Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/raul-0.8.0+dfsg0/raul/AtomLiblo.hpp
Examining data/raul-0.8.0+dfsg0/raul/Quantizer.hpp
Examining data/raul-0.8.0+dfsg0/raul/AtomicPtr.hpp
Examining data/raul-0.8.0+dfsg0/raul/ListImpl.hpp
Examining data/raul-0.8.0+dfsg0/raul/MIDISink.hpp
Examining data/raul-0.8.0+dfsg0/raul/SMFReader.hpp
Examining data/raul-0.8.0+dfsg0/raul/Atom.hpp
Examining data/raul-0.8.0+dfsg0/raul/log.hpp
Examining data/raul-0.8.0+dfsg0/raul/Slave.hpp
Examining data/raul-0.8.0+dfsg0/raul/List.hpp
Examining data/raul-0.8.0+dfsg0/raul/URI.hpp
Examining data/raul-0.8.0+dfsg0/raul/EventRingBuffer.hpp
Examining data/raul-0.8.0+dfsg0/raul/TimeStamp.hpp
Examining data/raul-0.8.0+dfsg0/raul/Array.hpp
Examining data/raul-0.8.0+dfsg0/raul/ArrayStack.hpp
Examining data/raul-0.8.0+dfsg0/raul/SRMWQueue.hpp
Examining data/raul-0.8.0+dfsg0/raul/Semaphore.hpp
Examining data/raul-0.8.0+dfsg0/raul/AtomicInt.hpp
Examining data/raul-0.8.0+dfsg0/raul/SharedPtr.hpp
Examining data/raul-0.8.0+dfsg0/raul/Process.hpp
Examining data/raul-0.8.0+dfsg0/raul/Symbol.hpp
Examining data/raul-0.8.0+dfsg0/raul/midi_names.h
Examining data/raul-0.8.0+dfsg0/raul/Thread.hpp
Examining data/raul-0.8.0+dfsg0/raul/SMFWriter.hpp
Examining data/raul-0.8.0+dfsg0/raul/midi_events.h
Examining data/raul-0.8.0+dfsg0/raul/SRSWQueue.hpp
Examining data/raul-0.8.0+dfsg0/raul/Path.hpp
Examining data/raul-0.8.0+dfsg0/raul/IntrusivePtr.hpp
Examining data/raul-0.8.0+dfsg0/raul/RingBuffer.hpp
Examining data/raul-0.8.0+dfsg0/raul/DoubleBuffer.hpp
Examining data/raul-0.8.0+dfsg0/raul/Deletable.hpp
Examining data/raul-0.8.0+dfsg0/raul/TimeSlice.hpp
Examining data/raul-0.8.0+dfsg0/raul/AtomRDF.hpp
Examining data/raul-0.8.0+dfsg0/raul/Configuration.hpp
Examining data/raul-0.8.0+dfsg0/raul/PathTable.hpp
Examining data/raul-0.8.0+dfsg0/raul/TableImpl.hpp
Examining data/raul-0.8.0+dfsg0/raul/Table.hpp
Examining data/raul-0.8.0+dfsg0/raul/Maid.hpp
Examining data/raul-0.8.0+dfsg0/raul/WeakPtr.hpp
Examining data/raul-0.8.0+dfsg0/test/list_test.cpp
Examining data/raul-0.8.0+dfsg0/test/table_test.cpp
Examining data/raul-0.8.0+dfsg0/test/midi_ringbuffer_test.cpp
Examining data/raul-0.8.0+dfsg0/test/path_test.cpp
Examining data/raul-0.8.0+dfsg0/test/queue_test.cpp
Examining data/raul-0.8.0+dfsg0/test/thread_test.cpp
Examining data/raul-0.8.0+dfsg0/test/ringbuffer_test.cpp
Examining data/raul-0.8.0+dfsg0/test/quantize_test.cpp
Examining data/raul-0.8.0+dfsg0/test/time_test.cpp
Examining data/raul-0.8.0+dfsg0/test/atomic_test.cpp
Examining data/raul-0.8.0+dfsg0/test/atom_test.cpp
Examining data/raul-0.8.0+dfsg0/test/smf_test.cpp
Examining data/raul-0.8.0+dfsg0/src/SMFReader.cpp
Examining data/raul-0.8.0+dfsg0/src/Thread.cpp
Examining data/raul-0.8.0+dfsg0/src/SMFWriter.cpp
Examining data/raul-0.8.0+dfsg0/src/log.cpp
Examining data/raul-0.8.0+dfsg0/src/Configuration.cpp
Examining data/raul-0.8.0+dfsg0/src/Maid.cpp
Examining data/raul-0.8.0+dfsg0/src/Symbol.cpp
Examining data/raul-0.8.0+dfsg0/src/Path.cpp
FINAL RESULTS:
data/raul-0.8.0+dfsg0/raul/Process.hpp:74:21: [4] (shell) execlp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execlp(executable.c_str(), arguments.c_str(), NULL);
data/raul-0.8.0+dfsg0/test/table_test.cpp:42:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(NULL));
data/raul-0.8.0+dfsg0/test/table_test.cpp:224:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(NULL));
data/raul-0.8.0+dfsg0/raul/Atom.hpp:206:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_buf, type, _type_length);
data/raul-0.8.0+dfsg0/raul/Atom.hpp:207:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(static_cast<char*>(_buf) + _type_length, data, size);
