Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/netcdf-cxx-4.3.1/cxx4/example1.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncAtt.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncAtt.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncByte.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncByte.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncChar.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncChar.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncCheck.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncCheck.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncCompoundType.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncCompoundType.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncDim.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncDim.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncDouble.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncDouble.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncEnumType.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncEnumType.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncException.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncException.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncFile.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncFile.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncFill.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncFill.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncFilter.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncFilter.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncFloat.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncFloat.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncGroup.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncGroup.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncGroupAtt.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncGroupAtt.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncInt.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncInt.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncInt64.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncInt64.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncOpaqueType.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncOpaqueType.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncShort.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncShort.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncString.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncString.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncType.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncType.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncUbyte.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncUbyte.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncUint.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncUint.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncUint64.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncUint64.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncUshort.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncUshort.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncVar.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncVar.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncVarAtt.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncVarAtt.h
Examining data/netcdf-cxx-4.3.1/cxx4/ncVlenType.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/ncVlenType.h
Examining data/netcdf-cxx-4.3.1/cxx4/temp.c
Examining data/netcdf-cxx-4.3.1/cxx4/test2.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/test_att.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/test_classic.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/test_dim.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/test_filter.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/test_group.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/test_ncFile_Flags.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/test_open_close.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/test_type.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/test_type2.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/test_type3.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/test_type4.c
Examining data/netcdf-cxx-4.3.1/cxx4/test_type4.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/test_type5.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/test_utilities.h
Examining data/netcdf-cxx-4.3.1/cxx4/test_var.cpp
Examining data/netcdf-cxx-4.3.1/cxx4/test_var2.cpp
Examining data/netcdf-cxx-4.3.1/examples/pres_temp_4D_plugin_rd.cpp
Examining data/netcdf-cxx-4.3.1/examples/pres_temp_4D_plugin_wr.cpp
Examining data/netcdf-cxx-4.3.1/examples/pres_temp_4D_rd.cpp
Examining data/netcdf-cxx-4.3.1/examples/pres_temp_4D_wr.cpp
Examining data/netcdf-cxx-4.3.1/examples/sfc_pres_temp_rd.cpp
Examining data/netcdf-cxx-4.3.1/examples/sfc_pres_temp_wr.cpp
Examining data/netcdf-cxx-4.3.1/examples/simple_xy_rd.cpp
Examining data/netcdf-cxx-4.3.1/examples/simple_xy_wr.cpp
Examining data/netcdf-cxx-4.3.1/examples/simple_xy_wr_formats.cpp
Examining data/netcdf-cxx-4.3.1/plugins/H5Zbzip2.c
Examining data/netcdf-cxx-4.3.1/plugins/H5Zmisc.c
Examining data/netcdf-cxx-4.3.1/plugins/H5Ztemplate.c
Examining data/netcdf-cxx-4.3.1/plugins/H5Zutil.c
Examining data/netcdf-cxx-4.3.1/plugins/blocksort.c
Examining data/netcdf-cxx-4.3.1/plugins/bzlib.c
Examining data/netcdf-cxx-4.3.1/plugins/bzlib.h
Examining data/netcdf-cxx-4.3.1/plugins/bzlib_private.h
Examining data/netcdf-cxx-4.3.1/plugins/compress.c
Examining data/netcdf-cxx-4.3.1/plugins/crctable.c
Examining data/netcdf-cxx-4.3.1/plugins/decompress.c
