stdin

Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/ots-0.5.0/src/libots.h
Examining data/ots-0.5.0/src/article.c
Examining data/ots-0.5.0/src/dictionary.c
Examining data/ots-0.5.0/src/grader.c
Examining data/ots-0.5.0/src/grader-tf.c
Examining data/ots-0.5.0/src/grader-tc.c
Examining data/ots-0.5.0/src/grader-tc.h
Examining data/ots-0.5.0/src/html.c
Examining data/ots-0.5.0/src/parser.c
Examining data/ots-0.5.0/src/text.c
Examining data/ots-0.5.0/src/stemmer.c
Examining data/ots-0.5.0/src/highlighter.c
Examining data/ots-0.5.0/src/wordlist.c
Examining data/ots-0.5.0/src/relations.c
Examining data/ots-0.5.0/src/ots.c

FINAL RESULTS:

data/ots-0.5.0/src/html.c:36:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf(score_str,"<!--(%ld)-->",aLine->score);
data/ots-0.5.0/src/ots.c:106:22:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      input_stream = fopen (input_file, "r");
data/ots-0.5.0/src/ots.c:117:23:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      output_stream = fopen (output_file, "w");
data/ots-0.5.0/src/parser.c:50:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char fread_buffer[BUFFER_SIZE];
data/ots-0.5.0/src/article.c:107:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if ((aWord == NULL) || (0==strlen(aWord)) ||(NULL==aLine)) return;
data/ots-0.5.0/src/grader-tc.c:65:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			if (li->data && strlen (li->data)) ots_add_wordstat (Doc, (char *)li->data);
data/ots-0.5.0/src/parser.c:35:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  wlen = strlen (aWord);
data/ots-0.5.0/src/parser.c:36:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  plen = strlen (post);
data/ots-0.5.0/src/parser.c:68:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy (buffer + total_read, fread_buffer, nread);
data/ots-0.5.0/src/relations.c:83:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (text!=NULL) ots_parse_stream (text,strlen(text), Art);   /* read text , put it in struct Article */
data/ots-0.5.0/src/relations.c:90:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((tmp!=NULL)&&(strlen(tmp)>0)) {g_string_append(word,tmp);
data/ots-0.5.0/src/relations.c:117:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (text!=NULL) ots_parse_stream (text,strlen(text), Art);   
data/ots-0.5.0/src/relations.c:124:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((tmp)&&(strlen(tmp)>0))
data/ots-0.5.0/src/relations.c:152:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		if ((tmplist1->data)&&(tmplist2->data)&&(strlen(tmplist2->data)>1)) 
data/ots-0.5.0/src/stemmer.c:81:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  clen = strlen (comp);
data/ots-0.5.0/src/stemmer.c:114:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  plen = strlen (pre);
data/ots-0.5.0/src/stemmer.c:115:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  wlen = strlen (aWord);
data/ots-0.5.0/src/stemmer.c:116:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nlen = strlen (new);
data/ots-0.5.0/src/stemmer.c:143:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  wlen = strlen (aWord);
data/ots-0.5.0/src/stemmer.c:144:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  plen = strlen (post);
data/ots-0.5.0/src/stemmer.c:145:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nlen = strlen (new);
data/ots-0.5.0/src/stemmer.c:324:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (strlen(normWord)<3)  /*stem is two letter long. thats not right. N(eed)==N(ation) ?*/
data/ots-0.5.0/src/text.c:42:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			if (li->data && strlen (li->data)) /*if word exists*/
data/ots-0.5.0/src/wordlist.c:174:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (0==strlen(wordString)) return;

ANALYSIS SUMMARY:

Hits = 24
Lines analyzed = 2481 in approximately 0.09 seconds (27246 lines/second)
Physical Source Lines of Code (SLOC) = 1558
Hits@level = [0]   8 [1]  20 [2]   4 [3]   0 [4]   0 [5]   0
Hits@level+ = [0+]  32 [1+]  24 [2+]   4 [3+]   0 [4+]   0 [5+]   0
Hits/KSLOC@level+ = [0+] 20.5392 [1+] 15.4044 [2+] 2.56739 [3+]   0 [4+]   0 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.