_test.c
Examining data/gifticlib-1.0.9/gifti_test.h
Examining data/gifticlib-1.0.9/gifti_io.c
Examining data/gifticlib-1.0.9/gifti_tool.h
Examining data/gifticlib-1.0.9/gifti_xml.h
Examining data/gifticlib-1.0.9/gifti_io.h
FINAL RESULTS:
data/gifticlib-1.0.9/gifti_io.c:2150:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newstr, src);
data/gifticlib-1.0.9/gifti_test.c:180:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(nbuf, prefix);
data/gifticlib-1.0.9/gifti_tool.c:805:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fcopy, "dset '%s' :", fname);
data/gifticlib-1.0.9/gifti_tool.c:1577:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(nbuf, prefix);
data/gifticlib-1.0.9/gifti_tool.c:1671:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(nbuf, prefix);
data/gifticlib-1.0.9/gifti_io.c:304:22: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
gim->numDA = atol(val);
data/gifticlib-1.0.9/gifti_io.c:980:62: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
else if( !strcmp(attr, "Dimensionality") ) DA->num_dim = atoi(value);
data/gifticlib-1.0.9/gifti_io.c:981:62: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
else if( !strcmp(attr, "Dim0") ) DA->dims[0] = atoi(value);
data/gifticlib-1.0.9/gifti_io.c:982:62: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
else if( !strcmp(attr, "Dim1") ) DA->dims[1] = atoi(value);
data/gifticlib-1.0.9/gifti_io.c:983:62: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
else if( !strcmp(attr, "Dim2") ) DA->dims[2] = atoi(value);
data/gifticlib-1.0.9/gifti_io.c:984:62: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
else if( !strcmp(attr, "Dim3") ) DA->dims[3] = atoi(value);
data/gifticlib-1.0.9/gifti_io.c:985:62: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
else if( !strcmp(attr, "Dim4") ) DA->dims[4] = atoi(value);
data/gifticlib-1.0.9/gifti_io.c:986:62: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
else if( !strcmp(attr, "Dim5") ) DA->dims[5] = atoi(value);
data/gifticlib-1.0.9/gifti_io.c:1443:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/gifticlib-1.0.9/gifti_io.c:1449:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "gim->darray[%d]", c);
data/gifticlib-1.0.9/gifti_io.c:1909:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(da->ext_fname, "r");
data/gifticlib-1.0.9/gifti_io.c:1968:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(da->ext_fname, "a+");
data/gifticlib-1.0.9/gifti_io.c:2203:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(gnew->data, orig->data, gnew->nvals * gnew->nbyper);
data/gifticlib-1.0.9/gifti_io.c:2274:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->rgba, src->rgba, dest->length * 4 * sizeof(float));
data/gifticlib-1.0.9/gifti_io.c:3629:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * dp, fbuf[64];
data/gifticlib-1.0.9/gifti_io.c:3665:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fbuf,"%f", *(float *)dp);
data/gifticlib-1.0.9/gifti_io.c:3670:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fbuf,"%f", *(double *)dp);
data/gifticlib-1.0.9/gifti_test.c:103:20: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
slen = atol(argv[ac]);
data/gifticlib-1.0.9/gifti_test.c:121:28: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
slist[c] = atol(argv[ac]);
data/gifticlib-1.0.9/gifti_test.c:131:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
gifti_set_verb( atoi(argv[ac]) );
data/gifticlib-1.0.9/gifti_test.c:181:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(nbuf, ".asc");
data/gifticlib-1.0.9/gifti_test.c:185:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( !(fp = fopen(name, "w")) ) {
data/gifticlib-1.0.9/gifti_tool.c:126:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
opts->verb = atoi(argv[ac]);
data/gifticlib-1.0.9/gifti_tool.c:154:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
opts->buf_size = atoi(argv[ac]);
data/gifticlib-1.0.9/gifti_tool.c:165:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
opts->comp_verb = atoi(argv[ac]);
data/gifticlib-1.0.9/gifti_tool.c:180:51: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if( add_to_int_list(&opts->DAlist, atoi(argv[ac])) ) return -1;
data/gifticlib-1.0.9/gifti_tool.c:207:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
opts->indent = atoi(argv[ac]);
data/gifticlib-1.0.9/gifti_tool.c:247:53: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if(add_to_int_list(&opts->DAmodlist, atoi(argv[ac]))) return -1;
data/gifticlib-1.0.9/gifti_tool.c:285:31: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
opts->new_numDA = atol(argv[ac]);
data/gifticlib-1.0.9/gifti_tool.c:305:30: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
opts->new_ndim = atol(argv[ac]);
data/gifticlib-1.0.9/gifti_tool.c:310:36: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
opts->new_dims[c] = atol(argv[ac]);
data/gifticlib-1.0.9/gifti_tool.c:326:52: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if( add_to_int_list(&opts->DAlistr, atoi(argv[ac])) ) return -1;
