Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/python-fabio-0.10.2+dfsg/fabio/ext/cf_io.c Examining data/python-fabio-0.10.2+dfsg/fabio/ext/mar345_IO.c Examining data/python-fabio-0.10.2+dfsg/fabio/ext/_cif.c Examining data/python-fabio-0.10.2+dfsg/fabio/ext/byte_offset.c Examining data/python-fabio-0.10.2+dfsg/fabio/ext/include/msvc/stdint.h Examining data/python-fabio-0.10.2+dfsg/fabio/ext/include/columnfile.h Examining data/python-fabio-0.10.2+dfsg/fabio/ext/include/ccp4_pack.h Examining data/python-fabio-0.10.2+dfsg/fabio/ext/src/ccp4_pack.c Examining data/python-fabio-0.10.2+dfsg/fabio/ext/src/cf_iomodule.c Examining data/python-fabio-0.10.2+dfsg/fabio/ext/src/columnfile.c FINAL RESULTS: data/python-fabio-0.10.2+dfsg/fabio/ext/_cif.c:789:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(__PYX_DEFAULT_STRING_ENCODING, default_encoding_c); data/python-fabio-0.10.2+dfsg/fabio/ext/_cif.c:18527:5: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(msg, 200, fmt, vargs); data/python-fabio-0.10.2+dfsg/fabio/ext/byte_offset.c:798:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(__PYX_DEFAULT_STRING_ENCODING, default_encoding_c); data/python-fabio-0.10.2+dfsg/fabio/ext/byte_offset.c:23560:5: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(msg, 200, fmt, vargs); data/python-fabio-0.10.2+dfsg/fabio/ext/cf_io.c:802:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(__PYX_DEFAULT_STRING_ENCODING, default_encoding_c); data/python-fabio-0.10.2+dfsg/fabio/ext/cf_io.c:21220:5: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(msg, 200, fmt, vargs); data/python-fabio-0.10.2+dfsg/fabio/ext/include/columnfile.h:30:27: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. if ((prefix)!=NULL) sscanf(source,prefix);\ data/python-fabio-0.10.2+dfsg/fabio/ext/include/columnfile.h:31:14: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. while (sscanf( (source) , (conversion) , ((dest) +tmpi))){\ data/python-fabio-0.10.2+dfsg/fabio/ext/mar345_IO.c:802:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(__PYX_DEFAULT_STRING_ENCODING, default_encoding_c); data/python-fabio-0.10.2+dfsg/fabio/ext/mar345_IO.c:31699:5: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(msg, 200, fmt, vargs); data/python-fabio-0.10.2+dfsg/fabio/ext/src/ccp4_pack.c:842:4: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(packfile, PACKIDENTIFIER, x, y); data/python-fabio-0.10.2+dfsg/fabio/ext/src/columnfile.c:142:9: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. ncols=sscanf(line,hdr_ctl,repeat16_inc(clabels,0),repeat16_inc(clabels,16),*(clabels+32)); data/python-fabio-0.10.2+dfsg/fabio/ext/src/columnfile.c:158:9: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf(p,"%s",*(clabels+ncols)); data/python-fabio-0.10.2+dfsg/fabio/ext/_cif.c:20006:18: [3] (random) setstate: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. if (!setstate) PyErr_Clear(); data/python-fabio-0.10.2+dfsg/fabio/ext/_cif.c:20007:18: [3] (random) setstate: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. if (!setstate || __Pyx_setup_reduce_is_named(setstate, __pyx_n_s_setstate_cython)) { data/python-fabio-0.10.2+dfsg/fabio/ext/_cif.c:20007:58: [3] (random) setstate: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. if (!setstate || __Pyx_setup_reduce_is_named(setstate, __pyx_n_s_setstate_cython)) { data/python-fabio-0.10.2+dfsg/fabio/ext/_cif.c:20012:29: [3] (random) setstate: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. } else if (!setstate || PyErr_Occurred()) { data/python-fabio-0.10.2+dfsg/fabio/ext/_cif.c:20032:16: [3] (random) setstate: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. Py_XDECREF(setstate); data/python-fabio-0.10.2+dfsg/fabio/ext/byte_offset.c:25596:18: [3] (random) setstate: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. if (!setstate) PyErr_Clear(); data/python-fabio-0.10.2+dfsg/fabio/ext/byte_offset.c:25597:18: [3] (random) setstate: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. if (!setstate || __Pyx_setup_reduce_is_named(setstate, __pyx_n_s_setstate_cython)) { data/python-fabio-0.10.2+dfsg/fabio/ext/byte_offset.c:25597:58: [3] (random) setstate: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. if (!setstate || __Pyx_setup_reduce_is_named(setstate, __pyx_n_s_setstate_cython)) { data/python-fabio-0.10.2+dfsg/fabio/ext/byte_offset.c:25602:29: [3] (random) setstate: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. } else if (!setstate || PyErr_Occurred()) { data/python-fabio-0.10.2+dfsg/fabio/ext/byte_offset.c:25622:16: [3] (random) setstate: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. Py_XDECREF(setstate); data/python-fabio-0.10.2+dfsg/fabio/ext/cf_io.c:22540:18: [3] (random) setstate: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. if (!setstate) PyErr_Clear(); data/python-fabio-0.10.2+dfsg/fabio/ext/cf_io.c:22541:18: [3] (random) setstate: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. if (!setstate || __Pyx_setup_reduce_is_named(setstate, __pyx_n_s_setstate_cython)) { data/python-fabio-0.10.2+dfsg/fabio/ext/cf_io.c:22541:58: [3] (random) setstate: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. if (!setstate || __Pyx_setup_reduce_is_named(setstate, __pyx_n_s_setstate_cython)) { data/python-fabio-0.10.2+dfsg/fabio/ext/cf_io.c:22546:29: [3] (random) setstate: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. } else if (!setstate || PyErr_Occurred()) { data/python-fabio-0.10.2+dfsg/fabio/ext/cf_io.c:22566:16: [3] (random) setstate: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. Py_XDECREF(setstate); data/python-fabio-0.10.2+dfsg/fabio/ext/mar345_IO.c:33650:18: [3] (random) setstate: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. if (!setstate) PyErr_Clear(); data/python-fabio-0.10.2+dfsg/fabio/ext/mar345_IO.c:33651:18: [3] (random) setstate: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. if (!setstate || __Pyx_setup_reduce_is_named(setstate, __pyx_n_s_setstate_cython)) { data/python-fabio-0.10.2+dfsg/fabio/ext/mar345_IO.c:33651:58: [3] (random) setstate: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. if (!setstate || __Pyx_setup_reduce_is_named(setstate, __pyx_n_s_setstate_cython)) { data/python-fabio-0.10.2+dfsg/fabio/ext/mar345_IO.c:33656:29: [3] (random) setstate: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. } else if (!setstate || PyErr_Occurred()) { data/python-fabio-0.10.2+dfsg/fabio/ext/mar345_IO.c:33676:16: [3] (random) setstate: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. Py_XDECREF(setstate); data/python-fabio-0.10.2+dfsg/fabio/ext/_cif.c:742:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ascii_chars[128]; data/python-fabio-0.10.2+dfsg/fabio/ext/_cif.c:12157:27: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. __pyx_v_resultp = ((((char **)__pyx_v_resultp)[0]) + __pyx_v_suboffset); data/python-fabio-0.10.2+dfsg/fabio/ext/_cif.c:13898:14: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)(memcpy(__pyx_v_dst_data, __pyx_v_src_data, (__pyx_v_itemsize * __pyx_v_dst_extent))); data/python-fabio-0.10.2+dfsg/fabio/ext/_cif.c:13930:16: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)(memcpy(__pyx_v_dst_data, __pyx_v_src_data, __pyx_v_itemsize)); data/python-fabio-0.10.2+dfsg/fabio/ext/_cif.c:14435:12: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)(memcpy(__pyx_v_result, __pyx_v_src->data, __pyx_v_size)); data/python-fabio-0.10.2+dfsg/fabio/ext/_cif.c:15183:14: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)(memcpy(__pyx_v_dst.data, __pyx_v_src.data, __pyx_memoryview_slice_get_size((&__pyx_v_src), __pyx_v_ndim))); data/python-fabio-0.10.2+dfsg/fabio/ext/_cif.c:15788:14: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)(memcpy(__pyx_v_data, __pyx_v_item, __pyx_v_itemsize)); data/python-fabio-0.10.2+dfsg/fabio/ext/_cif.c:17947:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&(__pyx_memoryview_thread_locks[0]), __pyx_t_2, sizeof(__pyx_memoryview_thread_locks[0]) * (8)); data/python-fabio-0.10.2+dfsg/fabio/ext/_cif.c:18521:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[200]; data/python-fabio-0.10.2+dfsg/fabio/ext/_cif.c:21824:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctversion[4], rtversion[4]; data/python-fabio-0.10.2+dfsg/fabio/ext/_cif.c:21828:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[200]; data/python-fabio-0.10.2+dfsg/fabio/ext/byte_offset.c:751:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ascii_chars[128]; data/python-fabio-0.10.2+dfsg/fabio/ext/byte_offset.c:16937:27: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. __pyx_v_resultp = ((((char **)__pyx_v_resultp)[0]) + __pyx_v_suboffset); data/python-fabio-0.10.2+dfsg/fabio/ext/byte_offset.c:18678:14: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)(memcpy(__pyx_v_dst_data, __pyx_v_src_data, (__pyx_v_itemsize * __pyx_v_dst_extent))); data/python-fabio-0.10.2+dfsg/fabio/ext/byte_offset.c:18710:16: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)(memcpy(__pyx_v_dst_data, __pyx_v_src_data, __pyx_v_itemsize)); data/python-fabio-0.10.2+dfsg/fabio/ext/byte_offset.c:19215:12: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)(memcpy(__pyx_v_result, __pyx_v_src->data, __pyx_v_size)); data/python-fabio-0.10.2+dfsg/fabio/ext/byte_offset.c:19963:14: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)(memcpy(__pyx_v_dst.data, __pyx_v_src.data, __pyx_memoryview_slice_get_size((&__pyx_v_src), __pyx_v_ndim))); data/python-fabio-0.10.2+dfsg/fabio/ext/byte_offset.c:20568:14: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)(memcpy(__pyx_v_data, __pyx_v_item, __pyx_v_itemsize)); data/python-fabio-0.10.2+dfsg/fabio/ext/byte_offset.c:22952:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&(__pyx_memoryview_thread_locks[0]), __pyx_t_2, sizeof(__pyx_memoryview_thread_locks[0]) * (8)); data/python-fabio-0.10.2+dfsg/fabio/ext/byte_offset.c:23554:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[200]; data/python-fabio-0.10.2+dfsg/fabio/ext/byte_offset.c:25634:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char warning[200]; data/python-fabio-0.10.2+dfsg/fabio/ext/byte_offset.c:28060:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctversion[4], rtversion[4]; data/python-fabio-0.10.2+dfsg/fabio/ext/byte_offset.c:28064:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[200]; data/python-fabio-0.10.2+dfsg/fabio/ext/cf_io.c:755:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ascii_chars[128]; data/python-fabio-0.10.2+dfsg/fabio/ext/cf_io.c:2893:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). __pyx_v_file = fopen(__pyx_t_8, ((char const *)"r")); data/python-fabio-0.10.2+dfsg/fabio/ext/cf_io.c:3189:12: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)(memcpy((&(*((__pyx_t_5numpy_float64_t *) ( /* dim=1 */ ((char *) (((__pyx_t_5numpy_float64_t *) ( /* dim=0 */ (__pyx_v_py_data.data + __pyx_t_15 * __pyx_v_py_data.strides[0]) )) + __pyx_t_16)) )))), (__pyx_v_cf__->data[__pyx_v_i]), (__pyx_v_cf__->ncols * (sizeof(double))))); data/python-fabio-0.10.2+dfsg/fabio/ext/cf_io.c:14465:27: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. __pyx_v_resultp = ((((char **)__pyx_v_resultp)[0]) + __pyx_v_suboffset); data/python-fabio-0.10.2+dfsg/fabio/ext/cf_io.c:16206:14: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)(memcpy(__pyx_v_dst_data, __pyx_v_src_data, (__pyx_v_itemsize * __pyx_v_dst_extent))); data/python-fabio-0.10.2+dfsg/fabio/ext/cf_io.c:16238:16: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)(memcpy(__pyx_v_dst_data, __pyx_v_src_data, __pyx_v_itemsize)); data/python-fabio-0.10.2+dfsg/fabio/ext/cf_io.c:16743:12: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)(memcpy(__pyx_v_result, __pyx_v_src->data, __pyx_v_size)); data/python-fabio-0.10.2+dfsg/fabio/ext/cf_io.c:17491:14: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)(memcpy(__pyx_v_dst.data, __pyx_v_src.data, __pyx_memoryview_slice_get_size((&__pyx_v_src), __pyx_v_ndim))); data/python-fabio-0.10.2+dfsg/fabio/ext/cf_io.c:18096:14: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)(memcpy(__pyx_v_data, __pyx_v_item, __pyx_v_itemsize)); data/python-fabio-0.10.2+dfsg/fabio/ext/cf_io.c:20499:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&(__pyx_memoryview_thread_locks[0]), __pyx_t_4, sizeof(__pyx_memoryview_thread_locks[0]) * (8)); data/python-fabio-0.10.2+dfsg/fabio/ext/cf_io.c:21214:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[200]; data/python-fabio-0.10.2+dfsg/fabio/ext/cf_io.c:22578:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char warning[200]; data/python-fabio-0.10.2+dfsg/fabio/ext/cf_io.c:24985:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctversion[4], rtversion[4]; data/python-fabio-0.10.2+dfsg/fabio/ext/cf_io.c:24989:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[200]; data/python-fabio-0.10.2+dfsg/fabio/ext/mar345_IO.c:755:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ascii_chars[128]; data/python-fabio-0.10.2+dfsg/fabio/ext/mar345_IO.c:24105:27: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. __pyx_v_resultp = ((((char **)__pyx_v_resultp)[0]) + __pyx_v_suboffset); data/python-fabio-0.10.2+dfsg/fabio/ext/mar345_IO.c:25846:14: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)(memcpy(__pyx_v_dst_data, __pyx_v_src_data, (__pyx_v_itemsize * __pyx_v_dst_extent))); data/python-fabio-0.10.2+dfsg/fabio/ext/mar345_IO.c:25878:16: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)(memcpy(__pyx_v_dst_data, __pyx_v_src_data, __pyx_v_itemsize)); data/python-fabio-0.10.2+dfsg/fabio/ext/mar345_IO.c:26383:12: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)(memcpy(__pyx_v_result, __pyx_v_src->data, __pyx_v_size)); data/python-fabio-0.10.2+dfsg/fabio/ext/mar345_IO.c:27131:14: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)(memcpy(__pyx_v_dst.data, __pyx_v_src.data, __pyx_memoryview_slice_get_size((&__pyx_v_src), __pyx_v_ndim))); data/python-fabio-0.10.2+dfsg/fabio/ext/mar345_IO.c:27736:14: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)(memcpy(__pyx_v_data, __pyx_v_item, __pyx_v_itemsize)); data/python-fabio-0.10.2+dfsg/fabio/ext/mar345_IO.c:30774:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&(__pyx_memoryview_thread_locks[0]), __pyx_t_6, sizeof(__pyx_memoryview_thread_locks[0]) * (8)); data/python-fabio-0.10.2+dfsg/fabio/ext/mar345_IO.c:31693:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[200]; data/python-fabio-0.10.2+dfsg/fabio/ext/mar345_IO.c:31941:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *)result_udata + char_pos * result_ukind, udata, (size_t) (ulength * result_ukind)); data/python-fabio-0.10.2+dfsg/fabio/ext/mar345_IO.c:33688:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char