stdin

Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/gmetadom-0.2.6/src/gdome_caml/include/mlgdomevalue.h
Examining data/gmetadom-0.2.6/src/gdome_caml/events/ml_EventTarget.c
Examining data/gmetadom-0.2.6/src/gdome_caml/events/ml_MutationEvent.c
Examining data/gmetadom-0.2.6/src/gdome_caml/events/ml_EventListener.c
Examining data/gmetadom-0.2.6/src/gdome_caml/events/ml_Event.c
Examining data/gmetadom-0.2.6/src/gdome_caml/core/ml_EntityReference.c
Examining data/gmetadom-0.2.6/src/gdome_caml/core/ml_Text.c
Examining data/gmetadom-0.2.6/src/gdome_caml/core/ml_Element.c
Examining data/gmetadom-0.2.6/src/gdome_caml/core/ml_Document.c
Examining data/gmetadom-0.2.6/src/gdome_caml/core/ml_DocumentFragment.c
Examining data/gmetadom-0.2.6/src/gdome_caml/core/ml_NamedNodeMap.c
Examining data/gmetadom-0.2.6/src/gdome_caml/core/ml_Notation.c
Examining data/gmetadom-0.2.6/src/gdome_caml/core/ml_CDATASection.c
Examining data/gmetadom-0.2.6/src/gdome_caml/core/ml_CharacterData.c
Examining data/gmetadom-0.2.6/src/gdome_caml/core/ml_Entity.c
Examining data/gmetadom-0.2.6/src/gdome_caml/core/ml_DocumentType.c
Examining data/gmetadom-0.2.6/src/gdome_caml/core/ml_NodeList.c
Examining data/gmetadom-0.2.6/src/gdome_caml/core/ml_ProcessingInstruction.c
Examining data/gmetadom-0.2.6/src/gdome_caml/core/ml_Node.c
Examining data/gmetadom-0.2.6/src/gdome_caml/core/ml_Attr.c
Examining data/gmetadom-0.2.6/src/gdome_caml/core/ml_Comment.c
Examining data/gmetadom-0.2.6/src/gdome_caml/ml_DOMImplementation.c
Examining data/gmetadom-0.2.6/src/gdome_caml/basic/ml_misc.c
Examining data/gmetadom-0.2.6/src/gdome_caml/basic/ml_DOMString.c
Examining data/gmetadom-0.2.6/src/gdome_cpp_smart/test/main.cc
Examining data/gmetadom-0.2.6/src/gdome_cpp_smart/test/basic.cc
Examining data/gmetadom-0.2.6/src/gdome_cpp_smart/test/deep.cc
Examining data/gmetadom-0.2.6/src/gdome_cpp_smart/events/GdomeSmartDOMHelper.cc
Examining data/gmetadom-0.2.6/src/gdome_cpp_smart/events/GdomeSmartDOMMutationEvent.cc
Examining data/gmetadom-0.2.6/src/gdome_cpp_smart/events/GdomeSmartDOMEventTarget.cc
Examining data/gmetadom-0.2.6/src/gdome_cpp_smart/events/GdomeSmartDOMEvent.cc
Examining data/gmetadom-0.2.6/src/gdome_cpp_smart/core/GdomeSmartDOMNamedNodeMap.cc
Examining data/gmetadom-0.2.6/src/gdome_cpp_smart/core/GdomeSmartDOMDocumentType.cc
Examining data/gmetadom-0.2.6/src/gdome_cpp_smart/core/GdomeSmartDOMAttr.cc
Examining data/gmetadom-0.2.6/src/gdome_cpp_smart/core/GdomeSmartDOMDocument.cc
Examining data/gmetadom-0.2.6/src/gdome_cpp_smart/core/GdomeSmartDOMNodeList.cc
Examining data/gmetadom-0.2.6/src/gdome_cpp_smart/core/GdomeSmartDOMNode.cc
Examining data/gmetadom-0.2.6/src/gdome_cpp_smart/core/GdomeSmartDOMCDATASection.cc
Examining data/gmetadom-0.2.6/src/gdome_cpp_smart/core/GdomeSmartDOMText.cc
Examining data/gmetadom-0.2.6/src/gdome_cpp_smart/core/GdomeSmartDOMElement.cc
Examining data/gmetadom-0.2.6/src/gdome_cpp_smart/core/GdomeSmartDOMEntityReference.cc
Examining data/gmetadom-0.2.6/src/gdome_cpp_smart/core/GdomeSmartDOMDocumentFragment.cc
Examining data/gmetadom-0.2.6/src/gdome_cpp_smart/core/GdomeSmartDOMEntity.cc
Examining data/gmetadom-0.2.6/src/gdome_cpp_smart/core/GdomeSmartDOMNotation.cc
Examining data/gmetadom-0.2.6/src/gdome_cpp_smart/core/GdomeSmartDOMCharacterData.cc
Examining data/gmetadom-0.2.6/src/gdome_cpp_smart/core/GdomeSmartDOMProcessingInstruction.cc
Examining data/gmetadom-0.2.6/src/gdome_cpp_smart/core/GdomeSmartDOMComment.cc
Examining data/gmetadom-0.2.6/src/gdome_cpp_smart/basic/GdomeSmartDOMDOMException.cc
Examining data/gmetadom-0.2.6/src/gdome_cpp_smart/basic/GdomeSmartDOMGdomeString.cc
Examining data/gmetadom-0.2.6/src/gdome_cpp_smart/GdomeSmartDOMDOMImplementation.cc

