Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/pd-iemutils-0.0.20181004/iem16/iem16_delay.h
Examining data/pd-iemutils-0.0.20181004/iem16/iem16.c
Examining data/pd-iemutils-0.0.20181004/iem16/table16.c
Examining data/pd-iemutils-0.0.20181004/iem16/tab16play~.c
Examining data/pd-iemutils-0.0.20181004/iem16/iem16.h
Examining data/pd-iemutils-0.0.20181004/iem16/tab16read.c
Examining data/pd-iemutils-0.0.20181004/iem16/tab16read4~.c
Examining data/pd-iemutils-0.0.20181004/iem16/vd16~.c
Examining data/pd-iemutils-0.0.20181004/iem16/tab16receive~.c
Examining data/pd-iemutils-0.0.20181004/iem16/del16read~.c
Examining data/pd-iemutils-0.0.20181004/iem16/tab16read4.c
Examining data/pd-iemutils-0.0.20181004/iem16/tab16read~.c
Examining data/pd-iemutils-0.0.20181004/iem16/tab16write.c
Examining data/pd-iemutils-0.0.20181004/iem16/tab16send~.c
Examining data/pd-iemutils-0.0.20181004/iem16/tab16write~.c
Examining data/pd-iemutils-0.0.20181004/iem16/del16write~.c
Examining data/pd-iemutils-0.0.20181004/iem16/iem16_table.h
Examining data/pd-iemutils-0.0.20181004/iem_adaptfilt/src/iem_adaptfilt.c
Examining data/pd-iemutils-0.0.20181004/iem_adaptfilt/src/FXNLMSplus2in~.c
Examining data/pd-iemutils-0.0.20181004/iem_adaptfilt/src/n_CLNLMS~.c
Examining data/pd-iemutils-0.0.20181004/iem_adaptfilt/src/NLMSCC~.c
Examining data/pd-iemutils-0.0.20181004/iem_adaptfilt/src/NLMSerr_in~.c
Examining data/pd-iemutils-0.0.20181004/iem_adaptfilt/src/NLMS~.c
Examining data/pd-iemutils-0.0.20181004/iem_adaptfilt/src/FXNLMSplus3in~.c
Examining data/pd-iemutils-0.0.20181004/iem_adaptfilt/src/n_CNLMS~.c
Examining data/pd-iemutils-0.0.20181004/iem_adaptfilt/include/iemlib.h
Examining data/pd-iemutils-0.0.20181004/iem_dp/src/tabread_dp.c
Examining data/pd-iemutils-0.0.20181004/iem_dp/src/div__.c
Examining data/pd-iemutils-0.0.20181004/iem_dp/src/delay~~.c
Examining data/pd-iemutils-0.0.20181004/iem_dp/src/mul__.c
Examining data/pd-iemutils-0.0.20181004/iem_dp/src/sub__.c
Examining data/pd-iemutils-0.0.20181004/iem_dp/src/samphold~~.c
Examining data/pd-iemutils-0.0.20181004/iem_dp/src/vline~~.c
Examining data/pd-iemutils-0.0.20181004/iem_dp/src/max~~.c
Examining data/pd-iemutils-0.0.20181004/iem_dp/src/iem_dp.h
Examining data/pd-iemutils-0.0.20181004/iem_dp/src/min__.c
Examining data/pd-iemutils-0.0.20181004/iem_dp/src/print~~.c
Examining data/pd-iemutils-0.0.20181004/iem_dp/src/min~~.c
Examining data/pd-iemutils-0.0.20181004/iem_dp/src/iemlib.h
Examining data/pd-iemutils-0.0.20181004/iem_dp/src/symtodp.c
Examining data/pd-iemutils-0.0.20181004/iem_dp/src/random__.c
Examining data/pd-iemutils-0.0.20181004/iem_dp/src/tabread~~.c
Examining data/pd-iemutils-0.0.20181004/iem_dp/src/tabwrite~~.c
Examining data/pd-iemutils-0.0.20181004/iem_dp/src/wrap~~.c
Examining data/pd-iemutils-0.0.20181004/iem_dp/src/sub~~.c
Examining data/pd-iemutils-0.0.20181004/iem_dp/src/max__.c
Examining data/pd-iemutils-0.0.20181004/iem_dp/src/div~~.c
Examining data/pd-iemutils-0.0.20181004/iem_dp/src/iem_dp.c
Examining data/pd-iemutils-0.0.20181004/iem_dp/src/dptohex.c
Examining data/pd-iemutils-0.0.20181004/iem_dp/src/ftohex.c
Examining data/pd-iemutils-0.0.20181004/iem_dp/src/dptosym.c
Examining data/pd-iemutils-0.0.20181004/iem_dp/src/tabwrite_dp.c
Examining data/pd-iemutils-0.0.20181004/iem_dp/src/add__.c
Examining data/pd-iemutils-0.0.20181004/iem_dp/src/tabread4~~.c
Examining data/pd-iemutils-0.0.20181004/iem_dp/src/add~~.c
Examining data/pd-iemutils-0.0.20181004/iem_dp/src/tabread4_dp.c
Examining data/pd-iemutils-0.0.20181004/iem_dp/src/mul~~.c
Examining data/pd-iemutils-0.0.20181004/iem_dp/src/phasor~~.c
