stdin

Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libsnl-0.2.1.svn.18/src/snlCtrlPointNetSurface.h
Examining data/libsnl-0.2.1.svn.18/src/snlUtil.cpp
Examining data/libsnl-0.2.1.svn.18/src/snlTransform.cpp
Examining data/libsnl-0.2.1.svn.18/src/snlCircularOffsetCurve.cpp
Examining data/libsnl-0.2.1.svn.18/src/snlSurface_pointLoop.h
Examining data/libsnl-0.2.1.svn.18/src/snlSurface_projection.cpp
Examining data/libsnl-0.2.1.svn.18/src/snlMeshable.cpp
Examining data/libsnl-0.2.1.svn.18/src/snlVertexNet.h
Examining data/libsnl-0.2.1.svn.18/src/snlSurfaceBase.h
Examining data/libsnl-0.2.1.svn.18/src/snlUtil.h
Examining data/libsnl-0.2.1.svn.18/src/snlCurveBase.h
Examining data/libsnl-0.2.1.svn.18/src/snlSurface.cpp
Examining data/libsnl-0.2.1.svn.18/src/snlCurve.h
Examining data/libsnl-0.2.1.svn.18/src/ptrList.h
Examining data/libsnl-0.2.1.svn.18/src/snlTriangleMesh.h
Examining data/libsnl-0.2.1.svn.18/src/snlMeshable.h
Examining data/libsnl-0.2.1.svn.18/src/snlTransform.h
Examining data/libsnl-0.2.1.svn.18/src/snlVertex.cpp
Examining data/libsnl-0.2.1.svn.18/src/snlSurfaceOfRevolution.h
Examining data/libsnl-0.2.1.svn.18/src/snlCurve.cpp
Examining data/libsnl-0.2.1.svn.18/src/snlCtrlPointNetCurve.h
Examining data/libsnl-0.2.1.svn.18/src/snlCtrlPointNet.h
Examining data/libsnl-0.2.1.svn.18/src/snlCtrlPoint.h
Examining data/libsnl-0.2.1.svn.18/src/snlVector.h
Examining data/libsnl-0.2.1.svn.18/src/snlVertexNet.cpp
Examining data/libsnl-0.2.1.svn.18/src/snlSurface_pointLoop.cpp
Examining data/libsnl-0.2.1.svn.18/src/snlPoint.cpp
Examining data/libsnl-0.2.1.svn.18/src/snlVector.cpp
Examining data/libsnl-0.2.1.svn.18/src/dynamicArray.h
Examining data/libsnl-0.2.1.svn.18/src/snlCtrlPoint.cpp
Examining data/libsnl-0.2.1.svn.18/src/snlMatrix_4x4.cpp
Examining data/libsnl-0.2.1.svn.18/src/snlVersion.h
Examining data/libsnl-0.2.1.svn.18/src/snlSurface_projection.h
Examining data/libsnl-0.2.1.svn.18/src/snlCircularOffsetCurve.h
Examining data/libsnl-0.2.1.svn.18/src/snlSurface.h
Examining data/libsnl-0.2.1.svn.18/src/snlTriangleMesh.cpp
Examining data/libsnl-0.2.1.svn.18/src/snlNurbsCommon.h
Examining data/libsnl-0.2.1.svn.18/src/snlSurfaceOfRevolution.cpp
Examining data/libsnl-0.2.1.svn.18/src/snlNurbsCommon.cpp
Examining data/libsnl-0.2.1.svn.18/src/snlKnotVector.cpp
Examining data/libsnl-0.2.1.svn.18/src/snlMatrix_4x4.h
Examining data/libsnl-0.2.1.svn.18/src/snlCtrlPointNet.cpp
Examining data/libsnl-0.2.1.svn.18/src/snlKnotVector.h
Examining data/libsnl-0.2.1.svn.18/src/snlPoint.h
Examining data/libsnl-0.2.1.svn.18/src/snlSquareLinear.h
Examining data/libsnl-0.2.1.svn.18/src/snlCtrlPointNetSurface.cpp
Examining data/libsnl-0.2.1.svn.18/src/snlSquareLinear.cpp
Examining data/libsnl-0.2.1.svn.18/src/snlTest.cpp
Examining data/libsnl-0.2.1.svn.18/src/snlVertex.h
Examining data/libsnl-0.2.1.svn.18/src/snlCtrlPointNetCurve.cpp

FINAL RESULTS:

data/libsnl-0.2.1.svn.18/src/snlKnotVector.cpp:74:14:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    kvType = open;
data/libsnl-0.2.1.svn.18/src/snlKnotVector.cpp:112:14:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    kvType = open;
data/libsnl-0.2.1.svn.18/src/snlKnotVector.cpp:146:14:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    kvType = open;
data/libsnl-0.2.1.svn.18/src/snlKnotVector.cpp:655:44:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ( param == knots [ 0 ] && kvType == open )
data/libsnl-0.2.1.svn.18/src/snlKnotVector.cpp:667:57:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ( param == knots [ vectorSize - 1 ] && kvType == open )

ANALYSIS SUMMARY:

Hits = 5
Lines analyzed = 20070 in approximately 0.36 seconds (56116 lines/second)
Physical Source Lines of Code (SLOC) = 11029
Hits@level = [0]   0 [1]   0 [2]   5 [3]   0 [4]   0 [5]   0
Hits@level+ = [0+]   5 [1+]   5 [2+]   5 [3+]   0 [4+]   0 [5+]   0
Hits/KSLOC@level+ = [0+] 0.45335 [1+] 0.45335 [2+] 0.45335 [3+]   0 [4+]   0 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.