Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/libosmium-2.15.6/benchmarks/osmium_benchmark_count.cpp Examining data/libosmium-2.15.6/benchmarks/osmium_benchmark_count_tag.cpp Examining data/libosmium-2.15.6/benchmarks/osmium_benchmark_index_map.cpp Examining data/libosmium-2.15.6/benchmarks/osmium_benchmark_mercator.cpp Examining data/libosmium-2.15.6/benchmarks/osmium_benchmark_static_vs_dynamic_index.cpp Examining data/libosmium-2.15.6/benchmarks/osmium_benchmark_write_pbf.cpp Examining data/libosmium-2.15.6/examples/osmium_amenity_list.cpp Examining data/libosmium-2.15.6/examples/osmium_area_test.cpp Examining data/libosmium-2.15.6/examples/osmium_change_tags.cpp Examining data/libosmium-2.15.6/examples/osmium_convert.cpp Examining data/libosmium-2.15.6/examples/osmium_count.cpp Examining data/libosmium-2.15.6/examples/osmium_create_pois.cpp Examining data/libosmium-2.15.6/examples/osmium_debug.cpp Examining data/libosmium-2.15.6/examples/osmium_dump_internal.cpp Examining data/libosmium-2.15.6/examples/osmium_filter_discussions.cpp Examining data/libosmium-2.15.6/examples/osmium_index_lookup.cpp Examining data/libosmium-2.15.6/examples/osmium_location_cache_create.cpp Examining data/libosmium-2.15.6/examples/osmium_location_cache_use.cpp Examining data/libosmium-2.15.6/examples/osmium_pub_names.cpp Examining data/libosmium-2.15.6/examples/osmium_read.cpp Examining data/libosmium-2.15.6/examples/osmium_read_with_progress.cpp Examining data/libosmium-2.15.6/examples/osmium_road_length.cpp Examining data/libosmium-2.15.6/examples/osmium_tiles.cpp Examining data/libosmium-2.15.6/include/gdalcpp.hpp Examining data/libosmium-2.15.6/include/osmium/area/assembler.hpp Examining data/libosmium-2.15.6/include/osmium/area/assembler_config.hpp Examining data/libosmium-2.15.6/include/osmium/area/assembler_legacy.hpp Examining data/libosmium-2.15.6/include/osmium/area/detail/basic_assembler.hpp Examining data/libosmium-2.15.6/include/osmium/area/detail/basic_assembler_with_tags.hpp Examining data/libosmium-2.15.6/include/osmium/area/detail/node_ref_segment.hpp Examining data/libosmium-2.15.6/include/osmium/area/detail/proto_ring.hpp Examining data/libosmium-2.15.6/include/osmium/area/detail/segment_list.hpp Examining data/libosmium-2.15.6/include/osmium/area/detail/vector.hpp Examining data/libosmium-2.15.6/include/osmium/area/geom_assembler.hpp Examining data/libosmium-2.15.6/include/osmium/area/multipolygon_collector.hpp Examining data/libosmium-2.15.6/include/osmium/area/multipolygon_manager.hpp Examining data/libosmium-2.15.6/include/osmium/area/multipolygon_manager_legacy.hpp Examining data/libosmium-2.15.6/include/osmium/area/problem_reporter.hpp Examining data/libosmium-2.15.6/include/osmium/area/problem_reporter_exception.hpp Examining data/libosmium-2.15.6/include/osmium/area/problem_reporter_ogr.hpp Examining data/libosmium-2.15.6/include/osmium/area/problem_reporter_stream.hpp Examining data/libosmium-2.15.6/include/osmium/area/stats.hpp Examining data/libosmium-2.15.6/include/osmium/builder/attr.hpp Examining data/libosmium-2.15.6/include/osmium/builder/builder.hpp Examining data/libosmium-2.15.6/include/osmium/builder/builder_helper.hpp Examining data/libosmium-2.15.6/include/osmium/builder/osm_object_builder.hpp Examining data/libosmium-2.15.6/include/osmium/diff_handler.hpp Examining data/libosmium-2.15.6/include/osmium/diff_iterator.hpp Examining data/libosmium-2.15.6/include/osmium/diff_visitor.hpp Examining data/libosmium-2.15.6/include/osmium/dynamic_handler.hpp Examining data/libosmium-2.15.6/include/osmium/experimental/flex_reader.hpp Examining data/libosmium-2.15.6/include/osmium/fwd.hpp Examining data/libosmium-2.15.6/include/osmium/geom/coordinates.hpp Examining data/libosmium-2.15.6/include/osmium/geom/factory.hpp Examining data/libosmium-2.15.6/include/osmium/geom/geojson.hpp Examining data/libosmium-2.15.6/include/osmium/geom/geos.hpp Examining data/libosmium-2.15.6/include/osmium/geom/haversine.hpp Examining data/libosmium-2.15.6/include/osmium/geom/mercator_projection.hpp Examining data/libosmium-2.15.6/include/osmium/geom/ogr.hpp Examining data/libosmium-2.15.6/include/osmium/geom/projection.hpp Examining data/libosmium-2.15.6/include/osmium/geom/rapid_geojson.hpp Examining data/libosmium-2.15.6/include/osmium/geom/relations.hpp Examining data/libosmium-2.15.6/include/osmium/geom/tile.hpp Examining data/libosmium-2.15.6/include/osmium/geom/util.hpp Examining data/libosmium-2.15.6/include/osmium/geom/wkb.hpp Examining data/libosmium-2.15.6/include/osmium/geom/wkt.hpp Examining data/libosmium-2.15.6/include/osmium/handler.hpp Examining data/libosmium-2.15.6/include/osmium/handler/chain.hpp Examining data/libosmium-2.15.6/include/osmium/handler/check_order.hpp Examining data/libosmium-2.15.6/include/osmium/handler/disk_store.hpp Examining data/libosmium-2.15.6/include/osmium/handler/dump.hpp Examining data/libosmium-2.15.6/include/osmium/handler/node_locations_for_ways.hpp Examining data/libosmium-2.15.6/include/osmium/handler/object_relations.hpp Examining data/libosmium-2.15.6/include/osmium/index/bool_vector.hpp Examining data/libosmium-2.15.6/include/osmium/index/detail/create_map_with_fd.hpp Examining data/libosmium-2.15.6/include/osmium/index/detail/mmap_vector_anon.hpp Examining data/libosmium-2.15.6/include/osmium/index/detail/mmap_vector_base.hpp Examining data/libosmium-2.15.6/include/osmium/index/detail/mmap_vector_file.hpp Examining data/libosmium-2.15.6/include/osmium/index/detail/tmpfile.hpp Examining data/libosmium-2.15.6/include/osmium/index/detail/vector_map.hpp Examining data/libosmium-2.15.6/include/osmium/index/detail/vector_multimap.hpp Examining data/libosmium-2.15.6/include/osmium/index/id_set.hpp Examining data/libosmium-2.15.6/include/osmium/index/index.hpp Examining data/libosmium-2.15.6/include/osmium/index/map.hpp Examining data/libosmium-2.15.6/include/osmium/index/map/all.hpp Examining data/libosmium-2.15.6/include/osmium/index/map/dense_file_array.hpp Examining data/libosmium-2.15.6/include/osmium/index/map/dense_mem_array.hpp Examining data/libosmium-2.15.6/include/osmium/index/map/dense_mmap_array.hpp Examining data/libosmium-2.15.6/include/osmium/index/map/dummy.hpp Examining data/libosmium-2.15.6/include/osmium/index/map/flex_mem.hpp Examining data/libosmium-2.15.6/include/osmium/index/map/sparse_file_array.hpp Examining data/libosmium-2.15.6/include/osmium/index/map/sparse_mem_array.hpp Examining data/libosmium-2.15.6/include/osmium/index/map/sparse_mem_map.hpp Examining data/libosmium-2.15.6/include/osmium/index/map/sparse_mem_table.hpp Examining data/libosmium-2.15.6/include/osmium/index/map/sparse_mmap_array.hpp Examining data/libosmium-2.15.6/include/osmium/index/multimap.hpp Examining data/libosmium-2.15.6/include/osmium/index/multimap/all.hpp Examining data/libosmium-2.15.6/include/osmium/index/multimap/hybrid.hpp Examining data/libosmium-2.15.6/include/osmium/index/multimap/sparse_file_array.hpp Examining data/libosmium-2.15.6/include/osmium/index/multimap/sparse_mem_array.hpp Examining data/libosmium-2.15.6/include/osmium/index/multimap/sparse_mem_multimap.hpp Examining data/libosmium-2.15.6/include/osmium/index/multimap/sparse_mmap_array.hpp Examining data/libosmium-2.15.6/include/osmium/index/node_locations_map.hpp Examining data/libosmium-2.15.6/include/osmium/index/nwr_array.hpp Examining data/libosmium-2.15.6/include/osmium/index/relations_map.hpp Examining data/libosmium-2.15.6/include/osmium/io/any_compression.hpp Examining data/libosmium-2.15.6/include/osmium/io/any_input.hpp Examining data/libosmium-2.15.6/include/osmium/io/any_output.hpp Examining data/libosmium-2.15.6/include/osmium/io/bzip2_compression.hpp Examining data/libosmium-2.15.6/include/osmium/io/compression.hpp Examining data/libosmium-2.15.6/include/osmium/io/debug_output.hpp Examining data/libosmium-2.15.6/include/osmium/io/detail/debug_output_format.hpp Examining data/libosmium-2.15.6/include/osmium/io/detail/input_format.hpp Examining data/libosmium-2.15.6/include/osmium/io/detail/o5m_input_format.hpp Examining data/libosmium-2.15.6/include/osmium/io/detail/opl_input_format.hpp Examining data/libosmium-2.15.6/include/osmium/io/detail/opl_output_format.hpp Examining data/libosmium-2.15.6/include/osmium/io/detail/opl_parser_functions.hpp Examining data/libosmium-2.15.6/include/osmium/io/detail/output_format.hpp Examining data/libosmium-2.15.6/include/osmium/io/detail/pbf.hpp