Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/purify-2.0.0/cpp/AlgorithmUpdate.cc
Examining data/purify-2.0.0/cpp/AlgorithmUpdate.h
Examining data/purify-2.0.0/cpp/cmdl.cc
Examining data/purify-2.0.0/cpp/cmdl.h
Examining data/purify-2.0.0/cpp/example/casa.cc
Examining data/purify-2.0.0/cpp/example/clean_vla.cc
Examining data/purify-2.0.0/cpp/example/generate_vis_data.cc
Examining data/purify-2.0.0/cpp/example/gridding.cc
Examining data/purify-2.0.0/cpp/example/padmm_random_coverage.cc
Examining data/purify-2.0.0/cpp/example/padmm_reweighted_simulation.cc
Examining data/purify-2.0.0/cpp/example/padmm_simulation.cc
Examining data/purify-2.0.0/cpp/example/resample.cc
Examining data/purify-2.0.0/cpp/example/rm_gridding_example.cc
Examining data/purify-2.0.0/cpp/example/sara_padmm_random_coverage.cc
Examining data/purify-2.0.0/cpp/example/sdmm_m31_simulation.cc
Examining data/purify-2.0.0/cpp/example/sdmm_random_coverage.cc
Examining data/purify-2.0.0/cpp/example/sdmm_vla.cc
Examining data/purify-2.0.0/cpp/example/time_gridding_degridding.cc
Examining data/purify-2.0.0/cpp/main.cc
Examining data/purify-2.0.0/cpp/purify/FFTOperator.cc
Examining data/purify-2.0.0/cpp/purify/FFTOperator.h
Examining data/purify-2.0.0/cpp/purify/MeasurementOperator.cc
Examining data/purify-2.0.0/cpp/purify/MeasurementOperator.h
Examining data/purify-2.0.0/cpp/purify/PSFOperator.cc
Examining data/purify-2.0.0/cpp/purify/PSFOperator.h
Examining data/purify-2.0.0/cpp/purify/RMOperator.cc
Examining data/purify-2.0.0/cpp/purify/RMOperator.h
Examining data/purify-2.0.0/cpp/purify/casacore.cc
Examining data/purify-2.0.0/cpp/purify/casacore.h
Examining data/purify-2.0.0/cpp/purify/clean.cc
Examining data/purify-2.0.0/cpp/purify/clean.h
Examining data/purify-2.0.0/cpp/purify/config.in.h
Examining data/purify-2.0.0/cpp/purify/kernels.cc
Examining data/purify-2.0.0/cpp/purify/kernels.h
Examining data/purify-2.0.0/cpp/purify/logging.disabled.h
Examining data/purify-2.0.0/cpp/purify/logging.h
Examining data/purify-2.0.0/cpp/purify/pfitsio.cc
Examining data/purify-2.0.0/cpp/purify/pfitsio.h
Examining data/purify-2.0.0/cpp/purify/types.h
Examining data/purify-2.0.0/cpp/purify/utilities.cc
Examining data/purify-2.0.0/cpp/purify/utilities.h
Examining data/purify-2.0.0/cpp/purify/logging.enabled.h
Examining data/purify-2.0.0/cpp/tests/FFT_operator.cc
Examining data/purify-2.0.0/cpp/tests/casacore.cc
Examining data/purify-2.0.0/cpp/tests/directories.in.h
Examining data/purify-2.0.0/cpp/tests/measurement_operator.cc
Examining data/purify-2.0.0/cpp/tests/purify_fitsio.cc
Examining data/purify-2.0.0/cpp/tests/sparse.cc
Examining data/purify-2.0.0/cpp/tests/utils.cc
FINAL RESULTS:
data/purify-2.0.0/cpp/cmdl.cc:47:9: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt_long(argc, argv, "a:bc:defghijklmnopqrst", long_options, &option_index);
data/purify-2.0.0/cpp/main.cc:252:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out_diagnostic.open(params.name + "_diagnostic", std::ios_base::app);
data/purify-2.0.0/cpp/purify/pfitsio.cc:106:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
image.read(contents);
ANALYSIS SUMMARY:
Hits = 3
Lines analyzed = 10082 in approximately 0.41 seconds (24744 lines/second)
Physical Source Lines of Code (SLOC) = 8410
Hits@level = [0] 10 [1] 1 [2] 1 [3] 1 [4] 0 [5] 0
Hits@level+ = [0+] 13 [1+] 3 [2+] 2 [3+] 1 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 1.54578 [1+] 0.356718 [2+] 0.237812 [3+] 0.118906 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.