stdin

Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/pantomime-1.3.0+dfsg1/charsets/CharsetDecoder.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWRegEx.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWMIMEUtility.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWDNSManager.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWPOP3Store.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWPOP3CacheManager.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWWINDOWS_1251.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWISO8859_3.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWISO8859_7.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWMD5.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWISO8859_11.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWMIMEMultipart.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWISO8859_15.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/Pantomime.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/NSData+Extensions.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWFolderInformation.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWSMTP.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWLocalFolder.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWCharset.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWKOI8_U.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWWINDOWS_1252.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWMacOSXGlue.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWLocalCacheManager.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWISO8859_4.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWISO8859_8.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWUUFile.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWParser.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWStore.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWService.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWIMAPStore.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWLocalStore.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/NSString+Extensions.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWLocalFolder+mbox.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWIMAPMessage.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWKOI8_R.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWPOP3CacheObject.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWLocalMessage.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWConnection.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWWINDOWS_1253.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWISO8859_1.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWISO8859_5.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/io.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/NSFileManager+Extensions.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWISO8859_9.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWContainer.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWISO8859_13.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWInternetAddress.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWCacheManager.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWURLName.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWLocalFolder+maildir.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWPOP3Folder.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWVirtualFolder.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWIMAPFolder.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWMessage.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWWINDOWS_1250.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWWINDOWS_1254.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWIMAPCacheManager.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWISO8859_2.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWFolder.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWISO8859_6.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWPOP3Message.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWISO8859_10.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/NSScanner+Extensions.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWISO8859_14.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWFlags.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWTransport.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWSendmail.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWPart.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWConstants.h
Examining data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWTCPConnection.h

FINAL RESULTS:

data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWMD5.h:43:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char _digest[16];
data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWService.h:55:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  end = bytes = (char *)[theMutableData mutableBytes];
data/pantomime-1.3.0+dfsg1/Framework/Pantomime/CWConnection.h:110:13:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
- (ssize_t) read: (char *) buf

ANALYSIS SUMMARY:

Hits = 3
Lines analyzed = 8849 in approximately 0.31 seconds (28664 lines/second)
Physical Source Lines of Code (SLOC) = 1941
Hits@level = [0]   0 [1]   1 [2]   2 [3]   0 [4]   0 [5]   0
Hits@level+ = [0+]   3 [1+]   3 [2+]   2 [3+]   0 [4+]   0 [5+]   0
Hits/KSLOC@level+ = [0+] 1.5456 [1+] 1.5456 [2+] 1.0304 [3+]   0 [4+]   0 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.