Examining data/libosmium-2.15.6/include/osmium/io/detail/pbf_decoder.hpp Examining data/libosmium-2.15.6/include/osmium/io/detail/pbf_input_format.hpp Examining data/libosmium-2.15.6/include/osmium/io/detail/pbf_output_format.hpp Examining data/libosmium-2.15.6/include/osmium/io/detail/protobuf_tags.hpp Examining data/libosmium-2.15.6/include/osmium/io/detail/queue_util.hpp Examining data/libosmium-2.15.6/include/osmium/io/detail/read_thread.hpp Examining data/libosmium-2.15.6/include/osmium/io/detail/read_write.hpp Examining data/libosmium-2.15.6/include/osmium/io/detail/string_table.hpp Examining data/libosmium-2.15.6/include/osmium/io/detail/string_util.hpp Examining data/libosmium-2.15.6/include/osmium/io/detail/write_thread.hpp Examining data/libosmium-2.15.6/include/osmium/io/detail/xml_input_format.hpp Examining data/libosmium-2.15.6/include/osmium/io/detail/xml_output_format.hpp Examining data/libosmium-2.15.6/include/osmium/io/detail/zlib.hpp Examining data/libosmium-2.15.6/include/osmium/io/error.hpp Examining data/libosmium-2.15.6/include/osmium/io/file.hpp Examining data/libosmium-2.15.6/include/osmium/io/file_compression.hpp Examining data/libosmium-2.15.6/include/osmium/io/file_format.hpp Examining data/libosmium-2.15.6/include/osmium/io/gzip_compression.hpp Examining data/libosmium-2.15.6/include/osmium/io/header.hpp Examining data/libosmium-2.15.6/include/osmium/io/input_iterator.hpp Examining data/libosmium-2.15.6/include/osmium/io/o5m_input.hpp Examining data/libosmium-2.15.6/include/osmium/io/opl_input.hpp Examining data/libosmium-2.15.6/include/osmium/io/opl_output.hpp Examining data/libosmium-2.15.6/include/osmium/io/output_iterator.hpp Examining data/libosmium-2.15.6/include/osmium/io/overwrite.hpp Examining data/libosmium-2.15.6/include/osmium/io/pbf_input.hpp Examining data/libosmium-2.15.6/include/osmium/io/pbf_output.hpp Examining data/libosmium-2.15.6/include/osmium/io/reader.hpp Examining data/libosmium-2.15.6/include/osmium/io/reader_iterator.hpp Examining data/libosmium-2.15.6/include/osmium/io/reader_with_progress_bar.hpp Examining data/libosmium-2.15.6/include/osmium/io/writer.hpp Examining data/libosmium-2.15.6/include/osmium/io/writer_options.hpp Examining data/libosmium-2.15.6/include/osmium/io/xml_input.hpp Examining data/libosmium-2.15.6/include/osmium/io/xml_output.hpp Examining data/libosmium-2.15.6/include/osmium/memory/buffer.hpp Examining data/libosmium-2.15.6/include/osmium/memory/callback_buffer.hpp Examining data/libosmium-2.15.6/include/osmium/memory/collection.hpp Examining data/libosmium-2.15.6/include/osmium/memory/item.hpp Examining data/libosmium-2.15.6/include/osmium/memory/item_iterator.hpp Examining data/libosmium-2.15.6/include/osmium/object_pointer_collection.hpp Examining data/libosmium-2.15.6/include/osmium/opl.hpp Examining data/libosmium-2.15.6/include/osmium/osm.hpp Examining data/libosmium-2.15.6/include/osmium/osm/area.hpp Examining data/libosmium-2.15.6/include/osmium/osm/box.hpp Examining data/libosmium-2.15.6/include/osmium/osm/changeset.hpp Examining data/libosmium-2.15.6/include/osmium/osm/crc.hpp Examining data/libosmium-2.15.6/include/osmium/osm/crc_zlib.hpp Examining data/libosmium-2.15.6/include/osmium/osm/diff_object.hpp Examining data/libosmium-2.15.6/include/osmium/osm/entity.hpp Examining data/libosmium-2.15.6/include/osmium/osm/entity_bits.hpp Examining data/libosmium-2.15.6/include/osmium/osm/item_type.hpp Examining data/libosmium-2.15.6/include/osmium/osm/location.hpp Examining data/libosmium-2.15.6/include/osmium/osm/metadata_options.hpp Examining data/libosmium-2.15.6/include/osmium/osm/node.hpp Examining data/libosmium-2.15.6/include/osmium/osm/node_ref.hpp Examining data/libosmium-2.15.6/include/osmium/osm/node_ref_list.hpp Examining data/libosmium-2.15.6/include/osmium/osm/object.hpp Examining data/libosmium-2.15.6/include/osmium/osm/object_comparisons.hpp Examining data/libosmium-2.15.6/include/osmium/osm/relation.hpp Examining data/libosmium-2.15.6/include/osmium/osm/segment.hpp Examining data/libosmium-2.15.6/include/osmium/osm/tag.hpp Examining data/libosmium-2.15.6/include/osmium/osm/timestamp.hpp Examining data/libosmium-2.15.6/include/osmium/osm/types.hpp Examining data/libosmium-2.15.6/include/osmium/osm/types_from_string.hpp Examining data/libosmium-2.15.6/include/osmium/osm/undirected_segment.hpp Examining data/libosmium-2.15.6/include/osmium/osm/way.hpp Examining data/libosmium-2.15.6/include/osmium/relations/collector.hpp Examining data/libosmium-2.15.6/include/osmium/relations/detail/member_meta.hpp Examining data/libosmium-2.15.6/include/osmium/relations/detail/relation_meta.hpp Examining data/libosmium-2.15.6/include/osmium/relations/manager_util.hpp Examining data/libosmium-2.15.6/include/osmium/relations/members_database.hpp Examining data/libosmium-2.15.6/include/osmium/relations/relations_database.hpp Examining data/libosmium-2.15.6/include/osmium/relations/relations_manager.hpp Examining data/libosmium-2.15.6/include/osmium/storage/item_stash.hpp Examining data/libosmium-2.15.6/include/osmium/tags/filter.hpp Examining data/libosmium-2.15.6/include/osmium/tags/matcher.hpp Examining data/libosmium-2.15.6/include/osmium/tags/regex_filter.hpp Examining data/libosmium-2.15.6/include/osmium/tags/taglist.hpp Examining data/libosmium-2.15.6/include/osmium/tags/tags_filter.hpp Examining data/libosmium-2.15.6/include/osmium/thread/function_wrapper.hpp Examining data/libosmium-2.15.6/include/osmium/thread/pool.hpp Examining data/libosmium-2.15.6/include/osmium/thread/queue.hpp Examining data/libosmium-2.15.6/include/osmium/thread/util.hpp Examining data/libosmium-2.15.6/include/osmium/util/cast.hpp Examining data/libosmium-2.15.6/include/osmium/util/compatibility.hpp Examining data/libosmium-2.15.6/include/osmium/util/config.hpp Examining data/libosmium-2.15.6/include/osmium/util/delta.hpp Examining data/libosmium-2.15.6/include/osmium/util/double.hpp Examining data/libosmium-2.15.6/include/osmium/util/endian.hpp Examining data/libosmium-2.15.6/include/osmium/util/file.hpp Examining data/libosmium-2.15.6/include/osmium/util/iterator.hpp Examining data/libosmium-2.15.6/include/osmium/util/memory.hpp Examining data/libosmium-2.15.6/include/osmium/util/memory_mapping.hpp Examining data/libosmium-2.15.6/include/osmium/util/minmax.hpp Examining data/libosmium-2.15.6/include/osmium/util/misc.hpp Examining data/libosmium-2.15.6/include/osmium/util/options.hpp Examining data/libosmium-2.15.6/include/osmium/util/progress_bar.hpp Examining data/libosmium-2.15.6/include/osmium/util/string.hpp Examining data/libosmium-2.15.6/include/osmium/util/string_matcher.hpp Examining data/libosmium-2.15.6/include/osmium/util/timer.hpp Examining data/libosmium-2.15.6/include/osmium/util/verbose_output.hpp Examining data/libosmium-2.15.6/include/osmium/version.hpp Examining data/libosmium-2.15.6/include/osmium/visitor.hpp Examining data/libosmium-2.15.6/test/catch/catch.hpp Examining data/libosmium-2.15.6/test/data-tests/include/check_basics_handler.hpp Examining data/libosmium-2.15.6/test/data-tests/include/check_wkt_handler.hpp Examining data/libosmium-2.15.6/test/data-tests/include/common.hpp Examining data/libosmium-2.15.6/test/data-tests/include/testdata-testcases.hpp Examining data/libosmium-2.15.6/test/data-tests/testcases/test-100.cpp Examining data/libosmium-2.15.6/test/data-tests/testcases/test-101.cpp Examining data/libosmium-2.15.6/test/data-tests/testcases/test-102.cpp Examining data/libosmium-2.15.6/test/data-tests/testcases/test-110.cpp Examining data/libosmium-2.15.6/test/data-tests/testcases/test-111.cpp Examining data/libosmium-2.15.6/test/data-tests/testcases/test-112.cpp Examining data/libosmium-2.15.6/test/data-tests/testcases/test-113.cpp Examining data/libosmium-2.15.6/test/data-tests/testcases/test-114.cpp Examining data/libosmium-2.15.6/test/data-tests/testcases/test-115.cpp Examining data/libosmium-2.15.6/test/data-tests/testcases/test-116.cpp Examining data/libosmium-2.15.6/test/data-tests/testcases/test-120.cpp Examining data/libosmium-2.15.6/test/data-tests/testcases/test-121.cpp Examining data/libosmium-2.15.6/test/data-tests/testcases/test-122.cpp Examining data/libosmium-2.15.6/test/data-tests/testcases/test-123.cpp Examining data/libosmium-2.15.6/test/data-tests/testcases/test-124.cpp Examining data/libosmium-2.15.6/test/data-tests/testdata-multipolygon.cpp Examining data/libosmium-2.15.6/test/data-tests/testdata-overview.cpp