Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/mwrap-1.0/example/fem/src/assembler.cc
Examining data/mwrap-1.0/example/fem/src/assembler.h
Examining data/mwrap-1.0/example/fem/src/assembler2.cc
Examining data/mwrap-1.0/example/fem/src/assembler2.h
Examining data/mwrap-1.0/example/fem/src/elastic2d.cc
Examining data/mwrap-1.0/example/fem/src/elastic2d.h
Examining data/mwrap-1.0/example/fem/src/elastic2d1.cc
Examining data/mwrap-1.0/example/fem/src/etype.h
Examining data/mwrap-1.0/example/fem/src/feintegrals.h
Examining data/mwrap-1.0/example/fem/src/feshapes.h
Examining data/mwrap-1.0/example/fem/src/gauss2by2.cc
Examining data/mwrap-1.0/example/fem/src/gauss2by2.h
Examining data/mwrap-1.0/example/fem/src/mesh.cc
Examining data/mwrap-1.0/example/fem/src/mesh.h
Examining data/mwrap-1.0/example/fem/src/quad2d.cc
Examining data/mwrap-1.0/example/fem/src/quad2d.h
Examining data/mwrap-1.0/example/fem/src/quad2d1.cc
Examining data/mwrap-1.0/example/fem/src/scalar1d.cc
Examining data/mwrap-1.0/example/fem/src/scalar1d.h
Examining data/mwrap-1.0/example/fem/src/scalar2d.cc
Examining data/mwrap-1.0/example/fem/src/scalar2d.h
Examining data/mwrap-1.0/src/mwrap-ast.cc
Examining data/mwrap-1.0/src/mwrap-ast.h
Examining data/mwrap-1.0/src/mwrap-cgen.cc
Examining data/mwrap-1.0/src/mwrap-mgen.cc
Examining data/mwrap-1.0/src/mwrap-support.c
Examining data/mwrap-1.0/src/mwrap-typecheck.cc
Examining data/mwrap-1.0/src/stringify.c
FINAL RESULTS:
data/mwrap-1.0/src/mwrap-cgen.cc:483:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(typebuf, "%s*", v->basetype);
data/mwrap-1.0/src/mwrap-cgen.cc:485:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(typebuf, "const %s*", v->basetype);
data/mwrap-1.0/src/mwrap-cgen.cc:495:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(typebuf, "%s", v->basetype);
data/mwrap-1.0/src/mwrap-cgen.cc:577:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(typebuf, f->classv);
data/mwrap-1.0/src/mwrap-support.c:72:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
sscanf(pbuf, fmt, &p);
data/mwrap-1.0/src/mwrap-support.c:92:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(pbuf, fmt, p);
data/mwrap-1.0/src/mwrap-support.c:322:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
sscanf(pbuf, fmt, &p);
data/mwrap-1.0/src/mwrap-support.c:342:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(pbuf, fmt, p);
data/mwrap-1.0/src/mwrap-support.c:568:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
sscanf(pbuf, fmt, &p);
data/mwrap-1.0/src/mwrap-support.c:588:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(pbuf, fmt, p);
data/mwrap-1.0/src/mwrap-support.c:769:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
sscanf(pbuf, fmt, &p);
data/mwrap-1.0/src/mwrap-support.c:789:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(pbuf, fmt, p);
data/mwrap-1.0/src/mwrap-cgen.cc:58:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "out%d_", v->output_label);
data/mwrap-1.0/src/mwrap-cgen.cc:60:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "in%d_", v->input_label);
data/mwrap-1.0/src/mwrap-cgen.cc:497:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(typebuf, "char*");
data/mwrap-1.0/src/mwrap-cgen.cc:499:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(typebuf, "const mxArray*");
data/mwrap-1.0/src/mwrap-cgen.cc:501:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(typebuf, "mxArray*");
data/mwrap-1.0/src/mwrap-cgen.cc:514:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typebuf[128];
data/mwrap-1.0/src/mwrap-cgen.cc:533:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typebuf[128];
data/mwrap-1.0/src/mwrap-cgen.cc:576:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typebuf[128];
data/mwrap-1.0/src/mwrap-cgen.cc:993:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namebuf[128];
data/mwrap-1.0/src/mwrap-cgen.cc:1149:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namebuf[128];
data/mwrap-1.0/src/mwrap-cgen.cc:1263:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namebuf[1280];
data/mwrap-1.0/src/mwrap-support.c:70:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pbuf[128];
data/mwrap-1.0/src/mwrap-support.c:91:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pbuf[128];
data/mwrap-1.0/src/mwrap-support.c:320:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pbuf[128];
data/mwrap-1.0/src/mwrap-support.c:341:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pbuf[128];
data/mwrap-1.0/src/mwrap-support.c:566:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pbuf[128];
data/mwrap-1.0/src/mwrap-support.c:587:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pbuf[128];
data/mwrap-1.0/src/mwrap-support.c:767:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pbuf[128];
data/mwrap-1.0/src/mwrap-support.c:788:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pbuf[128];
data/mwrap-1.0/src/stringify.c:16:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[512];
data/mwrap-1.0/src/mwrap-cgen.cc:578:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(typebuf, "*");
ANALYSIS SUMMARY:
Hits = 33
Lines analyzed = 5501 in approximately 0.19 seconds (29095 lines/second)
Physical Source Lines of Code (SLOC) = 3958
Hits@level = [0] 271 [1] 1 [2] 20 [3] 0 [4] 12 [5] 0
Hits@level+ = [0+] 304 [1+] 33 [2+] 32 [3+] 12 [4+] 12 [5+] 0
Hits/KSLOC@level+ = [0+] 76.8065 [1+] 8.33754 [2+] 8.08489 [3+] 3.03183 [4+] 3.03183 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.