Examining data/pd-iemutils-0.0.20181004/iem_roomsim/src/nz~.c
Examining data/pd-iemutils-0.0.20181004/iem_roomsim/src/xy_2_del_damp_phi.c
Examining data/pd-iemutils-0.0.20181004/iem_roomsim/src/early_reflections_2d.c
Examining data/pd-iemutils-0.0.20181004/iem_roomsim/src/n_delay2p_line~.c
Examining data/pd-iemutils-0.0.20181004/iem_roomsim/src/block_delay~.c
Examining data/pd-iemutils-0.0.20181004/iem_roomsim/src/iem_roomsim.c
Examining data/pd-iemutils-0.0.20181004/iem_roomsim/src/block_lp1~.c
Examining data/pd-iemutils-0.0.20181004/iem_roomsim/src/cart2del_damp_2d.c
Examining data/pd-iemutils-0.0.20181004/iem_roomsim/src/n_delay1p_line~.c
Examining data/pd-iemutils-0.0.20181004/iem_roomsim/src/xyz_3_del_damp_theta_phi.c
Examining data/pd-iemutils-0.0.20181004/iem_roomsim/src/block_peak_env~.c
Examining data/pd-iemutils-0.0.20181004/iem_roomsim/src/cart2del_damp_3d.c
Examining data/pd-iemutils-0.0.20181004/iem_roomsim/src/early_reflections_3d.c
Examining data/pd-iemutils-0.0.20181004/iem_roomsim/include/iem_roomsim.h
Examining data/pd-iemutils-0.0.20181004/iem_roomsim/include/iemlib.h
Examining data/pd-iemutils-0.0.20181004/iem_spec2/src/spec2_mul_scalar~.c
Examining data/pd-iemutils-0.0.20181004/iem_spec2/src/spec2_clip_min~.c
Examining data/pd-iemutils-0.0.20181004/iem_spec2/src/spec2_sub~.c
Examining data/pd-iemutils-0.0.20181004/iem_spec2/src/spec2_sum~.c
Examining data/pd-iemutils-0.0.20181004/iem_spec2/src/spec2_dbtopow~.c
Examining data/pd-iemutils-0.0.20181004/iem_spec2/src/spec2_mul~.c
Examining data/pd-iemutils-0.0.20181004/iem_spec2/src/spec2_1p1z_freq~.c
Examining data/pd-iemutils-0.0.20181004/iem_spec2/src/spec2_matrix_bundle_stat~.c
Examining data/pd-iemutils-0.0.20181004/iem_spec2/src/spec2_tabreceive_enable~.c
Examining data/pd-iemutils-0.0.20181004/iem_spec2/src/iem_spec2.c
Examining data/pd-iemutils-0.0.20181004/iem_spec2/src/spec2_add~.c
Examining data/pd-iemutils-0.0.20181004/iem_spec2/src/spec2_powtodb~.c
Examining data/pd-iemutils-0.0.20181004/iem_spec2/src/spec2_rmstodb~.c
Examining data/pd-iemutils-0.0.20181004/iem_spec2/src/spec2_add_scalar~.c
Examining data/pd-iemutils-0.0.20181004/iem_spec2/src/spec2_stretch~.c
Examining data/pd-iemutils-0.0.20181004/iem_spec2/src/spec2_abs~.c
Examining data/pd-iemutils-0.0.20181004/iem_spec2/src/spec2_block_delay~.c
Examining data/pd-iemutils-0.0.20181004/iem_spec2/src/spec2_sqrt~.c
Examining data/pd-iemutils-0.0.20181004/iem_spec2/src/spec2_1p1z_time~.c
Examining data/pd-iemutils-0.0.20181004/iem_spec2/src/spec2_tab_conv~.c
Examining data/pd-iemutils-0.0.20181004/iem_spec2/src/spec2_shift~.c
Examining data/pd-iemutils-0.0.20181004/iem_spec2/src/spec2_clip_max~.c
Examining data/pd-iemutils-0.0.20181004/iem_spec2/src/spec2_tabreceive~.c
Examining data/pd-iemutils-0.0.20181004/iem_spec2/src/spec2_dbtorms~.c
Examining data/pd-iemutils-0.0.20181004/iem_spec2/include/iem_spec2.h
Examining data/pd-iemutils-0.0.20181004/iem_spec2/include/iemlib.h
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_sqrt.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_div.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_counter.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_cross_corr.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_lt.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_get_size.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_rifft.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_abs.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_le_scalar.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_rmstodb.