Examining data/libosmium-2.15.6/test/data-tests/testdata-testcases.cpp Examining data/libosmium-2.15.6/test/data-tests/testdata-xml.cpp Examining data/libosmium-2.15.6/test/include/test_crc.hpp Examining data/libosmium-2.15.6/test/include/utils.hpp Examining data/libosmium-2.15.6/test/include/win_mkstemp.hpp Examining data/libosmium-2.15.6/test/t/area/test_area_id.cpp Examining data/libosmium-2.15.6/test/t/area/test_assembler.cpp Examining data/libosmium-2.15.6/test/t/area/test_node_ref_segment.cpp Examining data/libosmium-2.15.6/test/t/builder/test_attr.cpp Examining data/libosmium-2.15.6/test/t/builder/test_object_builder.cpp Examining data/libosmium-2.15.6/test/t/geom/area_helper.hpp Examining data/libosmium-2.15.6/test/t/geom/test_coordinates.cpp Examining data/libosmium-2.15.6/test/t/geom/test_crs.cpp Examining data/libosmium-2.15.6/test/t/geom/test_exception.cpp Examining data/libosmium-2.15.6/test/t/geom/test_factory_with_projection.cpp Examining data/libosmium-2.15.6/test/t/geom/test_geojson.cpp Examining data/libosmium-2.15.6/test/t/geom/test_geos.cpp Examining data/libosmium-2.15.6/test/t/geom/test_mercator.cpp Examining data/libosmium-2.15.6/test/t/geom/test_ogr.cpp Examining data/libosmium-2.15.6/test/t/geom/test_ogr_wkb.cpp Examining data/libosmium-2.15.6/test/t/geom/test_projection.cpp Examining data/libosmium-2.15.6/test/t/geom/test_tile.cpp Examining data/libosmium-2.15.6/test/t/geom/test_tile_data.hpp Examining data/libosmium-2.15.6/test/t/geom/test_wkb.cpp Examining data/libosmium-2.15.6/test/t/geom/test_wkt.cpp Examining data/libosmium-2.15.6/test/t/geom/wnl_helper.hpp Examining data/libosmium-2.15.6/test/t/handler/test_apply.cpp Examining data/libosmium-2.15.6/test/t/handler/test_check_order_handler.cpp Examining data/libosmium-2.15.6/test/t/handler/test_dynamic_handler.cpp Examining data/libosmium-2.15.6/test/t/index/test_dump_and_load_index.cpp Examining data/libosmium-2.15.6/test/t/index/test_dump_sparse_as_array.cpp Examining data/libosmium-2.15.6/test/t/index/test_file_based_index.cpp Examining data/libosmium-2.15.6/test/t/index/test_id_set.cpp Examining data/libosmium-2.15.6/test/t/index/test_id_to_location.cpp Examining data/libosmium-2.15.6/test/t/index/test_nwr_array.cpp Examining data/libosmium-2.15.6/test/t/index/test_object_pointer_collection.cpp Examining data/libosmium-2.15.6/test/t/index/test_relations_map.cpp Examining data/libosmium-2.15.6/test/t/io/test_bzip2.cpp Examining data/libosmium-2.15.6/test/t/io/test_compression_factory.cpp Examining data/libosmium-2.15.6/test/t/io/test_file_formats.cpp Examining data/libosmium-2.15.6/test/t/io/test_gzip.cpp Examining data/libosmium-2.15.6/test/t/io/test_nocompression.cpp Examining data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp Examining data/libosmium-2.15.6/test/t/io/test_output_iterator.cpp Examining data/libosmium-2.15.6/test/t/io/test_output_utils.cpp Examining data/libosmium-2.15.6/test/t/io/test_pbf.cpp Examining data/libosmium-2.15.6/test/t/io/test_reader.cpp Examining data/libosmium-2.15.6/test/t/io/test_reader_fileformat.cpp Examining data/libosmium-2.15.6/test/t/io/test_reader_with_mock_decompression.cpp Examining data/libosmium-2.15.6/test/t/io/test_reader_with_mock_parser.cpp Examining data/libosmium-2.15.6/test/t/io/test_string_table.cpp Examining data/libosmium-2.15.6/test/t/io/test_writer.cpp Examining data/libosmium-2.15.6/test/t/io/test_writer_with_mock_compression.cpp Examining data/libosmium-2.15.6/test/t/io/test_writer_with_mock_encoder.cpp Examining data/libosmium-2.15.6/test/t/memory/test_buffer_basics.cpp Examining data/libosmium-2.15.6/test/t/memory/test_buffer_node.cpp Examining data/libosmium-2.15.6/test/t/memory/test_buffer_purge.cpp Examining data/libosmium-2.15.6/test/t/memory/test_callback_buffer.cpp Examining data/libosmium-2.15.6/test/t/memory/test_item.cpp Examining data/libosmium-2.15.6/test/t/memory/test_type_is_compatible.cpp Examining data/libosmium-2.15.6/test/t/osm/test_area.cpp Examining data/libosmium-2.15.6/test/t/osm/test_box.cpp Examining data/libosmium-2.15.6/test/t/osm/test_changeset.cpp Examining data/libosmium-2.15.6/test/t/osm/test_crc.cpp Examining data/libosmium-2.15.6/test/t/osm/test_entity_bits.cpp Examining data/libosmium-2.15.6/test/t/osm/test_location.cpp Examining data/libosmium-2.15.6/test/t/osm/test_metadata.cpp Examining data/libosmium-2.15.6/test/t/osm/test_node.cpp Examining data/libosmium-2.15.6/test/t/osm/test_node_ref.cpp Examining data/libosmium-2.15.6/test/t/osm/test_object_comparisons.cpp Examining data/libosmium-2.15.6/test/t/osm/test_relation.cpp Examining data/libosmium-2.15.6/test/t/osm/test_timestamp.cpp Examining data/libosmium-2.15.6/test/t/osm/test_types_from_string.cpp Examining data/libosmium-2.15.6/test/t/osm/test_way.cpp Examining data/libosmium-2.15.6/test/t/relations/test_members_database.cpp Examining data/libosmium-2.15.6/test/t/relations/test_read_relations.cpp Examining data/libosmium-2.15.6/test/t/relations/test_relations_database.cpp Examining data/libosmium-2.15.6/test/t/relations/test_relations_manager.cpp Examining data/libosmium-2.15.6/test/t/storage/test_item_stash.cpp Examining data/libosmium-2.15.6/test/t/tags/test_filter.cpp Examining data/libosmium-2.15.6/test/t/tags/test_operators.cpp Examining data/libosmium-2.15.6/test/t/tags/test_tag_list.cpp Examining data/libosmium-2.15.6/test/t/tags/test_tag_matcher.cpp Examining data/libosmium-2.15.6/test/t/tags/test_tags_filter.cpp Examining data/libosmium-2.15.6/test/t/thread/test_pool.cpp Examining data/libosmium-2.15.6/test/t/thread/test_queue.cpp Examining data/libosmium-2.15.6/test/t/thread/test_util.cpp Examining data/libosmium-2.15.6/test/t/util/test_cast_with_assert.cpp Examining data/libosmium-2.15.6/test/t/util/test_config.cpp Examining data/libosmium-2.15.6/test/t/util/test_delta.cpp Examining data/libosmium-2.15.6/test/t/util/test_double.cpp Examining data/libosmium-2.15.6/test/t/util/test_file.cpp Examining data/libosmium-2.15.6/test/t/util/test_memory.cpp Examining data/libosmium-2.15.6/test/t/util/test_memory_mapping.cpp Examining data/libosmium-2.15.6/test/t/util/test_minmax.cpp Examining data/libosmium-2.15.6/test/t/util/test_misc.cpp Examining data/libosmium-2.15.6/test/t/util/test_options.cpp Examining data/libosmium-2.15.6/test/t/util/test_string.cpp Examining data/libosmium-2.15.6/test/t/util/test_string_matcher.cpp Examining data/libosmium-2.15.6/test/t/util/test_timer_disabled.cpp Examining data/libosmium-2.15.6/test/t/util/test_timer_enabled.cpp Examining data/libosmium-2.15.6/test/test_main.cpp FINAL RESULTS: data/libosmium-2.15.6/include/osmium/io/detail/string_util.hpp:51:24: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # define SNPRINTF std::snprintf data/libosmium-2.15.6/include/osmium/io/detail/string_util.hpp:53:19: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # define SNPRINTF _snprintf data/libosmium-2.15.6/include/osmium/io/reader.hpp:201:27: [4] (shell) execlp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (::execlp(command.c_str(), command.c_str(), "-g", filename.c_str(), nullptr) < 0) { data/libosmium-2.15.6/include/osmium/util/config.hpp:54:20: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. return getenv(var); data/libosmium-2.15.6/test/catch/catch.hpp:8785:18: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. std::srand( config.rngSeed() ); data/libosmium-2.15.6/test/data-tests/testdata-testcases.cpp:12:33: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. const char* testcases_dir = getenv("TESTCASES_DIR"); data/libosmium-2.15.6/test/data-tests/testdata-xml.cpp:25:27: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. const char* testdir = getenv("TESTDIR"); data/libosmium-2.15.6/test/include/utils.hpp:30:28: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. const char* data_dir = getenv("OSMIUM_TEST_DATA_DIR"); data/libosmium-2.15.6/examples/osmium_dump_internal.cpp:74:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). m_fd(::open(filename.c_str(), O_WRONLY | O_CREAT | O_TRUNC, 0666)) { // NOLINT(hicpp-signed-bitwise) data/libosmium-2.15.6/examples/osmium_dump_internal.cpp:125:31: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). const int data_fd = ::open(data_file.c_str(), O_WRONLY | O_CREAT | O_TRUNC, 0666); // NOLINT(hicpp-signed-bitwise) data/libosmium-2.15.6/examples/osmium_index_lookup.cpp:337:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). const int fd = ::open(options.filename(), O_RDWR); data/libosmium-2.15.6/examples/osmium_location_cache_create.cpp:76:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). const int fd = ::open(cache_filename.c_str(), O_RDWR | O_CREAT | O_TRUNC, 0666); // NOLINT(hicpp-signed-bitwise) data/libosmium-2.15.6/examples/osmium_location_cache_use.cpp:89:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). const int fd = ::open(cache_filename.c_str(), O_RDWR); data/libosmium-2.15.6/examples/osmium_tiles.cpp:39:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int zoom = std::atoi(argv[1]); // NOLINT(cert-err34-c) data/libosmium-2.15.6/include/osmium/area/problem_reporter_ogr.hpp:76:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char t[2] = {osmium::item_type_to_char(m_object_type), '\0'}; data/libosmium-2.15.6/include/osmium/index/detail/create_map_with_fd.hpp:57:34: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). const int fd = ::open(filename.c_str(), O_CREAT | O_RDWR, 0644); // NOLINT(hicpp-signed-bitwise) data/libosmium-2.15.6/include/osmium/index/detail/tmpfile.hpp:51:28: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). FILE* file = ::tmpfile(); data/libosmium-2.15.6/include/osmium/index/id_set.hpp:261:27: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ::memcpy(m_data.back().get(), ptr.get(), chunk_size); data/libosmium-2.15.6/include/osmium/io/detail/output_format.hpp:83:21: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[20]; data/libosmium-2.15.6/include/osmium/io/detail/read_write.hpp:85:34: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). const int fd = ::open(filename.c_str(), flags, 0666); data/libosmium-2.15.6/include/osmium/io/detail/read_write.hpp:113:34: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). const int fd = ::open(filename.c_str(), flags); data/libosmium-2.15.6/include/osmium/io/reader.hpp:195:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ::open("/dev/null", O_RDONLY); // stdin data/libosmium-2.15.6/include/osmium/io/reader.hpp:196:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ::open("/dev/null", O_WRONLY); // stderr data/libosmium-2.15.6/include/osmium/osm/changeset.hpp:283:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). bool open() const noexcept { data/libosmium-2.15.6/include/osmium/osm/changeset.hpp:289:21: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). return !open(); data/libosmium-2.15.6/include/osmium/osm/location.hpp:214:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[10]; data/libosmium-2.15.6/include/osmium/util/double.hpp:63:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[max_double_length]; data/libosmium-2.15.6/test/catch/catch.hpp:1612:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. struct TrueType { char sizer[1]; }; data/libosmium-2.15.6/test/catch/catch.hpp:1613:24: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. struct FalseType { char sizer[2]; }; data/libosmium-2.15.6/test/catch/catch.hpp:3207:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char storage[sizeof(T)]; data/libosmium-2.15.6/test/catch/catch.hpp:6214:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void open() { data/libosmium-2.15.6/test/catch/catch.hpp:6308:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). open(); data/libosmium-2.15.6/test/catch/catch.hpp:6354:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). tracker->open(); data/libosmium-2.15.6/test/catch/catch.hpp:6543:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char altStackMem[SIGSTKSZ]; data/libosmium-2.15.6/test/catch/catch.hpp:7190:35: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char **utf8Argv = new char *[ argc ]; data/libosmium-2.15.6/test/catch/catch.hpp:7704:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char data[bufferSize]; data/libosmium-2.15.6/test/catch/catch.hpp:7741:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). m_ofs.open( filename.c_str() ); data/libosmium-2.15.6/test/catch/catch.hpp:8988:21: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char asChar[sizeof (int)]; data/libosmium-2.15.6/test/catch/catch.hpp:9632:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[maxDoubleSize]; data/libosmium-2.15.6/test/catch/catch.hpp:9639:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer, "%.3f", duration); data/libosmium-2.15.6/test/catch/catch.hpp:9866:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char line[CATCH_CONFIG_CONSOLE_WIDTH] = {0}; data/libosmium-2.15.6/test/catch/catch.hpp:10446:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timeStamp[timeStampSize]; data/libosmium-2.15.6/test/include/win_mkstemp.hpp:29:12: [2] (tmpfile) mkstemp: Potential for temporary file vulnerability in some circumstances. Some older Unix-like systems create temp files with permission to write by all by default, so be sure to set the umask to override this. Also, some older Unix systems might fail to use O_EXCL when opening the file, so make sure that O_EXCL is used by the library (CWE-377). inline int mkstemp( char *templ ) data/libosmium-2.15.6/test/t/io/test_output_utils.cpp:183:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[4] = {0}; data/libosmium-2.15.6/test/t/io/test_reader.cpp:131:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[buffer_size]; data/libosmium-2.15.6/test/t/io/test_reader.cpp:155:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[buffer_size]; data/libosmium-2.15.6/test/t/io/test_reader.cpp:179:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[buffer_size]; data/libosmium-2.15.6/test/t/memory/test_buffer_node.cpp:68:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char data[buffer_size]; data/libosmium-2.15.6/test/t/osm/test_location.cpp:93:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[100]; data/libosmium-2.15.6/test/t/osm/test_location.cpp:100:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[100]; data/libosmium-2.15.6/test/t/osm/test_location.cpp:107:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[100]; data/libosmium-2.15.6/test/t/osm/test_location.cpp:114:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[100]; data/libosmium-2.15.6/test/t/osm/test_relation.cpp:73:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char role[2000] = ""; data/libosmium-2.15.6/test/t/tags/test_tag_list.cpp:220:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char kv[2000] = ""; data/libosmium-2.15.6/test/t/util/test_memory_mapping.cpp:115:20: [2] (tmpfile) mkstemp: Potential for temporary file vulnerability in some circumstances. Some older Unix-like systems create temp files with permission to write by all by default, so be sure to set the umask to override this. Also, some older Unix systems might fail to use O_EXCL when opening the file, so make sure that O_EXCL is used by the library (CWE-377). const int fd = mkstemp(filename); data/libosmium-2.15.6/test/t/util/test_memory_mapping.cpp:151:20: [2] (tmpfile) mkstemp: Potential for temporary file vulnerability in some circumstances. Some older Unix-like systems create temp files with permission to write by all by default, so be sure to set the umask to override this. Also, some older Unix systems might fail to use O_EXCL when opening the file, so make sure that O_EXCL is used by the library (CWE-377). const int fd = mkstemp(filename); data/libosmium-2.15.6/test/t/util/test_memory_mapping.cpp:166:20: [2] (tmpfile) mkstemp: Potential for temporary file vulnerability in some circumstances. Some older Unix-like systems create temp files with permission to write by all by default, so be sure to set the umask to override this. Also, some older Unix systems might fail to use O_EXCL when opening the file, so make sure that O_EXCL is used by the library (CWE-377). const int fd = mkstemp(filename); data/libosmium-2.15.6/test/t/util/test_memory_mapping.cpp:202:20: [2] (tmpfile) mkstemp: Potential for temporary file vulnerability in some circumstances. Some older Unix-like systems create temp files with permission to write by all by default, so be sure to set the umask to override this. Also, some older Unix systems might fail to use O_EXCL when opening the file, so make sure that O_EXCL is used by the library (CWE-377). const int fd = mkstemp(filename); data/libosmium-2.15.6/test/t/util/test_memory_mapping.cpp:227:20: [2] (tmpfile) mkstemp: Potential for temporary file vulnerability in some circumstances. Some older Unix-like systems create temp files with permission to write by all by default, so be sure to set the umask