warning[200]; data/python-fabio-0.10.2+dfsg/fabio/ext/mar345_IO.c:34460:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(meth->func.defaults, func->func.defaults, func->func.defaults_size); data/python-fabio-0.10.2+dfsg/fabio/ext/mar345_IO.c:37982:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctversion[4], rtversion[4]; data/python-fabio-0.10.2+dfsg/fabio/ext/mar345_IO.c:37986:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[200]; data/python-fabio-0.10.2+dfsg/fabio/ext/src/ccp4_pack.c:102:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *c,cbuffer[64]=""; data/python-fabio-0.10.2+dfsg/fabio/ext/src/ccp4_pack.c:109:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(odata, instring, 64*orecords); data/python-fabio-0.10.2+dfsg/fabio/ext/src/ccp4_pack.c:200:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *c,cbuffer[64]=""; data/python-fabio-0.10.2+dfsg/fabio/ext/src/ccp4_pack.c:876:20: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *packfile = fopen(filename, "ab"); data/python-fabio-0.10.2+dfsg/fabio/ext/src/cf_iomodule.c:49:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((double *)PyArray_GETPTR2(py_data,i,0),cf__->data[i],cf__->ncols*sizeof(double)); data/python-fabio-0.10.2+dfsg/fabio/ext/src/columnfile.c:62:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp=fopen(fname,"wb"); data/python-fabio-0.10.2+dfsg/fabio/ext/src/columnfile.c:114:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[2048]; data/python-fabio-0.10.2+dfsg/fabio/ext/_cif.c:666:87: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define __Pyx_PyByteArray_FromString(s) PyByteArray_FromStringAndSize((const char*)s, strlen((const char*)s)) data/python-fabio-0.10.2+dfsg/fabio/ext/_cif.c:787:52: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). __PYX_DEFAULT_STRING_ENCODING = (char*) malloc(strlen(default_encoding_c) + 1); data/python-fabio-0.10.2+dfsg/fabio/ext/_cif.c:5123:56: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). __pyx_t_4 = __Pyx_decode_c_string(__pyx_v_mode, 0, strlen(__pyx_v_mode), NULL, NULL, PyUnicode_DecodeASCII); if (unlikely(!__pyx_t_4)) __PYX_ERR(1, 249, __pyx_L1_error) data/python-fabio-0.10.2+dfsg/fabio/ext/_cif.c:5167:56: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). __pyx_t_3 = __Pyx_decode_c_string(__pyx_v_mode, 0, strlen(__pyx_v_mode), NULL, NULL, PyUnicode_DecodeASCII); if (unlikely(!__pyx_t_3)) __PYX_ERR(1, 251, __pyx_L1_error) data/python-fabio-0.10.2+dfsg/fabio/ext/_cif.c:7702:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). __pyx_t_10 = strlen(__pyx_v_self->view.format); data/python-fabio-0.10.2+dfsg/fabio/ext/_cif.c:14606:53: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). __pyx_t_2 = __Pyx_decode_c_string(__pyx_v_msg, 0, strlen(__pyx_v_msg), NULL, NULL, PyUnicode_DecodeASCII); if (unlikely(!__pyx_t_2)) __PYX_ERR(1, 1258, __pyx_L1_error) data/python-fabio-0.10.2+dfsg/fabio/ext/_cif.c:14698:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). __pyx_t_3 = __Pyx_decode_c_string(__pyx_v_msg, 0, strlen(__pyx_v_msg), NULL, NULL, PyUnicode_DecodeASCII); if (unlikely(!__pyx_t_3)) __PYX_ERR(1, 1263, __pyx_L1_error) data/python-fabio-0.10.2+dfsg/fabio/ext/_cif.c:19206:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t slen = strlen(cstring); data/python-fabio-0.10.2+dfsg/fabio/ext/_cif.c:21872:65: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return __Pyx_PyUnicode_FromStringAndSize(c_str, (Py_ssize_t)strlen(c_str)); data/python-fabio-0.10.2+dfsg/fabio/ext/byte_offset.c:675:87: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define __Pyx_PyByteArray_FromString(s) PyByteArray_FromStringAndSize((const char*)s, strlen((const char*)s)) data/python-fabio-0.10.2+dfsg/fabio/ext/byte_offset.c:796:52: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). __PYX_DEFAULT_STRING_ENCODING = (char*) malloc(strlen(default_encoding_c) + 1); data/python-fabio-0.10.2+dfsg/fabio/ext/byte_offset.c:9903:56: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). __pyx_t_4 = __Pyx_decode_c_string(__pyx_v_mode, 0, strlen(__pyx_v_mode), NULL, NULL, PyUnicode_DecodeASCII); if (unlikely(!