Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/octave-nan-3.5.2/src/covm_mex.cpp
Examining data/octave-nan-3.5.2/src/linear_model_matlab.c
Examining data/octave-nan-3.5.2/src/tron.h
Examining data/octave-nan-3.5.2/src/tron.cpp
Examining data/octave-nan-3.5.2/src/svmpredict_mex.cpp
Examining data/octave-nan-3.5.2/src/histo_mex.cpp
Examining data/octave-nan-3.5.2/src/predict.c
Examining data/octave-nan-3.5.2/src/svm_model_matlab.h
Examining data/octave-nan-3.5.2/src/svm.cpp
Examining data/octave-nan-3.5.2/src/linear_model_matlab.h
Examining data/octave-nan-3.5.2/src/kth_element.cpp
Examining data/octave-nan-3.5.2/src/str2array.cpp
Examining data/octave-nan-3.5.2/src/svm_model_matlab.c
Examining data/octave-nan-3.5.2/src/train.c
Examining data/octave-nan-3.5.2/src/linear.h
Examining data/octave-nan-3.5.2/src/xptopen.cpp
Examining data/octave-nan-3.5.2/src/mexTF.c
Examining data/octave-nan-3.5.2/src/svmtrain_mex.cpp
Examining data/octave-nan-3.5.2/src/linear.cpp
Examining data/octave-nan-3.5.2/src/svm.h
Examining data/octave-nan-3.5.2/src/sumskipnan_mex.cpp
FINAL RESULTS:
data/octave-nan-3.5.2/src/linear.cpp:78:2: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(buf,fmt,ap);
data/octave-nan-3.5.2/src/linear.cpp:2859:6: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (fscanf(_stream, _format, _var) != 1)\
data/octave-nan-3.5.2/src/svm.cpp:91:2: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(buf,fmt,ap);
data/octave-nan-3.5.2/src/svm.cpp:2810:48: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
#define FSCANF(_stream, _format, _var) do{ if (fscanf(_stream, _format, _var) != 1) return false; }while(0)
data/octave-nan-3.5.2/src/tron.cpp:89:2: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(buf,fmt,ap);
data/octave-nan-3.5.2/src/svmtrain_mex.cpp:429:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(1);
data/octave-nan-3.5.2/src/train.c:427:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(1);
data/octave-nan-3.5.2/src/histo_mex.cpp:318:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(x + (l+j*n)*Sort.Size, Sort.Table+(idx[k] + j*Sort.Stride)*Sort.Size, Sort.Size);
data/octave-nan-3.5.2/src/kth_element.cpp:185:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(T,X,szX*sizeof(double));
data/octave-nan-3.5.2/src/linear.cpp:58:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)dst,(void *)src,sizeof(T)*n);
data/octave-nan-3.5.2/src/linear.cpp:75:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/octave-nan-3.5.2/src/linear.cpp:2803:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(model_file_name,"w");
data/octave-nan-3.5.2/src/linear.cpp:2876:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(model_file_name,"r");
data/octave-nan-3.5.2/src/linear.cpp:2901:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[81];
data/octave-nan-3.5.2/src/mexTF.c:42:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen(file, "rb");
data/octave-nan-3.5.2/src/mexTF.c:186:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, graph_def->data, dims[1]);
data/octave-nan-3.5.2/src/predict.c:269:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[CMD_LEN];
data/octave-nan-3.5.2/src/predict.c:302:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[CMD_LEN/2];
data/octave-nan-3.5.2/src/predict.c:323:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
prob_estimate_flag = atoi(argv[i]);
data/octave-nan-3.5.2/src/svm.cpp:62:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)dst,(void *)src,sizeof(T)*n);
data/octave-nan-3.5.2/src/svm.cpp:88:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/octave-nan-3.5.2/src/svm.cpp:2687:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(model_file_name,"w");
data/octave-nan-3.5.2/src/svm.cpp:2819:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[81];
data/octave-nan-3.5.2/src/svm.cpp:2927:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(model_file_name,"rb");