to override this. Also, some older Unix systems might fail to use O_EXCL when opening the file, so make sure that O_EXCL is used by the library (CWE-377). const int fd = mkstemp(filename); data/libosmium-2.15.6/test/t/util/test_memory_mapping.cpp:334:20: [2] (tmpfile) mkstemp: Potential for temporary file vulnerability in some circumstances. Some older Unix-like systems create temp files with permission to write by all by default, so be sure to set the umask to override this. Also, some older Unix systems might fail to use O_EXCL when opening the file, so make sure that O_EXCL is used by the library (CWE-377). const int fd = mkstemp(filename); data/libosmium-2.15.6/benchmarks/osmium_benchmark_write_pbf.cpp:29:55: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (osmium::memory::Buffer buffer = reader.read()) { // NOLINT(bugprone-use-after-move) Bug in clang-tidy https://bugs.llvm.org/show_bug.cgi?id=36516 data/libosmium-2.15.6/examples/osmium_change_tags.cpp:174:61: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (osmium::memory::Buffer input_buffer = reader.read()) { data/libosmium-2.15.6/examples/osmium_convert.cpp:138:55: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (osmium::memory::Buffer buffer = reader.read()) { // NOLINT(bugprone-use-after-move) Bug in clang-tidy https://bugs.llvm.org/show_bug.cgi?id=36516 data/libosmium-2.15.6/examples/osmium_dump_internal.cpp:159:55: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (osmium::memory::Buffer buffer = reader.read()) { data/libosmium-2.15.6/examples/osmium_read.cpp:35:55: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (osmium::memory::Buffer buffer = reader.read()) { data/libosmium-2.15.6/examples/osmium_read_with_progress.cpp:45:55: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (osmium::memory::Buffer buffer = reader.read()) { data/libosmium-2.15.6/include/osmium/area/assembler_legacy.hpp:92:54: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const std::size_t len = std::strlen(t_c.first.c_str()); data/libosmium-2.15.6/include/osmium/area/assembler_legacy.hpp:340:47: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if (!std::equal(way_fi_begin, way_fi_end, area_fi_begin) || d != std::distance(area_fi_begin, area_fi_end)) { data/libosmium-2.15.6/include/osmium/area/multipolygon_collector.hpp:202:36: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). osmium::memory::Buffer read() { data/libosmium-2.15.6/include/osmium/builder/attr.hpp:692:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). value, std::strlen(value)); data/libosmium-2.15.6/include/osmium/builder/builder.hpp:183:85: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return append(str, static_cast<osmium::memory::item_size_type>(std::strlen(str) + 1)); data/libosmium-2.15.6/include/osmium/builder/osm_object_builder.hpp:104:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (std::strlen(key) > osmium::max_osm_string_length) { data/libosmium-2.15.6/include/osmium/builder/osm_object_builder.hpp:107:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (std::strlen(value) > osmium::max_osm_string_length) { data/libosmium-2.15.6/include/osmium/builder/osm_object_builder.hpp:306:50: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). add_member(type, ref, role, std::strlen(role), full_member); data/libosmium-2.15.6/include/osmium/builder/osm_object_builder.hpp:375:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). add_user(*m_comment, user, std::strlen(user)); data/libosmium-2.15.6/include/osmium/builder/osm_object_builder.hpp:382:46: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). add_text(comment, text, std::strlen(text)); data/libosmium-2.15.6/include/osmium/builder/osm_object_builder.hpp:470:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const auto len = std::strlen(user); data/libosmium-2.15.6/include/osmium/builder/osm_object_builder.hpp:686:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const auto len = std::strlen(user); data/libosmium-2.15.6/include/osmium/experimental/flex_reader.hpp:95:36: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). osmium::memory::Buffer read() { data/libosmium-2.15.6/include/osmium/experimental/flex_reader.hpp:96:58: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). osmium::memory::Buffer buffer = m_reader.read(); data/libosmium-2.15.6/include/osmium/io/bzip2_compression.hpp:269:25: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::string read() override { data/libosmium-2.15.6/include/osmium/io/bzip2_compression.hpp:366:25: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::string read() override { data/libosmium-2.15.6/include/osmium/io/compression.hpp:108:33: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). virtual std::string read() = 0; data/libosmium-2.15.6/include/osmium/io/compression.hpp:299:25: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::string read() override { data/libosmium-2.15.6/include/osmium/io/detail/debug_output_format.hpp:276:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). max.update(std::strlen(tag.key())); data/libosmium-2.15.6/include/osmium/io/detail/debug_output_format.hpp:282:53: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). auto spacing = max() - std::strlen(tag.key()); data/libosmium-2.15.6/include/osmium/io/detail/read_thread.hpp:75:61: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::string data{m_decompressor.read()}; data/libosmium-2.15.6/include/osmium/io/detail/read_write.hpp:193:31: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). nread = ::read(fd, input_buffer, size); data/libosmium-2.15.6/include/osmium/io/detail/string_table.hpp:97:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t len = std::strlen(string) + 1; data/libosmium-2.15.6/include/osmium/io/detail/string_util.hpp:208:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char* end = data + std::strlen(data); data/libosmium-2.15.6/include/osmium/io/detail/string_util.hpp:258:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char* end = data + std::strlen(data); data/libosmium-2.15.6/include/osmium/io/gzip_compression.hpp:211:25: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::string read() override { data/libosmium-2.15.6/include/osmium/io/gzip_compression.hpp:283:25: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::string read() override { data/libosmium-2.15.6/include/osmium/io/input_iterator.hpp:67:93: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). m_buffer = std::make_shared<osmium::memory::Buffer>(std::move(m_source->read())); data/libosmium-2.15.6/include/osmium/io/reader.hpp:374:36: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). osmium::memory::Buffer read() { data/libosmium-2.15.6/include/osmium/io/reader.hpp:473:46: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (auto read_buffer = reader.read()) { data/libosmium-2.15.6/include/osmium/io/reader_with_progress_bar.hpp:72:36: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). osmium::memory::Buffer read() { data/libosmium-2.15.6/include/osmium/io/reader_with_progress_bar.hpp:73:39: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). auto buffer = Reader::read(); data/libosmium-2.15.6/include/osmium/memory/callback_buffer.hpp:158:32: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). m_callback(read()); data/libosmium-2.15.6/include/osmium/memory/callback_buffer.hpp:181:36: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). osmium::memory::Buffer read() { data/libosmium-2.15.6/include/osmium/object_pointer_collection.hpp:100:30: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. void unique(TEqual&& equal) { data/libosmium-2.15.6/include/osmium/object_pointer_collection.hpp:101:100: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. const auto last = std::unique(m_objects.begin(), m_objects.end(), std::forward<TEqual>(equal)); data/libosmium-2.15.6/include/osmium/relations/manager_util.hpp:151:41: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (auto buffer = reader.read()) { data/libosmium-2.15.6/include/osmium/relations/relations_manager.hpp:275:36: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). osmium::memory::Buffer read() { data/libosmium-2.15.6/include/osmium/relations/relations_manager.hpp:276:33: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). return m_output.read(); data/libosmium-2.15.6/include/osmium/util/string_matcher.hpp:120:15: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. class equal : public matcher { data/libosmium-2.15.6/include/osmium/util/string_matcher.hpp:126:22: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. explicit equal(std::string str) : data/libosmium-2.15.6/include/osmium/util/string_matcher.hpp:130:22: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. explicit equal(const char* str) : data/libosmium-2.15.6/include/osmium/util/string_matcher.hpp:277:45: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. equal, data/libosmium-2.15.6/include/osmium/util/string_matcher.hpp:352:23: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. m_matcher(equal{str}) { data/libosmium-2.15.6/include/osmium/util/string_matcher.hpp:361:23: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. m_matcher(equal{str}) { data/libosmium-2.15.6/test/catch/catch.hpp:7216:40: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). static_cast<void>(std::getchar()); data/libosmium-2.15.6/test/catch/catch.hpp:7221:40: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). static_cast<void>(std::getchar()); data/libosmium-2.15.6/test/catch/catch.hpp:8709:50: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. return s.size() >= prefix.size() && std::equal(prefix.begin(), prefix.end(), s.begin()); data/libosmium-2.15.6/test/catch/catch.hpp:8715:50: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. return s.size() >= suffix.size() && std::equal(suffix.rbegin(), suffix.rend(), s.rbegin()); data/libosmium-2.15.6/test/data-tests/testdata-xml.cpp:58:22: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const auto n = ::read(fd, &*input.begin(), 10000); data/libosmium-2.15.6/test/data-tests/testdata-xml.cpp:72:49: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const std::string input = gzip_decompressor.read(); data/libosmium-2.15.6/test/data-tests/testdata-xml.cpp:128:48: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). osmium::memory::Buffer buffer = reader.read(); data/libosmium-2.15.6/test/data-tests/testdata-xml.cpp:149:44: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). osmium::memory::Buffer buffer = reader.read(); data/libosmium-2.15.6/test/data-tests/testdata-xml.cpp:246:44: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). osmium::memory::Buffer buffer = reader.read(); data/libosmium-2.15.6/test/data-tests/testdata-xml.cpp:276:44: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). osmium::memory::Buffer buffer = reader.read(); data/libosmium-2.15.6/test/data-tests/testdata-xml.cpp:293:48: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). osmium::memory::Buffer buffer = reader.read(); data/libosmium-2.15.6/test/data-tests/testdata-xml.cpp:344:44: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). osmium::memory::Buffer buffer = reader.read(); data/libosmium-2.15.6/test/data-tests/testdata-xml.cpp:356:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). REQUIRE(len == std::strlen(uc)); data/libosmium-2.15.6/test/data-tests/testdata-xml.cpp:390:44: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). osmium::memory::Buffer buffer = reader.read(); data/libosmium-2.15.6/test/data-tests/testdata-xml.cpp:409:44: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). osmium::memory::Buffer buffer = reader.read(); data/libosmium-2.15.6/test/data-tests/testdata-xml.cpp:454:44: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). osmium::memory::Buffer buffer = reader.read(); data/libosmium-2.15.6/test/data-tests/testdata-xml.cpp:508:44: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). osmium::memory::Buffer buffer = reader.read(); data/libosmium-2.15.6/test/data-tests/testdata-xml.cpp:522:44: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). osmium::memory::Buffer buffer = reader.read(); data/libosmium-2.15.6/test/data-tests/testdata-xml.cpp:536:26: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). REQUIRE_FALSE(reader.read()); data/libosmium-2.15.6/test/data-tests/testdata-xml.cpp:537:27: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). REQUIRE_THROWS(reader.read()); data/libosmium-2.15.6/test/data-tests/testdata-xml.cpp:548:44: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). osmium::memory::Buffer buffer = reader.read(); data/libosmium-2.15.6/test/data-tests/testdata-xml.cpp:560:44: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). osmium::memory::Buffer buffer = reader.read(); data/libosmium-2.15.6/test/t/handler/test_apply.cpp:64:32: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const auto buffer = reader.read(); data/libosmium-2.15.6/test/t/handler/test_apply.cpp:80:26: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). auto buffer = reader.read(); data/libosmium-2.15.6/test/t/handler/test_apply.cpp:105:26: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). auto buffer = reader.read(); data/libosmium-2.15.6/test/t/index/test_id_set.cpp:252:18: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. REQUIRE(std::equal(s1.cbegin(), s1.cend(), ids.begin())); data/libosmium-2.15.6/test/t/io/test_bzip2.cpp:27:30: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). REQUIRE_THROWS_AS(decomp.read(), const osmium::bzip2_error&); data/libosmium-2.15.6/test/t/io/test_bzip2.cpp:44:40: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). for (std::string data = decomp.read(); !data.empty(); data = decomp.read()) { data/libosmium-2.15.6/test/t/io/test_bzip2.cpp:44:77: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). for (std::string data = decomp.read(); !data.empty(); data = decomp.read()) { data/libosmium-2.15.6/test/t/io/test_bzip2.cpp:69:40: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). for (std::string data = decomp.read(); !data.empty(); data = decomp.read()) { data/libosmium-2.15.6/test/t/io/test_bzip2.cpp:69:77: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). for (std::string data = decomp.read(); !data.empty(); data = decomp.read()) { data/libosmium-2.15.6/test/t/io/test_bzip2.cpp:90:30: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). REQUIRE_THROWS_AS(decomp.read(), const osmium::bzip2_error&); data/libosmium-2.15.6/test/t/io/test_gzip.cpp:17:30: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). REQUIRE_THROWS_AS(decomp.read(), const osmium::gzip_error&); data/libosmium-2.15.6/test/t/io/test_gzip.cpp:28:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). REQUIRE(decomp.read().empty()); data/libosmium-2.15.6/test/t/io/test_gzip.cpp:45:40: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). for (std::string data = decomp.read(); !data.empty(); data = decomp.read()) { data/libosmium-2.15.6/test/t/io/test_gzip.cpp:45:77: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). for (std::string data = decomp.read(); !data.empty(); data = decomp.read()) { data/libosmium-2.15.6/test/t/io/test_gzip.cpp:70:40: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). for (std::string data = decomp.read(); !data.empty(); data = decomp.read()) { data/libosmium-2.15.6/test/t/io/test_gzip.cpp:70:77: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). for (std::string data = decomp.read(); !data.empty(); data = decomp.read()) { data/libosmium-2.15.6/test/t/io/test_gzip.cpp:91:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). decomp.read(); data/libosmium-2.15.6/test/t/io/test_nocompression.cpp:11:30: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). REQUIRE_THROWS_AS(decomp.read(), const std::system_error&); data/libosmium-2.15.6/test/t/io/test_nocompression.cpp:17:30: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). REQUIRE_THROWS_AS(decomp.read(), const std::system_error&); data/libosmium-2.15.6/test/t/io/test_nocompression.cpp:28:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). REQUIRE(decomp.read().empty()); data/libosmium-2.15.6/test/t/io/test_nocompression.cpp:45:40: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). for (std::string data = decomp.read(); !data.empty(); data = decomp.read()) { data/libosmium-2.15.6/test/t/io/test_nocompression.cpp:45:77: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). for (std::string data = decomp.read(); !data.empty(); data = decomp.read()) { data/libosmium-2.15.6/test/t/io/test_nocompression.cpp:70:40: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). for (std::string data = decomp.read(); !data.empty(); data = decomp.read()) { data/libosmium-2.15.6/test/t/io/test_nocompression.cpp:70:77: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). for (std::string data = decomp.read(); !data.empty(); data = decomp.read()) { data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:104:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char* e = s + std::strlen(s); data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:113:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char* e = s + std::strlen(s); data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:122:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char* e = s + std::strlen(s); data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:131:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char* e = s + std::strlen(s); data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:165:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char* e = s + std::strlen(s); data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:173:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char* e = s + std::strlen(s); data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:218:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char* e = s + std::strlen(s); data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:227:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char* e = s + std::strlen(s); data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:307:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char* e = data + std::strlen(data); data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:315:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char* e = data + std::strlen(data); data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:328:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char* e = data + std::strlen(data); data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:355:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char* e = data + std::strlen(data); data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:430:46: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). oid::opl_parse_way_nodes(s, s + std::strlen(s), buffer); data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:436:66: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). REQUIRE_THROWS_WITH(oid::opl_parse_way_nodes(s, s + std::strlen(s), buffer), data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:442:66: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). REQUIRE_THROWS_WITH(oid::opl_parse_way_nodes(s, s + std::strlen(s), buffer), data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:448:46: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). oid::opl_parse_way_nodes(s, s + std::strlen(s), buffer); data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:457:46: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). oid::opl_parse_way_nodes(s, s + std::strlen(s), buffer); data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:471:46: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). oid::opl_parse_way_nodes(s, s + std::strlen(s), buffer); data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:485:46: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). oid::opl_parse_way_nodes(s, s + std::strlen(s), buffer); data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:508:53: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). oid::opl_parse_relation_members(s, s + std::strlen(s), buffer); data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:514:73: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). REQUIRE_THROWS_WITH(oid::opl_parse_relation_members(s, s + std::strlen(s), buffer), data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:520:73: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). REQUIRE_THROWS_WITH(oid::opl_parse_relation_members(s, s + std::strlen(s), buffer), data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:526:73: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). REQUIRE_THROWS_WITH(oid::opl_parse_relation_members(s, s + std::strlen(s), buffer), data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:532:53: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). oid::opl_parse_relation_members(s, s + std::strlen(s), buffer); data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:546:53: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). oid::opl_parse_relation_members(s, s + std::strlen(s), buffer); data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:560:53: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). oid::opl_parse_relation_members(s, s + std::strlen(s), buffer); data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:582:53: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). oid::opl_parse_relation_members(s, s + std::strlen(s), buffer); data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:610:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char* e = s + std::strlen(s); data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:620:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char* e = s + std::strlen(s); data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:630:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char* e = s + std::strlen(s); data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:641:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char* e = s + std::strlen(s); data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:652:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char* e = s + std::strlen(s); data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:663:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char* e = s + std::strlen(s); data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:682:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char* e = s + std::strlen(s); data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:707:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char* e = s + std::strlen(s); data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:731:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char* e = s + std::strlen(s); data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:741:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char* e = s + std::strlen(s); data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:782:22: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. REQUIRE(std::equal(way.nodes().cbegin(), way.nodes().cend(), ids.cbegin())); data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:793:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char* e = s + std::strlen(s); data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:803:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char* e = s + std::strlen(s); data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:850:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char* e = s + std::strlen(s); data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:860:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char* e = s + std::strlen(s); data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:1098:32: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const auto buffer = reader.read(); data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:1108:32: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const auto buffer = reader.read(); data/libosmium-2.15.6/test/t/io/test_opl_parser.cpp:1118:32: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const auto buffer = reader.read(); data/libosmium-2.15.6/test/t/io/test_reader.cpp:98:51: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (osmium::memory::Buffer buffer = reader.read()) { data/libosmium-2.15.6/test/t/io/test_reader.cpp:103:30: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). REQUIRE_THROWS_AS(reader.read(), const osmium::io_error&); data/libosmium-2.15.6/test/t/io/test_reader.cpp:132:27: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const auto length = ::read(fd, buffer, buffer_size); data/libosmium-2.15.6/test/t/io/test_reader.cpp:156:27: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const auto length = ::read(fd, buffer, buffer_size); data/libosmium-2.15.6/test/t/io/test_reader.cpp:180:27: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const auto length = ::read(fd, buffer, buffer_size); data/libosmium-2.15.6/test/t/io/test_reader.cpp:309:44: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). osmium::memory::Buffer buffer = reader.read(); data/libosmium-2.15.6/test/t/io/test_reader.cpp:312:30: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). REQUIRE_THROWS_AS(reader.read(), const