stdin

Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/python-btrees-4.3.1/BTrees/_IOBTree.c
Examining data/python-btrees-4.3.1/BTrees/_LFBTree.c
Examining data/python-btrees-4.3.1/BTrees/_IIBTree.c
Examining data/python-btrees-4.3.1/BTrees/SetOpTemplate.c
Examining data/python-btrees-4.3.1/BTrees/intvaluemacros.h
Examining data/python-btrees-4.3.1/BTrees/objectkeymacros.h
Examining data/python-btrees-4.3.1/BTrees/_IFBTree.c
Examining data/python-btrees-4.3.1/BTrees/_LOBTree.c
Examining data/python-btrees-4.3.1/BTrees/objectvaluemacros.h
Examining data/python-btrees-4.3.1/BTrees/BucketTemplate.c
Examining data/python-btrees-4.3.1/BTrees/SetTemplate.c
Examining data/python-btrees-4.3.1/BTrees/_fsBTree.c
Examining data/python-btrees-4.3.1/BTrees/intkeymacros.h
Examining data/python-btrees-4.3.1/BTrees/_LLBTree.c
Examining data/python-btrees-4.3.1/BTrees/_OLBTree.c
Examining data/python-btrees-4.3.1/BTrees/_compat.h
Examining data/python-btrees-4.3.1/BTrees/BTreeItemsTemplate.c
Examining data/python-btrees-4.3.1/BTrees/floatvaluemacros.h
Examining data/python-btrees-4.3.1/BTrees/_OIBTree.c
Examining data/python-btrees-4.3.1/BTrees/sorters.c
Examining data/python-btrees-4.3.1/BTrees/MergeTemplate.c
Examining data/python-btrees-4.3.1/BTrees/BTreeModuleTemplate.c
Examining data/python-btrees-4.3.1/BTrees/BTreeTemplate.c
Examining data/python-btrees-4.3.1/BTrees/_OOBTree.c
Examining data/python-btrees-4.3.1/BTrees/TreeSetTemplate.c

FINAL RESULTS:

data/python-btrees-4.3.1/BTrees/BTreeTemplate.c:347:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(next->data, self->data + index, sizeof(BTreeItem) * next_size);
data/python-btrees-4.3.1/BTrees/BucketTemplate.c:243:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(self->keys + self->len, from->keys + i, n * sizeof(KEY_TYPE));
data/python-btrees-4.3.1/BTrees/BucketTemplate.c:248:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(self->values + self->len, from->values + i,
data/python-btrees-4.3.1/BTrees/BucketTemplate.c:583:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(next->keys, self->keys + index, sizeof(KEY_TYPE) * next_size);
data/python-btrees-4.3.1/BTrees/BucketTemplate.c:591:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(next->values, self->values + index,
data/python-btrees-4.3.1/BTrees/BucketTemplate.c:1814:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char repr[10000];
data/python-btrees-4.3.1/BTrees/_fsBTree.c:26:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
typedef unsigned char char2[2];
data/python-btrees-4.3.1/BTrees/_fsBTree.c:27:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
typedef unsigned char char6[6];
data/python-btrees-4.3.1/BTrees/_fsBTree.c:51:23:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  if (KEY_CHECK(ARG)) memcpy(TARGET, PyBytes_AS_STRING(ARG), 2); else { \
data/python-btrees-4.3.1/BTrees/_fsBTree.c:62:27:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define COPY_VALUE(V, E) (memcpy(V, E, 6))
data/python-btrees-4.3.1/BTrees/_fsBTree.c:66:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(TARGET, PyBytes_AS_STRING(ARG), 6); else { \
data/python-btrees-4.3.1/BTrees/_fsBTree.c:109:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(PyBytes_AS_STRING(items),       self->keys,   len*2);
data/python-btrees-4.3.1/BTrees/_fsBTree.c:110:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(PyBytes_AS_STRING(items)+len*2, self->values, len*6);
data/python-btrees-4.3.1/BTrees/_fsBTree.c:157:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(self->keys,   PyBytes_AS_STRING(state),       len*2);
data/python-btrees-4.3.1/BTrees/_fsBTree.c:158:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(self->values, PyBytes_AS_STRING(state)+len*2, len*6);
data/python-btrees-4.3.1/BTrees/sorters.c:273:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(out, in, i * sizeof(element_type));
data/python-btrees-4.3.1/BTrees/BucketTemplate.c:1843:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        return PyUnicode_DecodeLatin1(repr, strlen(repr), "surrogateescape");
data/python-btrees-4.3.1/BTrees/BucketTemplate.c:1845:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        return PyBytes_FromStringAndSize(repr, strlen(repr));
data/python-btrees-4.3.1/BTrees/BucketTemplate.c:1857:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        size = strlen(Py_TYPE(self)->tp_name) + PyBytes_GET_SIZE(r) + 3;

ANALYSIS SUMMARY:

Hits = 19
Lines analyzed = 8676 in approximately 0.22 seconds (40140 lines/second)
Physical Source Lines of Code (SLOC) = 5995
Hits@level = [0]   2 [1]   3 [2]  16 [3]   0 [4]   0 [5]   0
Hits@level+ = [0+]  21 [1+]  19 [2+]  16 [3+]   0 [4+]   0 [5+]   0
Hits/KSLOC@level+ = [0+] 3.50292 [1+] 3.16931 [2+] 2.66889 [3+]   0 [4+]   0 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.