data/octave-nan-3.5.2/src/svmpredict_mex.cpp:338:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[CMD_LEN], *argv[CMD_LEN/2];
data/octave-nan-3.5.2/src/svmpredict_mex.cpp:358:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
prob_estimate_flag = atoi(argv[i]);
data/octave-nan-3.5.2/src/svmtrain_mex.cpp:149:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[CMD_LEN];
data/octave-nan-3.5.2/src/svmtrain_mex.cpp:150:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[CMD_LEN/2];
data/octave-nan-3.5.2/src/svmtrain_mex.cpp:193:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
param.svm_type = atoi(argv[i]);
data/octave-nan-3.5.2/src/svmtrain_mex.cpp:196:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
param.kernel_type = atoi(argv[i]);
data/octave-nan-3.5.2/src/svmtrain_mex.cpp:199:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
param.degree = atoi(argv[i]);
data/octave-nan-3.5.2/src/svmtrain_mex.cpp:223:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
param.shrinking = atoi(argv[i]);
data/octave-nan-3.5.2/src/svmtrain_mex.cpp:226:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
param.probability = atoi(argv[i]);
data/octave-nan-3.5.2/src/svmtrain_mex.cpp:234:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nr_fold = atoi(argv[i]);
data/octave-nan-3.5.2/src/svmtrain_mex.cpp:245:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
param.weight_label[param.nr_weight-1] = atoi(&argv[i-1][2]);
data/octave-nan-3.5.2/src/train.c:181:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[CMD_LEN];
data/octave-nan-3.5.2/src/train.c:182:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[CMD_LEN/2];
data/octave-nan-3.5.2/src/train.c:231:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
param.solver_type = atoi(argv[i]);
data/octave-nan-3.5.2/src/train.c:249:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nr_fold = atoi(argv[i]);
data/octave-nan-3.5.2/src/train.c:260:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
param.weight_label[param.nr_weight-1] = atoi(&argv[i-1][2]);
data/octave-nan-3.5.2/src/tron.cpp:86:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/octave-nan-3.5.2/src/tron.cpp:155:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(w_new, w, sizeof(double)*n);
data/octave-nan-3.5.2/src/tron.cpp:199:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(w, w_new, sizeof(double)*n);
data/octave-nan-3.5.2/src/xptopen.cpp:257:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Mode[3] = "r";
data/octave-nan-3.5.2/src/xptopen.cpp:260:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char H0[HeadLen0];
data/octave-nan-3.5.2/src/xptopen.cpp:268:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define fopen gzopen
data/octave-nan-3.5.2/src/xptopen.cpp:307:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fid = fopen(fn,Mode);
data/octave-nan-3.5.2/src/xptopen.cpp:566:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(f, data+bi[k]+m*bi[NS], sz);
data/octave-nan-3.5.2/src/xptopen.cpp:730:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char T0[6][5];
data/octave-nan-3.5.2/src/xptopen.cpp:765:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
t.tm_year = atoi(T0[0]);
data/octave-nan-3.5.2/src/xptopen.cpp:766:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
t.tm_mon = atoi(T0[1]);
data/octave-nan-3.5.2/src/xptopen.cpp:767:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
t.tm_mday = atoi(T0[2]);
data/octave-nan-3.5.2/src/xptopen.cpp:768:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
t.tm_hour = atoi(T0[3]);
data/octave-nan-3.5.2/src/xptopen.cpp:769:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
t.tm_min = atoi(T0[4]);
data/octave-nan-3.5.2/src/xptopen.cpp:770:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
t.tm_sec = atoi(T0[5]);
data/octave-nan-3.5.2/src/xptopen.cpp:802:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[5];
data/octave-nan-3.5.2/src/xptopen.cpp:803:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp,H0+7*80+54,4);