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_ne.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_lt_scalar.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_mul_scalar.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_max_index.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_complex_inv.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_rfft.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_reverse.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_le.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_dbtorms.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_add_scalar.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_ifft.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_dbtopow.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_min_max.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_conv.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_gt_scalar.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_min_index.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_find_peaks.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_powtodb.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_ne_scalar.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_eq_scalar.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_gt.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_find_exact_peaks.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_eq.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_const.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_sum.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_mls.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_add.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_carth2polar.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/iem_tab.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_complex_mul.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_fft.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_ge.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_mul.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_ge_scalar.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_copy.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/src/tab_sub.c
Examining data/pd-iemutils-0.0.20181004/iem_tab/include/iemlib.h
Examining data/pd-iemutils-0.0.20181004/iem_tab/include/iem_tab.h
Examining data/pd-iemutils-0.0.20181004/punish/triggerize-plugin/triggerize.c
Examining data/pd-iemutils-0.0.20181004/punish/patcherize-plugin/patcherize.c
Examining data/pd-iemutils-0.0.20181004/punish/doublechord-plugin/doublechord.c
FINAL RESULTS:
data/pd-iemutils-0.0.20181004/iem_adaptfilt/src/n_CLNLMS~.c:475:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "%d_%s", i+1, w_name->s_name);
data/pd-iemutils-0.0.20181004/iem_adaptfilt/src/n_CNLMS~.c:455:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "%d_%s", i+1, w_name->s_name);
data/pd-iemutils-0.0.20181004/iem_dp/src/symtodp.c:44:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, buf);
data/pd-iemutils-0.0.20181004/iem16/table16.c:154:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAXPDSTRING], *bufptr;
data/pd-iemutils-0.0.20181004/iem_adaptfilt/include/iemlib.h:176:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
# define iem_open open
data/pd-iemutils-0.0.20181004/iem_adaptfilt/include/iemlib.h:178:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
# define iem_fopen fopen
data/pd-iemutils-0.0.20181004/iem_adaptfilt/src/n_CLNLMS~.c:401:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[400];