data/raul-0.8.0+dfsg0/raul/Atom.hpp:216:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_buf, copy._buf, _type_length + _size);
data/raul-0.8.0+dfsg0/raul/RingBuffer.hpp:125:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, &_buf[priv_read_ptr], read_size);
data/raul-0.8.0+dfsg0/raul/RingBuffer.hpp:163:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, &_buf[priv_read_ptr], read_size);
data/raul-0.8.0+dfsg0/raul/RingBuffer.hpp:209:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&_buf[priv_write_ptr], src, size);
data/raul-0.8.0+dfsg0/raul/RingBuffer.hpp:215:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&_buf[priv_write_ptr], src, this_size);
data/raul-0.8.0+dfsg0/raul/RingBuffer.hpp:216:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&_buf[0], (char*)src + this_size, size - this_size);
data/raul-0.8.0+dfsg0/raul/SMFReader.hpp:49:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open(const std::string& filename) throw (std::logic_error, UnsupportedTime);
data/raul-0.8.0+dfsg0/raul/SMFWriter.hpp:57:36: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void write_chunk_header(const char id[4], uint32_t length);
data/raul-0.8.0+dfsg0/raul/SMFWriter.hpp:58:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void write_chunk(const char id[4], uint32_t length, void* data);
data/raul-0.8.0+dfsg0/src/SMFReader.cpp:84:3: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open(filename);
data/raul-0.8.0+dfsg0/src/SMFReader.cpp:96:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
SMFReader::open(const std::string& filename) throw (std::logic_error, UnsupportedTime)
data/raul-0.8.0+dfsg0/src/SMFReader.cpp:103:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
_fd = fopen(filename.c_str(), "r+");
data/raul-0.8.0+dfsg0/src/SMFReader.cpp:108:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mthd[5];
data/raul-0.8.0+dfsg0/src/SMFReader.cpp:162:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[5];
data/raul-0.8.0+dfsg0/src/SMFWriter.cpp:78:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
_fd = fopen(filename.c_str(), "w+");
data/raul-0.8.0+dfsg0/src/SMFWriter.cpp:171:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[6];
data/raul-0.8.0+dfsg0/src/SMFWriter.cpp:172:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, &type, 2);
data/raul-0.8.0+dfsg0/src/SMFWriter.cpp:173:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data+2, &ntracks, 2);
data/raul-0.8.0+dfsg0/src/SMFWriter.cpp:174:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data+4, &division, 2);
data/raul-0.8.0+dfsg0/src/SMFWriter.cpp:193:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char eot[4] = { 0xFF, 0x2F, 0x00 }; // end-of-track meta-event
data/raul-0.8.0+dfsg0/src/SMFWriter.cpp:199:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
SMFWriter::write_chunk_header(const char id[4], uint32_t length)
data/raul-0.8.0+dfsg0/src/SMFWriter.cpp:209:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
SMFWriter::write_chunk(const char id[4], uint32_t length, void* data)
data/raul-0.8.0+dfsg0/test/atom_test.cpp:10:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[buf_size] = "atomtest";
data/raul-0.8.0+dfsg0/test/midi_ringbuffer_test.cpp:17:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char write_buf[5];
data/raul-0.8.0+dfsg0/test/midi_ringbuffer_test.cpp:18:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char read_buf[5];
data/raul-0.8.0+dfsg0/test/ringbuffer_test.cpp:31:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[3];
data/raul-0.8.0+dfsg0/test/smf_test.cpp:35:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool opened = reader.open(filename);
data/raul-0.8.0+dfsg0/test/smf_test.cpp:49:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[4];