data/octave-nan-3.5.2/src/xptopen.cpp:805:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
NS = atoi(tmp);
data/octave-nan-3.5.2/src/xptopen.cpp:867:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(f, Data+m*recsize+POS, maxlen);
data/octave-nan-3.5.2/src/xptopen.cpp:905:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(H0,L1,strlen(L1));
data/octave-nan-3.5.2/src/xptopen.cpp:906:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(H0+80,L2,strlen(L2));
data/octave-nan-3.5.2/src/xptopen.cpp:908:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(H0+80*3,L4,strlen(L4));
data/octave-nan-3.5.2/src/xptopen.cpp:909:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(H0+80*4,L5,strlen(L5));
data/octave-nan-3.5.2/src/xptopen.cpp:910:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(H0+80*5,L6,strlen(L6));
data/octave-nan-3.5.2/src/xptopen.cpp:912:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(H0+80*7,L8,strlen(L8));
data/octave-nan-3.5.2/src/xptopen.cpp:917:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tt[20];
data/octave-nan-3.5.2/src/xptopen.cpp:919:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(H0+80*2-16,tt,16);
data/octave-nan-3.5.2/src/xptopen.cpp:920:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(H0+80*2,tt,16);
data/octave-nan-3.5.2/src/xptopen.cpp:921:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(H0+80*5+8,fn,min(8,strcspn(fn,".\x00")));
data/octave-nan-3.5.2/src/xptopen.cpp:922:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(H0+80*5+32,"XPTOPEN.MEX (OCTAVE/MATLAB)",27);
data/octave-nan-3.5.2/src/xptopen.cpp:923:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(H0+80*6-16,tt,16);
data/octave-nan-3.5.2/src/xptopen.cpp:924:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(H0+80*6,tt,16);
data/octave-nan-3.5.2/src/xptopen.cpp:926:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[17];
data/octave-nan-3.5.2/src/xptopen.cpp:927:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp,"%04i", NS); // number of variables
data/octave-nan-3.5.2/src/xptopen.cpp:928:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(H0+80*7+54, tmp, 4);
data/octave-nan-3.5.2/src/xptopen.cpp:1100:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&m, &x, 8);
data/octave-nan-3.5.2/src/svm.cpp:2796:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen(line);
data/octave-nan-3.5.2/src/svm.cpp:2909:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int c = getc(fp);
data/octave-nan-3.5.2/src/xptopen.cpp:729:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t kk[6],n=0, N=strlen(datestr[ns]);
data/octave-nan-3.5.2/src/xptopen.cpp:905:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(H0,L1,strlen(L1));
data/octave-nan-3.5.2/src/xptopen.cpp:906:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(H0+80,L2,strlen(L2));
data/octave-nan-3.5.2/src/xptopen.cpp:908:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(H0+80*3,L4,strlen(L4));
data/octave-nan-3.5.2/src/xptopen.cpp:909:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(H0+80*4,L5,strlen(L5));
data/octave-nan-3.5.2/src/xptopen.cpp:910:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(H0+80*5,L6,strlen(L6));
data/octave-nan-3.5.2/src/xptopen.cpp:912:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(H0+80*7,L8,strlen(L8));
data/octave-nan-3.5.2/src/xptopen.cpp:978:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(H2+k*sz2+8,mxGetFieldNameByNumber(PInputs[2],k),8);
data/octave-nan-3.5.2/src/xptopen.cpp:984:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count += fwrite(LO, 1, strlen(LO), fid);
ANALYSIS SUMMARY:
Hits = 87
Lines analyzed = 13868 in approximately 0.34 seconds (40791 lines/second)
Physical Source Lines of Code (SLOC) = 10726
Hits@level = [0] 73 [1] 11 [2] 69 [3] 2 [4] 5 [5] 0
Hits@level+ = [0+] 160 [1+] 87 [2+] 76 [3+] 7 [4+] 5 [5+] 0
Hits/KSLOC@level+ = [0+] 14.917 [1+] 8.11113 [2+] 7.08559 [3+] 0.65262 [4+] 0.466157 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.