FINAL RESULTS:

data/gmetadom-0.2.6/src/gdome_cpp_smart/basic/GdomeSmartDOMGdomeString.cc:79:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char buffer[128];
data/gmetadom-0.2.6/src/gdome_cpp_smart/basic/GdomeSmartDOMGdomeString.cc:87:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(inbuf, source, inBytesLeft);
data/gmetadom-0.2.6/src/gdome_cpp_smart/basic/GdomeSmartDOMGdomeString.cc:107:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(res, buffer, n);
data/gmetadom-0.2.6/src/gdome_cpp_smart/basic/GdomeSmartDOMGdomeString.cc:111:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(newRes, res, nConv);
data/gmetadom-0.2.6/src/gdome_cpp_smart/basic/GdomeSmartDOMGdomeString.cc:112:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(newRes + nConv, buffer, n);
data/gmetadom-0.2.6/src/gdome_cpp_smart/basic/GdomeSmartDOMGdomeString.cc:240:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(buffer, s.data(), s.length());
data/gmetadom-0.2.6/src/gdome_cpp_smart/basic/GdomeSmartDOMGdomeString.cc:255:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(buffer, destBuffer, length);
data/gmetadom-0.2.6/src/gdome_cpp_smart/basic/GdomeSmartDOMGdomeString.cc:271:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(buffer, destBuffer, length);
data/gmetadom-0.2.6/src/gdome_cpp_smart/test/deep.cc:83:10:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
  doTest(atoi(argv[1]), argv[2]);
data/gmetadom-0.2.6/src/gdome_cpp_smart/test/main.cc:170:23:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
  for (int i = 0; i < atoi(argv[1]); i++) doTest(argc - 2, argv + 2);

ANALYSIS SUMMARY:

Hits = 10
Lines analyzed = 7638 in approximately 0.33 seconds (22800 lines/second)
Physical Source Lines of Code (SLOC) = 4931
Hits@level = [0]   0 [1]   0 [2]  10 [3]   0 [4]   0 [5]   0
Hits@level+ = [0+]  10 [1+]  10 [2+]  10 [3+]   0 [4+]   0 [5+]   0
Hits/KSLOC@level+ = [0+] 2.02799 [1+] 2.02799 [2+] 2.02799 [3+]   0 [4+]   0 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.