osmium::io_error&); data/libosmium-2.15.6/test/t/io/test_reader.cpp:334:44: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). osmium::memory::Buffer buffer = reader.read(); data/libosmium-2.15.6/test/t/io/test_reader.cpp:340:30: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). REQUIRE_THROWS_AS(reader.read(), const osmium::io_error&); data/libosmium-2.15.6/test/t/io/test_reader_with_mock_decompression.cpp:45:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::string read() override { data/libosmium-2.15.6/test/t/io/test_reader_with_mock_decompression.cpp:105:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). reader.read(); data/libosmium-2.15.6/test/t/io/test_reader_with_mock_decompression.cpp:117:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). reader.read(); data/libosmium-2.15.6/test/t/io/test_reader_with_mock_decompression.cpp:118:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). reader.read(); data/libosmium-2.15.6/test/t/io/test_reader_with_mock_decompression.cpp:130:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). reader.read(); data/libosmium-2.15.6/test/t/io/test_reader_with_mock_decompression.cpp:131:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). reader.read(); data/libosmium-2.15.6/test/t/io/test_reader_with_mock_decompression.cpp:132:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). reader.read(); data/libosmium-2.15.6/test/t/io/test_reader_with_mock_decompression.cpp:144:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). reader.read(); data/libosmium-2.15.6/test/t/io/test_reader_with_mock_parser.cpp:67:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). REQUIRE(reader.read()); data/libosmium-2.15.6/test/t/io/test_reader_with_mock_parser.cpp:68:30: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). REQUIRE_FALSE(reader.read()); data/libosmium-2.15.6/test/t/io/test_reader_with_mock_parser.cpp:88:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). reader.read(); data/libosmium-2.15.6/test/t/io/test_reader_with_mock_parser.cpp:104:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). REQUIRE(reader.read()); data/libosmium-2.15.6/test/t/io/test_reader_with_mock_parser.cpp:105:30: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). REQUIRE_FALSE(reader.read()); data/libosmium-2.15.6/test/t/io/test_writer.cpp:19:44: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). osmium::memory::Buffer buffer = reader.read(); data/libosmium-2.15.6/test/t/io/test_writer.cpp:58:56: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). osmium::memory::Buffer buffer_check = reader_check.read(); data/libosmium-2.15.6/test/t/io/test_writer.cpp:83:62: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const osmium::memory::Buffer buffer_check = reader_check.read(); data/libosmium-2.15.6/test/t/io/test_writer.cpp:109:62: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const osmium::memory::Buffer buffer_check = reader_check.read(); data/libosmium-2.15.6/test/t/io/test_writer.cpp:134:62: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const osmium::memory::Buffer buffer_check = reader_check.read(); data/libosmium-2.15.6/test/t/io/test_writer_with_mock_compression.cpp:63:44: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). osmium::memory::Buffer buffer = reader.read(); data/libosmium-2.15.6/test/t/io/test_writer_with_mock_encoder.cpp:63:44: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). osmium::memory::Buffer buffer = reader.read(); data/libosmium-2.15.6/test/t/memory/test_callback_buffer.cpp:23:22: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). auto buffer = cb.read(); data/libosmium-2.15.6/test/t/relations/test_relations_manager.cpp:215:27: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). auto buffer = manager.read(); data/libosmium-2.15.6/test/t/tags/test_tag_list.cpp:66:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). builder.add_tag("highway", strlen("highway"), "primary", strlen("primary")); data/libosmium-2.15.6/test/t/tags/test_tag_list.cpp:66:70: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). builder.add_tag("highway", strlen("highway"), "primary", strlen("primary")); data/libosmium-2.15.6/test/t/tags/test_tag_matcher.cpp:53:53: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. osmium::TagMatcher m{osmium::StringMatcher::equal{"highway"}}; data/libosmium-2.15.6/test/t/tags/test_tag_matcher.cpp:78:53: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. osmium::TagMatcher m{osmium::StringMatcher::equal{"highway"}, data/libosmium-2.15.6/test/t/tags/test_tag_matcher.cpp:79:53: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. osmium::StringMatcher::equal{"primary"}}; data/libosmium-2.15.6/test/t/tags/test_tag_matcher.cpp:95:53: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. osmium::TagMatcher m{osmium::StringMatcher::equal{"highway"}, data/libosmium-2.15.6/test/t/tags/test_tag_matcher.cpp:96:53: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. osmium::StringMatcher::equal{"secondary"}}; data/libosmium-2.15.6/test/t/tags/test_tag_matcher.cpp:101:53: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. osmium::TagMatcher m{osmium::StringMatcher::equal{"highway"}, data/libosmium-2.15.6/test/t/tags/test_tag_matcher.cpp:102:53: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. osmium::StringMatcher::equal{"secondary"}, data/libosmium-2.15.6/test/t/tags/test_tag_matcher.cpp:111:53: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. osmium::TagMatcher m{osmium::StringMatcher::equal{"highway"}, data/libosmium-2.15.6/test/t/tags/test_tags_filter.cpp:30:73: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. filter.add_rule(true, osmium::TagMatcher{osmium::StringMatcher::equal{"highway"}}); data/libosmium-2.15.6/test/t/tags/test_tags_filter.cpp:31:73: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. filter.add_rule(true, osmium::TagMatcher{osmium::StringMatcher::equal{"amenity"}}); data/libosmium-2.15.6/test/t/tags/test_tags_filter.cpp:50:54: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. filter.add_rule(true, osmium::StringMatcher::equal{"foo"}); data/libosmium-2.15.6/test/t/tags/test_tags_filter.cpp:51:54: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. filter.add_rule(true, osmium::StringMatcher::equal{"bar"}); data/libosmium-2.15.6/test/t/tags/test_tags_filter.cpp:60:54: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. filter.add_rule(true, osmium::StringMatcher::equal{"highway"}) data/libosmium-2.15.6/test/t/tags/test_tags_filter.cpp:61:54: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. .add_rule(true, osmium::StringMatcher::equal{"source"}); data/libosmium-2.15.6/test/t/tags/test_tags_filter.cpp:123:89: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. filter.add_rule(result_type{1, true}, osmium::TagMatcher{osmium::StringMatcher::equal{"highway"}}); data/libosmium-2.15.6/test/t/tags/test_tags_filter.cpp:124:89: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. filter.add_rule(result_type{2, true}, osmium::TagMatcher{osmium::StringMatcher::equal{"amenity"}}); data/libosmium-2.15.6/test/t/tags/test_tags_filter.cpp:143:59: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. filter.add_rule({5, true}, osmium::StringMatcher::equal{"foo"}); data/libosmium-2.15.6/test/t/tags/test_tags_filter.cpp:144:59: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. filter.add_rule({6, true}, osmium::StringMatcher::equal{"bar"}); data/libosmium-2.15.6/test/t/tags/test_tags_filter.cpp:153:59: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. filter.add_rule({7, true}, osmium::StringMatcher::equal{"highway"}) data/libosmium-2.15.6/test/t/tags/test_tags_filter.cpp:154:59: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. .add_rule({8, true}, osmium::StringMatcher::equal{"source"}); data/libosmium-2.15.6/test/t/util/test_string_matcher.cpp:38:28: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. osmium::StringMatcher::equal m{"foo"}; data/libosmium-2.15.6/test/t/util/test_string_matcher.cpp:173:52: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. osmium::StringMatcher m{osmium::StringMatcher::equal{"foo"}}; ANALYSIS SUMMARY: Hits = 257 Lines analyzed = 73927 in approximately 2.13 seconds (34634 lines/second) Physical Source Lines of Code (SLOC) = 46816 Hits@level = [0] 3 [1] 197 [2] 52 [3] 5 [4] 3 [5] 0 Hits@level+ = [0+] 260 [1+] 257 [2+] 60 [3+] 8 [4+] 3 [5+] 0 Hits/KSLOC@level+ = [0+] 5.55366 [1+] 5.48958 [2+] 1.28161 [3+] 0.170882 [4+] 0.0640807 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.