Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/libsnl-0.2.1.svn.18/src/snlCtrlPointNetSurface.h Examining data/libsnl-0.2.1.svn.18/src/snlUtil.cpp Examining data/libsnl-0.2.1.svn.18/src/snlTransform.cpp Examining data/libsnl-0.2.1.svn.18/src/snlCircularOffsetCurve.cpp Examining data/libsnl-0.2.1.svn.18/src/snlSurface_pointLoop.h Examining data/libsnl-0.2.1.svn.18/src/snlSurface_projection.cpp Examining data/libsnl-0.2.1.svn.18/src/snlMeshable.cpp Examining data/libsnl-0.2.1.svn.18/src/snlVertexNet.h Examining data/libsnl-0.2.1.svn.18/src/snlSurfaceBase.h Examining data/libsnl-0.2.1.svn.18/src/snlUtil.h Examining data/libsnl-0.2.1.svn.18/src/snlCurveBase.h Examining data/libsnl-0.2.1.svn.18/src/snlSurface.cpp Examining data/libsnl-0.2.1.svn.18/src/snlCurve.h Examining data/libsnl-0.2.1.svn.18/src/ptrList.h Examining data/libsnl-0.2.1.svn.18/src/snlTriangleMesh.h Examining data/libsnl-0.2.1.svn.18/src/snlMeshable.h Examining data/libsnl-0.2.1.svn.18/src/snlTransform.h Examining data/libsnl-0.2.1.svn.18/src/snlVertex.cpp Examining data/libsnl-0.2.1.svn.18/src/snlSurfaceOfRevolution.h Examining data/libsnl-0.2.1.svn.18/src/snlCurve.cpp Examining data/libsnl-0.2.1.svn.18/src/snlCtrlPointNetCurve.h Examining data/libsnl-0.2.1.svn.18/src/snlCtrlPointNet.h Examining data/libsnl-0.2.1.svn.18/src/snlCtrlPoint.h Examining data/libsnl-0.2.1.svn.18/src/snlVector.h Examining data/libsnl-0.2.1.svn.18/src/snlVertexNet.cpp Examining data/libsnl-0.2.1.svn.18/src/snlSurface_pointLoop.cpp Examining data/libsnl-0.2.1.svn.18/src/snlPoint.cpp Examining data/libsnl-0.2.1.svn.18/src/snlVector.cpp Examining data/libsnl-0.2.1.svn.18/src/dynamicArray.h Examining data/libsnl-0.2.1.svn.18/src/snlCtrlPoint.cpp Examining data/libsnl-0.2.1.svn.18/src/snlMatrix_4x4.cpp Examining data/libsnl-0.2.1.svn.18/src/snlVersion.h Examining data/libsnl-0.2.1.svn.18/src/snlSurface_projection.h Examining data/libsnl-0.2.1.svn.18/src/snlCircularOffsetCurve.h Examining data/libsnl-0.2.1.svn.18/src/snlSurface.h Examining data/libsnl-0.2.1.svn.18/src/snlTriangleMesh.cpp Examining data/libsnl-0.2.1.svn.18/src/snlNurbsCommon.h Examining data/libsnl-0.2.1.svn.18/src/snlSurfaceOfRevolution.cpp Examining data/libsnl-0.2.1.svn.18/src/snlNurbsCommon.cpp Examining data/libsnl-0.2.1.svn.18/src/snlKnotVector.cpp Examining data/libsnl-0.2.1.svn.18/src/snlMatrix_4x4.h Examining data/libsnl-0.2.1.svn.18/src/snlCtrlPointNet.cpp Examining data/libsnl-0.2.1.svn.18/src/snlKnotVector.h Examining data/libsnl-0.2.1.svn.18/src/snlPoint.h Examining data/libsnl-0.2.1.svn.18/src/snlSquareLinear.h Examining data/libsnl-0.2.1.svn.18/src/snlCtrlPointNetSurface.cpp Examining data/libsnl-0.2.1.svn.18/src/snlSquareLinear.cpp Examining data/libsnl-0.2.1.svn.18/src/snlTest.cpp Examining data/libsnl-0.2.1.svn.18/src/snlVertex.h Examining data/libsnl-0.2.1.svn.18/src/snlCtrlPointNetCurve.cpp FINAL RESULTS: data/libsnl-0.2.1.svn.18/src/snlKnotVector.cpp:74:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). kvType = open; data/libsnl-0.2.1.svn.18/src/snlKnotVector.cpp:112:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). kvType = open; data/libsnl-0.2.1.svn.18/src/snlKnotVector.cpp:146:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). kvType = open; data/libsnl-0.2.1.svn.18/src/snlKnotVector.cpp:655:44: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( param == knots [ 0 ] && kvType == open ) data/libsnl-0.2.1.svn.18/src/snlKnotVector.cpp:667:57: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( param == knots [ vectorSize - 1 ] && kvType == open ) ANALYSIS SUMMARY: Hits = 5 Lines analyzed = 20070 in approximately 0.36 seconds (56116 lines/second) Physical Source Lines of Code (SLOC) = 11029 Hits@level = [0] 0 [1] 0 [2] 5 [3] 0 [4] 0 [5] 0 Hits@level+ = [0+] 5 [1+] 5 [2+] 5 [3+] 0 [4+] 0 [5+] 0 Hits/KSLOC@level+ = [0+] 0.45335 [1+] 0.45335 [2+] 0.45335 [3+] 0 [4+] 0 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.