__pyx_t_4)) __PYX_ERR(2, 249, __pyx_L1_error) data/python-fabio-0.10.2+dfsg/fabio/ext/byte_offset.c:9947:56: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). __pyx_t_3 = __Pyx_decode_c_string(__pyx_v_mode, 0, strlen(__pyx_v_mode), NULL, NULL, PyUnicode_DecodeASCII); if (unlikely(!__pyx_t_3)) __PYX_ERR(2, 251, __pyx_L1_error) data/python-fabio-0.10.2+dfsg/fabio/ext/byte_offset.c:12482:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). __pyx_t_10 = strlen(__pyx_v_self->view.format); data/python-fabio-0.10.2+dfsg/fabio/ext/byte_offset.c:19386:53: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). __pyx_t_2 = __Pyx_decode_c_string(__pyx_v_msg, 0, strlen(__pyx_v_msg), NULL, NULL, PyUnicode_DecodeASCII); if (unlikely(!__pyx_t_2)) __PYX_ERR(2, 1258, __pyx_L1_error) data/python-fabio-0.10.2+dfsg/fabio/ext/byte_offset.c:19478:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). __pyx_t_3 = __Pyx_decode_c_string(__pyx_v_msg, 0, strlen(__pyx_v_msg), NULL, NULL, PyUnicode_DecodeASCII); if (unlikely(!__pyx_t_3)) __PYX_ERR(2, 1263, __pyx_L1_error) data/python-fabio-0.10.2+dfsg/fabio/ext/byte_offset.c:25043:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t slen = strlen(cstring); data/python-fabio-0.10.2+dfsg/fabio/ext/byte_offset.c:28108:65: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return __Pyx_PyUnicode_FromStringAndSize(c_str, (Py_ssize_t)strlen(c_str)); data/python-fabio-0.10.2+dfsg/fabio/ext/cf_io.c:679:87: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define __Pyx_PyByteArray_FromString(s) PyByteArray_FromStringAndSize((const char*)s, strlen((const char*)s)) data/python-fabio-0.10.2+dfsg/fabio/ext/cf_io.c:800:52: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). __PYX_DEFAULT_STRING_ENCODING = (char*) malloc(strlen(default_encoding_c) + 1); data/python-fabio-0.10.2+dfsg/fabio/ext/cf_io.c:7431:56: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). __pyx_t_4 = __Pyx_decode_c_string(__pyx_v_mode, 0, strlen(__pyx_v_mode), NULL, NULL, PyUnicode_DecodeASCII); if (unlikely(!__pyx_t_4)) __PYX_ERR(2, 249, __pyx_L1_error) data/python-fabio-0.10.2+dfsg/fabio/ext/cf_io.c:7475:56: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). __pyx_t_3 = __Pyx_decode_c_string(__pyx_v_mode, 0, strlen(__pyx_v_mode), NULL, NULL, PyUnicode_DecodeASCII); if (unlikely(!__pyx_t_3)) __PYX_ERR(2, 251, __pyx_L1_error) data/python-fabio-0.10.2+dfsg/fabio/ext/cf_io.c:10010:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). __pyx_t_10 = strlen(__pyx_v_self->view.format); data/python-fabio-0.10.2+dfsg/fabio/ext/cf_io.c:16914:53: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). __pyx_t_2 = __Pyx_decode_c_string(__pyx_v_msg, 0, strlen(__pyx_v_msg), NULL, NULL, PyUnicode_DecodeASCII); if (unlikely(!__pyx_t_2)) __PYX_ERR(2, 1258, __pyx_L1_error) data/python-fabio-0.10.2+dfsg/fabio/ext/cf_io.c:17006:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). __pyx_t_3 = __Pyx_decode_c_string(__pyx_v_msg, 0, strlen(__pyx_v_msg), NULL, NULL, PyUnicode_DecodeASCII); if (unlikely(!