data/gifticlib-1.0.9/gifti_tool.c:367:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
opts->zlevel = atoi(argv[ac]);
data/gifticlib-1.0.9/gifti_tool.c:1578:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(nbuf, ".1D");
data/gifticlib-1.0.9/gifti_tool.c:1592:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( !(fp = fopen(name, "w")) ) {
data/gifticlib-1.0.9/gifti_tool.c:1638:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( !(fp = fopen(name, "w")) ) {
data/gifticlib-1.0.9/gifti_tool.c:1672:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(nbuf, ".asc");
data/gifticlib-1.0.9/gifti_tool.c:1676:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( !(fp = fopen(name, "w")) ) {
data/gifticlib-1.0.9/gifti_xml.c:122:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char * enames[GXML_MAX_ELEN] = {
data/gifticlib-1.0.9/gifti_xml.c:171:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char b64_encode_table[64] = {
data/gifticlib-1.0.9/gifti_xml.c:186:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char b64_decode_table[256] = {
data/gifticlib-1.0.9/gifti_xml.c:254:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(fname, "r");
data/gifticlib-1.0.9/gifti_xml.c:463:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(fname, "w");
data/gifticlib-1.0.9/gifti_xml.c:962:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lt->rgba + 4*(lt->length-1), rgba, 4*sizeof(float));
data/gifticlib-1.0.9/gifti_xml.c:997:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*key = atoi(aptr[1]);
data/gifticlib-1.0.9/gifti_xml.c:1001:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*key = atoi(aptr[1]);
data/gifticlib-1.0.9/gifti_xml.c:1573:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*xd->cdata + offset, cdata, len); /* append the new data */
data/gifticlib-1.0.9/gifti_xml.c:1735:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, src, src_len);
data/gifticlib-1.0.9/gifti_xml.c:1745:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, src, src_len);
data/gifticlib-1.0.9/gifti_xml.c:1753:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, src, src_len);
data/gifticlib-1.0.9/gifti_xml.c:1852:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(xd->ddata+xd->doff, cptr, copy_len);
data/gifticlib-1.0.9/gifti_xml.c:1954:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(xd->xdata+xd->doff, cptr, copy_len);
data/gifticlib-1.0.9/gifti_xml.c:2620:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dimstr[5] = "Dim0";
data/gifticlib-1.0.9/gifti_xml.c:2936:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attr[256] = "";
data/gifticlib-1.0.9/gifti_xml.c:2957:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(attr, " Key=\"%d\""
data/gifticlib-1.0.9/gifti_xml.c:2962:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(attr, " Key=\"%d\"", lt->key[c]);
data/gifticlib-1.0.9/gifti_io.c:2142:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(src) + 1;
data/gifticlib-1.0.9/gifti_io.c:3701:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(dp);
data/gifticlib-1.0.9/gifti_test.c:179:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nbuf = (char *)malloc(strlen(prefix) + strlen(".asc") + 1);
data/gifticlib-1.0.9/gifti_test.c:179:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nbuf = (char *)malloc(strlen(prefix) + strlen(".asc") + 1);
data/gifticlib-1.0.9/gifti_tool.c:803:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fcopy = (char *)malloc((strlen(fname)+32) * sizeof(char));
data/gifticlib-1.0.9/gifti_tool.c:1576:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nbuf = (char *)malloc(strlen(prefix) + strlen(".1D") + 1);
data/gifticlib-1.0.9/gifti_tool.c:1576:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nbuf = (char *)malloc(strlen(prefix) + strlen(".1D") + 1);
data/gifticlib-1.0.9/gifti_tool.c:1670:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nbuf = (char *)malloc(strlen(prefix) + strlen(".asc") + 1);
data/gifticlib-1.0.9/gifti_tool.c:1670:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nbuf = (char *)malloc(strlen(prefix) + strlen(".asc") + 1);
data/gifticlib-1.0.9/gifti_xml.c:1528:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/gifticlib-1.0.9/gifti_xml.c:2307:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/gifticlib-1.0.9/gifti_xml.c:2594:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
offset = strlen(enames[GXML_ETYPE_GIFTI]) + 2;
data/gifticlib-1.0.9/gifti_xml.c:2626:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
offset = strlen(enames[GXML_ETYPE_DATAARRAY]) + 2 + spaces;
ANALYSIS SUMMARY:
Hits = 74
Lines analyzed = 10759 in approximately 0.43 seconds (25242 lines/second)
Physical Source Lines of Code (SLOC) = 8014
Hits@level = [0] 748 [1] 13 [2] 56 [3] 0 [4] 5 [5] 0
Hits@level+ = [0+] 822 [1+] 74 [2+] 61 [3+] 5 [4+] 5 [5+] 0
Hits/KSLOC@level+ = [0+] 102.571 [1+] 9.23384 [2+] 7.61168 [3+] 0.623908 [4+] 0.623908 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.