Examining data/netcdf-cxx-4.3.1/plugins/h5bzip2.h
Examining data/netcdf-cxx-4.3.1/plugins/h5misc.h
Examining data/netcdf-cxx-4.3.1/plugins/huffman.c
Examining data/netcdf-cxx-4.3.1/plugins/randtable.c
FINAL RESULTS:
data/netcdf-cxx-4.3.1/plugins/bzlib.c:1418:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(mode2, writing ? "w" : "r" );
data/netcdf-cxx-4.3.1/plugins/bzlib_private.h:65:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf ( stderr, \
data/netcdf-cxx-4.3.1/plugins/bzlib_private.h:74:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr,zf)
data/netcdf-cxx-4.3.1/plugins/bzlib_private.h:76:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr,zf,za1)
data/netcdf-cxx-4.3.1/plugins/bzlib_private.h:78:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr,zf,za1,za2)
data/netcdf-cxx-4.3.1/plugins/bzlib_private.h:80:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr,zf,za1,za2,za3)
data/netcdf-cxx-4.3.1/plugins/bzlib_private.h:82:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr,zf,za1,za2,za3,za4)
data/netcdf-cxx-4.3.1/plugins/bzlib_private.h:84:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr,zf,za1,za2,za3,za4,za5)
data/netcdf-cxx-4.3.1/cxx4/ncCompoundType.cpp:134:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fieldName[NC_MAX_NAME+1];
data/netcdf-cxx-4.3.1/cxx4/ncDim.cpp:108:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dimName[NC_MAX_NAME+1];
data/netcdf-cxx-4.3.1/cxx4/ncEnumType.cpp:71:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char charName[NC_MAX_NAME+1];
data/netcdf-cxx-4.3.1/cxx4/ncEnumType.cpp:98:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char charName[NC_MAX_NAME+1];
data/netcdf-cxx-4.3.1/cxx4/ncEnumType.cpp:109:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char charName[NC_MAX_NAME+1];
data/netcdf-cxx-4.3.1/cxx4/ncEnumType.h:84:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char charName[NC_MAX_NAME+1];
data/netcdf-cxx-4.3.1/cxx4/ncFile.cpp:48:3: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open(filePath, fMode);
data/netcdf-cxx-4.3.1/cxx4/ncFile.cpp:54:3: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open(filePath, ncFileFlags);
data/netcdf-cxx-4.3.1/cxx4/ncFile.cpp:63:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void NcFile::open(const string& filePath, int ncFileFlags) {
data/netcdf-cxx-4.3.1/cxx4/ncFile.cpp:75:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void NcFile::open(const string& filePath, const FileMode fMode)
data/netcdf-cxx-4.3.1/cxx4/ncFile.cpp:106:3: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open(filePath, fMode, fFormat);
data/netcdf-cxx-4.3.1/cxx4/ncFile.cpp:125:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void NcFile::open(const string& filePath, const FileMode fMode, const FileFormat fFormat )
data/netcdf-cxx-4.3.1/cxx4/ncFile.h:74:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open(const std::string& filePath, int ncFileFlags);
data/netcdf-cxx-4.3.1/cxx4/ncFile.h:86:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open(const std::string& filePath, FileMode fMode);
data/netcdf-cxx-4.3.1/cxx4/ncFile.h:103:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open(const std::string& filePath, FileMode fMode, FileFormat fFormat);
data/netcdf-cxx-4.3.1/cxx4/ncGroup.cpp:111:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char charName[NC_MAX_NAME+1];
data/netcdf-cxx-4.3.1/cxx4/ncGroup.cpp:554:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char charName[NC_MAX_NAME+1];
data/netcdf-cxx-4.3.1/cxx4/ncGroup.cpp:569:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char charName[NC_MAX_NAME+1];
data/netcdf-cxx-4.3.1/cxx4/ncGroupAtt.cpp:60:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attName[NC_MAX_NAME+1];
data/netcdf-cxx-4.3.1/cxx4/ncType.cpp:95:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char charName[NC_MAX_NAME+1];
data/netcdf-cxx-4.3.1/cxx4/ncVar.cpp:529:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char charName[NC_MAX_NAME+1];
data/netcdf-cxx-4.3.1/cxx4/ncVarAtt.cpp:54:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attName[NC_MAX_NAME+1];
data/netcdf-cxx-4.3.1/cxx4/ncVlenType.cpp:72:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char charName[NC_MAX_NAME+1];
data/netcdf-cxx-4.3.1/cxx4/test_ncFile_Flags.cpp:47:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file.open("test_ncFile_Flags_newFile.nc",NC_SHARE | NC_NOWRITE);
data/netcdf-cxx-4.3.1/cxx4/test_open_close.cpp:27:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file.open("Doesn't Exist.",NcFile::read);
data/netcdf-cxx-4.3.1/cxx4/test_open_close.cpp:37:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file.open("firstFile.cdf",NcFile::replace);
data/netcdf-cxx-4.3.1/plugins/H5Zmisc.c:127:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newbuf,*buf,*buf_size);
data/netcdf-cxx-4.3.1/plugins/H5Zmisc.c:145:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newbuf,*buf,*buf_size);
data/netcdf-cxx-4.3.1/plugins/H5Zmisc.c:166:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mem[8];
data/netcdf-cxx-4.3.1/plugins/bzlib.c:1391:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unused[BZ_MAX_UNUSED];
data/netcdf-cxx-4.3.1/plugins/bzlib.c:1394:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mode2[10] = "";
data/netcdf-cxx-4.3.1/plugins/bzlib.c:1426:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(path,mode2);
data/netcdf-cxx-4.3.1/cxx4/ncFile.cpp:87:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
case NcFile::read:
data/netcdf-cxx-4.3.1/cxx4/ncFile.cpp:151:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
case NcFile::read:
data/netcdf-cxx-4.3.1/cxx4/ncFile.h:24:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read, //!< File exists, open read-only.