data/pd-iemutils-0.0.20181004/iem_adaptfilt/src/n_CNLMS~.c:390:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[400];
data/pd-iemutils-0.0.20181004/iem_dp/src/dptohex.c:34:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/pd-iemutils-0.0.20181004/iem_dp/src/dptohex.c:38:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "#%08X%08X", tf.tf_i[HIOFFSET], tf.tf_i[LOWOFFSET]);
data/pd-iemutils-0.0.20181004/iem_dp/src/dptosym.c:36:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/pd-iemutils-0.0.20181004/iem_dp/src/dptosym.c:40:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "\"%.18g", d);
data/pd-iemutils-0.0.20181004/iem_dp/src/ftohex.c:29:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/pd-iemutils-0.0.20181004/iem_dp/src/ftohex.c:33:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "#%08X", (unsigned int)tf.tf_l);
data/pd-iemutils-0.0.20181004/iem_dp/src/symtodp.c:36:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[1000], buf[100], *dummy;
data/pd-iemutils-0.0.20181004/iem_dp/src/symtodp.c:43:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%g", (float)atom_getfloatarg(i, ac, av));
data/pd-iemutils-0.0.20181004/iem_roomsim/include/iemlib.h:176:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
# define iem_open open
data/pd-iemutils-0.0.20181004/iem_roomsim/include/iemlib.h:178:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
# define iem_fopen fopen
data/pd-iemutils-0.0.20181004/iem_spec2/include/iemlib.h:176:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
# define iem_open open
data/pd-iemutils-0.0.20181004/iem_spec2/include/iemlib.h:178:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
# define iem_fopen fopen
data/pd-iemutils-0.0.20181004/iem_tab/include/iemlib.h:176:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
# define iem_open open
data/pd-iemutils-0.0.20181004/iem_tab/include/iemlib.h:178:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
# define iem_fopen fopen
data/pd-iemutils-0.0.20181004/punish/patcherize-plugin/patcherize.c:489:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirbuf[MAXPDSTRING];
data/pd-iemutils-0.0.20181004/punish/patcherize-plugin/patcherize.c:492:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char objname[MAXPDSTRING];
data/pd-iemutils-0.0.20181004/punish/patcherize-plugin/patcherize.c:523:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dollstring[MAXPDSTRING];
data/pd-iemutils-0.0.20181004/punish/patcherize-plugin/patcherize.c:453:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(save2file && strcmp(name + strlen(name) - 3, ".pd")) {
data/pd-iemutils-0.0.20181004/punish/patcherize-plugin/patcherize.c:494:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len=strlen(name) -3 ;
data/pd-iemutils-0.0.20181004/punish/patcherize-plugin/patcherize.c:496:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(objname, name, MAXPDSTRING-1);
data/pd-iemutils-0.0.20181004/punish/patcherize-plugin/patcherize.c:515:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(objname, nameptr_res, MAXPDSTRING-2);
data/pd-iemutils-0.0.20181004/punish/patcherize-plugin/patcherize.c:516:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
objname[strlen(nameptr_res)-3]=0; // strip away ".pd".extension
ANALYSIS SUMMARY:
Hits = 30
Lines analyzed = 29963 in approximately 0.73 seconds (41262 lines/second)
Physical Source Lines of Code (SLOC) = 24107
Hits@level = [0] 2 [1] 5 [2] 22 [3] 0 [4] 3 [5] 0
Hits@level+ = [0+] 32 [1+] 30 [2+] 25 [3+] 3 [4+] 3 [5+] 0
Hits/KSLOC@level+ = [0+] 1.32742 [1+] 1.24445 [2+] 1.03704 [3+] 0.124445 [4+] 0.124445 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.