__pyx_t_3)) __PYX_ERR(2, 1263, __pyx_L1_error) data/python-fabio-0.10.2+dfsg/fabio/ext/cf_io.c:21987:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t slen = strlen(cstring); data/python-fabio-0.10.2+dfsg/fabio/ext/cf_io.c:25033:65: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return __Pyx_PyUnicode_FromStringAndSize(c_str, (Py_ssize_t)strlen(c_str)); data/python-fabio-0.10.2+dfsg/fabio/ext/mar345_IO.c:679:87: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define __Pyx_PyByteArray_FromString(s) PyByteArray_FromStringAndSize((const char*)s, strlen((const char*)s)) data/python-fabio-0.10.2+dfsg/fabio/ext/mar345_IO.c:800:52: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). __PYX_DEFAULT_STRING_ENCODING = (char*) malloc(strlen(default_encoding_c) + 1); data/python-fabio-0.10.2+dfsg/fabio/ext/mar345_IO.c:17071:56: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). __pyx_t_4 = __Pyx_decode_c_string(__pyx_v_mode, 0, strlen(__pyx_v_mode), NULL, NULL, PyUnicode_DecodeASCII); if (unlikely(!__pyx_t_4)) __PYX_ERR(1, 249, __pyx_L1_error) data/python-fabio-0.10.2+dfsg/fabio/ext/mar345_IO.c:17115:56: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). __pyx_t_3 = __Pyx_decode_c_string(__pyx_v_mode, 0, strlen(__pyx_v_mode), NULL, NULL, PyUnicode_DecodeASCII); if (unlikely(!__pyx_t_3)) __PYX_ERR(1, 251, __pyx_L1_error) data/python-fabio-0.10.2+dfsg/fabio/ext/mar345_IO.c:19650:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). __pyx_t_10 = strlen(__pyx_v_self->view.format); data/python-fabio-0.10.2+dfsg/fabio/ext/mar345_IO.c:26554:53: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). __pyx_t_2 = __Pyx_decode_c_string(__pyx_v_msg, 0, strlen(__pyx_v_msg), NULL, NULL, PyUnicode_DecodeASCII); if (unlikely(!__pyx_t_2)) __PYX_ERR(1, 1258, __pyx_L1_error) data/python-fabio-0.10.2+dfsg/fabio/ext/mar345_IO.c:26646:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). __pyx_t_3 = __Pyx_decode_c_string(__pyx_v_msg, 0, strlen(__pyx_v_msg), NULL, NULL, PyUnicode_DecodeASCII); if (unlikely(!__pyx_t_3)) __PYX_ERR(1, 1263, __pyx_L1_error) data/python-fabio-0.10.2+dfsg/fabio/ext/mar345_IO.c:33226:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t slen = strlen(cstring); data/python-fabio-0.10.2+dfsg/fabio/ext/mar345_IO.c:38030:65: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return __Pyx_PyUnicode_FromStringAndSize(c_str, (Py_ssize_t)strlen(c_str)); data/python-fabio-0.10.2+dfsg/fabio/ext/src/ccp4_pack.c:217:14: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). *c=(char)getc(file); data/python-fabio-0.10.2+dfsg/fabio/ext/src/ccp4_pack.c:300:21: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). t_=(unsigned char)fgetc(instream); data/python-fabio-0.10.2+dfsg/fabio/ext/src/ccp4_pack.c:309:29: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). t2=(unsigned char ) fgetc(instream); data/python-fabio-0.10.2+dfsg/fabio/ext/src/ccp4_pack.c:333:32: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). t_=(unsigned char) fgetc(instream); data/python-fabio-0.10.2+dfsg/fabio/ext/src/ccp4_pack.c:508:21: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). t_=(unsigned char)fgetc(instream); data/python-fabio-0.10.2+dfsg/fabio/ext/src/ccp4_pack.c:516:29: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). t2=(unsigned char ) fgetc(instream); data/python-fabio-0.10.2+dfsg/fabio/ext/src/ccp4_pack.c:540:32: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). t_=(unsigned char) fgetc(instream); data/python-fabio-0.10.2+dfsg/fabio/ext/src/columnfile.c:22:64: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ( HAVE_ZLIB_H && (p=strstr(fname,".gz"))!=NULL && p<fname+strlen(fname) ){ ANALYSIS SUMMARY: Hits = 135 Lines analyzed = 115518 in approximately 2.94 seconds (39289 lines/second) Physical Source Lines of Code (SLOC) = 67693 Hits@level = [0] 17 [1] 44 [2] 58 [3] 20 [4] 13 [5] 0 Hits@level+ = [0+] 152 [1+] 135 [2+] 91 [3+] 33 [4+] 13 [5+] 0 Hits/KSLOC@level+ = [0+] 2.24543 [1+] 1.9943 [2+] 1.3443 [3+] 0.487495 [4+] 0.192043 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.