data/netcdf-cxx-4.3.1/cxx4/test_classic.cpp:38:44: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
NcFile ncFile("test_classic.nc", NcFile::read);
data/netcdf-cxx-4.3.1/cxx4/test_open_close.cpp:27:42: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
file.open("Doesn't Exist.",NcFile::read);
data/netcdf-cxx-4.3.1/examples/pres_temp_4D_plugin_rd.cpp:55:49: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
NcFile dataFile("pres_temp_4D.nc", NcFile::read);
data/netcdf-cxx-4.3.1/examples/pres_temp_4D_rd.cpp:55:49: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
NcFile dataFile("pres_temp_4D.nc", NcFile::read);
data/netcdf-cxx-4.3.1/examples/sfc_pres_temp_rd.cpp:52:48: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
NcFile dataFile("sfc_pres_temp.nc", NcFile::read);
data/netcdf-cxx-4.3.1/examples/simple_xy_rd.cpp:38:44: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
NcFile dataFile("simple_xy.nc", NcFile::read);
data/netcdf-cxx-4.3.1/plugins/H5Zmisc.c:39:13: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
static void mismatch(size_t i, const char* which);
data/netcdf-cxx-4.3.1/plugins/H5Zmisc.c:183:7: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
{mismatch(i,"signed byte"); goto fail; };
data/netcdf-cxx-4.3.1/plugins/H5Zmisc.c:188:7: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
{mismatch(i,"unsigned byte"); goto fail; };
data/netcdf-cxx-4.3.1/plugins/H5Zmisc.c:193:7: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
{mismatch(i,"signed short"); goto fail; };
data/netcdf-cxx-4.3.1/plugins/H5Zmisc.c:198:7: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
{mismatch(i,"unsigned short"); goto fail; };
data/netcdf-cxx-4.3.1/plugins/H5Zmisc.c:203:7: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
{mismatch(i,"signed int"); goto fail; };
data/netcdf-cxx-4.3.1/plugins/H5Zmisc.c:208:7: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
{mismatch(i,"unsigned int"); goto fail; };
data/netcdf-cxx-4.3.1/plugins/H5Zmisc.c:213:7: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
{mismatch(i,"float"); goto fail; };
data/netcdf-cxx-4.3.1/plugins/H5Zmisc.c:223:17: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
mismatch(i,"double");
data/netcdf-cxx-4.3.1/plugins/H5Zmisc.c:236:17: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
mismatch(i,"signed long long");
data/netcdf-cxx-4.3.1/plugins/H5Zmisc.c:248:17: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
mismatch(i,"unsigned long long");
data/netcdf-cxx-4.3.1/plugins/H5Zmisc.c:254:13: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
mismatch(i,"unexpected parameter");
data/netcdf-cxx-4.3.1/plugins/H5Zmisc.c:276:1: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
mismatch(size_t i, const char* which)
data/netcdf-cxx-4.3.1/plugins/bzlib.c:909:14: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
Int32 c = fgetc ( f );
data/netcdf-cxx-4.3.1/plugins/bzlib.c:1419:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(mode2,"b"); /* binary mode */
ANALYSIS SUMMARY:
Hits = 64
Lines analyzed = 19900 in approximately 0.65 seconds (30440 lines/second)
Physical Source Lines of Code (SLOC) = 12829
Hits@level = [0] 19 [1] 24 [2] 32 [3] 0 [4] 8 [5] 0
Hits@level+ = [0+] 83 [1+] 64 [2+] 40 [3+] 8 [4+] 8 [5+] 0
Hits/KSLOC@level+ = [0+] 6.46972 [1+] 4.9887 [2+] 3.11794 [3+] 0.623587 [4+] 0.623587 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.