stdin

Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/memchan-2.3+dfsg/isaac/standard.h
Examining data/memchan-2.3+dfsg/isaac/randport.c
Examining data/memchan-2.3+dfsg/isaac/rand.h
Examining data/memchan-2.3+dfsg/generic/zero.c
Examining data/memchan-2.3+dfsg/generic/null.c
Examining data/memchan-2.3+dfsg/generic/memchanStubLib.c
Examining data/memchan-2.3+dfsg/generic/memchanStubInit.c
Examining data/memchan-2.3+dfsg/generic/memchanInt.h
Examining data/memchan-2.3+dfsg/generic/memchan.h
Examining data/memchan-2.3+dfsg/generic/memchanDecls.h
Examining data/memchan-2.3+dfsg/generic/memchan.c
Examining data/memchan-2.3+dfsg/generic/init.c
Examining data/memchan-2.3+dfsg/generic/fifo.c
Examining data/memchan-2.3+dfsg/generic/fifo2.c
Examining data/memchan-2.3+dfsg/generic/counter.c
Examining data/memchan-2.3+dfsg/generic/chantest.c
Examining data/memchan-2.3+dfsg/generic/bufStubLib.c
Examining data/memchan-2.3+dfsg/generic/bufStubInit.c
Examining data/memchan-2.3+dfsg/generic/bufRange.c
Examining data/memchan-2.3+dfsg/generic/bufQueue.c
Examining data/memchan-2.3+dfsg/generic/bufIntDecls.h
Examining data/memchan-2.3+dfsg/generic/buf.h
Examining data/memchan-2.3+dfsg/generic/bufFix.c
Examining data/memchan-2.3+dfsg/generic/bufExt.c
Examining data/memchan-2.3+dfsg/generic/bufDecls.h
Examining data/memchan-2.3+dfsg/generic/buf.c
Examining data/memchan-2.3+dfsg/generic/random.c

FINAL RESULTS:

data/memchan-2.3+dfsg/generic/bufExt.c:201:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy (newBuf->readLoc, iBuf->readLoc, iBuf->writeLoc - iBuf->readLoc);
data/memchan-2.3+dfsg/generic/bufExt.c:244:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy (outbuf, iBuf->readLoc, size);
data/memchan-2.3+dfsg/generic/bufExt.c:290:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy (ndata, iBuf->data, iBuf->size);
data/memchan-2.3+dfsg/generic/bufExt.c:299:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy (iBuf->writeLoc, inbuf, size);
data/memchan-2.3+dfsg/generic/bufFix.c:44:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char       data [1]; /* Each structure is allocated big enough to hold the
data/memchan-2.3+dfsg/generic/bufFix.c:204:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy (newBuf->readLoc, iBuf->readLoc, iBuf->writeLoc - iBuf->readLoc);
data/memchan-2.3+dfsg/generic/bufFix.c:247:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy (outbuf, iBuf->readLoc, size);
data/memchan-2.3+dfsg/generic/bufFix.c:290:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy (iBuf->writeLoc, inbuf, size);
data/memchan-2.3+dfsg/generic/bufRange.c:230:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy (outbuf, Buf_PositionPtr (iBuf->loc), size);
data/memchan-2.3+dfsg/generic/counter.c:56:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char     channelName [50];
data/memchan-2.3+dfsg/generic/counter.c:73:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char     channelName [50];
data/memchan-2.3+dfsg/generic/fifo.c:317:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char             buffer [50];
data/memchan-2.3+dfsg/generic/fifo2.c:572:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char             buffer [50];
data/memchan-2.3+dfsg/generic/memchan.c:224:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy ((VOID*) buf, (VOID*) ((char*) chan->data + chan->rwLoc), toRead);
data/memchan-2.3+dfsg/generic/memchan.c:285:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy ((VOID*) ((char*) chan->data + chan->rwLoc), (VOID*) buf, toWrite);
data/memchan-2.3+dfsg/generic/memchan.c:398:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char             buffer [50];
data/memchan-2.3+dfsg/generic/memchanInt.h:147:21:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
#define LTOA(x,str) sprintf (str, "%lu", (unsigned long) (x))
data/memchan-2.3+dfsg/generic/null.c:436:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char             buffer [50];
data/memchan-2.3+dfsg/generic/random.c:204:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&buf[n], (char *)&rnd, i);
data/memchan-2.3+dfsg/generic/random.c:208:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&buf[n], (char *)&rnd, toRead-n);
data/memchan-2.3+dfsg/generic/random.c:460:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char             buffer [50];
data/memchan-2.3+dfsg/generic/random.c:528:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&instance->state.randrsl, &seed, sizeof(seed));
data/memchan-2.3+dfsg/generic/zero.c:439:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char             buffer [50];
data/memchan-2.3+dfsg/generic/bufQueue.c:152:15:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  int    got, read;
data/memchan-2.3+dfsg/generic/bufQueue.c:189:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  q->size -= read;
data/memchan-2.3+dfsg/generic/bufQueue.c:195:10:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  return read;

ANALYSIS SUMMARY:

Hits = 26
Lines analyzed = 7737 in approximately 0.24 seconds (31592 lines/second)
Physical Source Lines of Code (SLOC) = 3320
Hits@level = [0]   2 [1]   3 [2]  23 [3]   0 [4]   0 [5]   0
Hits@level+ = [0+]  28 [1+]  26 [2+]  23 [3+]   0 [4+]   0 [5+]   0
Hits/KSLOC@level+ = [0+] 8.43373 [1+] 7.83133 [2+] 6.92771 [3+]   0 [4+]   0 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.