stdin

Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/pybindgen-0.20.0+dfsg1/benchmarks/testapi.cc
Examining data/pybindgen-0.20.0+dfsg1/benchmarks/testapi.h
Examining data/pybindgen-0.20.0+dfsg1/benchmarks/testapi_boost.cc
Examining data/pybindgen-0.20.0+dfsg1/include/stdint.h
Examining data/pybindgen-0.20.0+dfsg1/tests/boost/bar.h
Examining data/pybindgen-0.20.0+dfsg1/tests/boost/bar.cc
Examining data/pybindgen-0.20.0+dfsg1/tests/foo.h
Examining data/pybindgen-0.20.0+dfsg1/tests/c-hello/hello.h
Examining data/pybindgen-0.20.0+dfsg1/tests/c-hello/hello.c
Examining data/pybindgen-0.20.0+dfsg1/tests/foo.cc
Examining data/pybindgen-0.20.0+dfsg1/examples/b/b.cc
Examining data/pybindgen-0.20.0+dfsg1/examples/b/b.h
Examining data/pybindgen-0.20.0+dfsg1/examples/callback/c.cc
Examining data/pybindgen-0.20.0+dfsg1/examples/callback/c.h
Examining data/pybindgen-0.20.0+dfsg1/examples/a/a.h
Examining data/pybindgen-0.20.0+dfsg1/examples/a/a.cc
Examining data/pybindgen-0.20.0+dfsg1/examples/f/f.cc
Examining data/pybindgen-0.20.0+dfsg1/examples/f/f.h
Examining data/pybindgen-0.20.0+dfsg1/examples/d/d.h
Examining data/pybindgen-0.20.0+dfsg1/examples/d/d.cc
Examining data/pybindgen-0.20.0+dfsg1/examples/h/h.h
Examining data/pybindgen-0.20.0+dfsg1/examples/h/h.cc
Examining data/pybindgen-0.20.0+dfsg1/examples/boost_shared_ptr/bsp.h
Examining data/pybindgen-0.20.0+dfsg1/examples/boost_shared_ptr/bsp.cc
Examining data/pybindgen-0.20.0+dfsg1/examples/c/c.cc
Examining data/pybindgen-0.20.0+dfsg1/examples/c/c.h
Examining data/pybindgen-0.20.0+dfsg1/examples/e/e.cc
Examining data/pybindgen-0.20.0+dfsg1/examples/e/e.h
Examining data/pybindgen-0.20.0+dfsg1/examples/std_shared_ptr/sp.h
Examining data/pybindgen-0.20.0+dfsg1/examples/std_shared_ptr/sp.cc
Examining data/pybindgen-0.20.0+dfsg1/examples/g/g.cc
Examining data/pybindgen-0.20.0+dfsg1/examples/g/g.h
Examining data/pybindgen-0.20.0+dfsg1/examples/buffer/c.cc
Examining data/pybindgen-0.20.0+dfsg1/examples/buffer/c.h
Examining data/pybindgen-0.20.0+dfsg1/examples/import_from_module/a.h
Examining data/pybindgen-0.20.0+dfsg1/examples/import_from_module/b.h

FINAL RESULTS:

data/pybindgen-0.20.0+dfsg1/include/stdint.h:764:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char str0[256], str1[256];
data/pybindgen-0.20.0+dfsg1/include/stdint.h:766:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf (str0, "%d %x\n", 0, ~0);
data/pybindgen-0.20.0+dfsg1/include/stdint.h:768:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf (str1, "%d %x\n",  i8, ~0);
data/pybindgen-0.20.0+dfsg1/include/stdint.h:770:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf (str1, "%u %x\n",  u8, ~0);
data/pybindgen-0.20.0+dfsg1/include/stdint.h:772:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf (str1, "%d %x\n",  i16, ~0);
data/pybindgen-0.20.0+dfsg1/include/stdint.h:774:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf (str1, "%u %x\n",  u16, ~0);
data/pybindgen-0.20.0+dfsg1/include/stdint.h:776:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf (str1, "%" PRINTF_INT32_MODIFIER "d %x\n",  i32, ~0);
data/pybindgen-0.20.0+dfsg1/include/stdint.h:778:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf (str1, "%" PRINTF_INT32_MODIFIER "u %x\n",  u32, ~0);
data/pybindgen-0.20.0+dfsg1/include/stdint.h:781:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf (str1, "%" PRINTF_INT64_MODIFIER "d %x\n",  i64, ~0);
data/pybindgen-0.20.0+dfsg1/include/stdint.h:784:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf (str1, "%" PRINTF_INTMAX_MODIFIER "d %x\n",  imax, ~0);
data/pybindgen-0.20.0+dfsg1/include/stdint.h:786:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf (str1, "%" PRINTF_INTMAX_MODIFIER "u %x\n",  umax, ~0);
data/pybindgen-0.20.0+dfsg1/tests/foo.cc:21:12:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    return atoi(from_string)*multiplier;
data/pybindgen-0.20.0+dfsg1/tests/foo.cc:90:12:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    return atoi(from_string);
data/pybindgen-0.20.0+dfsg1/tests/foo.cc:10:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    return strlen(message);
data/pybindgen-0.20.0+dfsg1/tests/foo.cc:16:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    return strlen(message2);

ANALYSIS SUMMARY:

Hits = 15
Lines analyzed = 3517 in approximately 0.09 seconds (39646 lines/second)
Physical Source Lines of Code (SLOC) = 2506
Hits@level = [0]  11 [1]   2 [2]  13 [3]   0 [4]   0 [5]   0
Hits@level+ = [0+]  26 [1+]  15 [2+]  13 [3+]   0 [4+]   0 [5+]   0
Hits/KSLOC@level+ = [0+] 10.3751 [1+] 5.98563 [2+] 5.18755 [3+]   0 [4+]   0 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.