data/raul-0.8.0+dfsg0/test/table_test.cpp:37:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
benchmark(atoi(argv[2]));
data/raul-0.8.0+dfsg0/raul/Atom.hpp:153:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case STRING: return strlen(_string_val) + 1;
data/raul-0.8.0+dfsg0/raul/Atom.hpp:202:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
: _type_length(strlen(type) + 1) // + 1 for \0
data/raul-0.8.0+dfsg0/raul/EventRingBuffer.hpp:47:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(TimeStamp* time, size_t* size, uint8_t* buf);
data/raul-0.8.0+dfsg0/raul/EventRingBuffer.hpp:52:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
EventRingBuffer::read(TimeStamp* time, size_t* size, uint8_t* buf)
data/raul-0.8.0+dfsg0/raul/RingBuffer.hpp:94:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
uint32_t read(uint32_t size, void* dst);
data/raul-0.8.0+dfsg0/raul/RingBuffer.hpp:155:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
RingBuffer::read(uint32_t size, void* dst)
data/raul-0.8.0+dfsg0/raul/RingBuffer.hpp:178:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const uint32_t read_size = read(size, dst);
data/raul-0.8.0+dfsg0/raul/RingBuffer.hpp:181:3: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(size - read_size, (char*)dst + read_size);
data/raul-0.8.0+dfsg0/src/Configuration.cpp:122:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t len = strlen(argv[i]);
data/raul-0.8.0+dfsg0/src/SMFReader.cpp:232:15: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int status = fgetc(_fd);
data/raul-0.8.0+dfsg0/src/SMFReader.cpp:256:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
uint8_t type = fgetc(_fd);
data/raul-0.8.0+dfsg0/src/SMFReader.cpp:307:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (value = getc(fd)) & 0x80 ) {
data/raul-0.8.0+dfsg0/src/SMFReader.cpp:312:33: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
value = (value << 7) + ((c = getc(fd)) & 0x7F);
data/raul-0.8.0+dfsg0/test/midi_ringbuffer_test.cpp:21:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(reinterpret_cast<const char*>(write_buf));
data/raul-0.8.0+dfsg0/test/midi_ringbuffer_test.cpp:26:5: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rb.read(&t, &size, read_buf);
data/raul-0.8.0+dfsg0/test/queue_test.cpp:35:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inline void read() const {
data/raul-0.8.0+dfsg0/test/queue_test.cpp:150:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
action.read();
data/raul-0.8.0+dfsg0/test/queue_test.cpp:177:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
action.read();
data/raul-0.8.0+dfsg0/test/ringbuffer_test.cpp:32:5: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rb.read(3, buf);
data/raul-0.8.0+dfsg0/test/ringbuffer_test.cpp:39:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
size_t read = rb.read(3, buf);
data/raul-0.8.0+dfsg0/test/ringbuffer_test.cpp:40:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read < 3)
data/raul-0.8.0+dfsg0/test/ringbuffer_test.cpp:41:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rb.read(3 - read, buf + read);
data/raul-0.8.0+dfsg0/test/ringbuffer_test.cpp:41:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rb.read(3 - read, buf + read);
data/raul-0.8.0+dfsg0/test/ringbuffer_test.cpp:41:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rb.read(3 - read, buf + read);
ANALYSIS SUMMARY:
Hits = 58
Lines analyzed = 7603 in approximately 0.25 seconds (30077 lines/second)
Physical Source Lines of Code (SLOC) = 4518
Hits@level = [0] 8 [1] 24 [2] 31 [3] 2 [4] 1 [5] 0
Hits@level+ = [0+] 66 [1+] 58 [2+] 34 [3+] 3 [4+] 1 [5+] 0
Hits/KSLOC@level+ = [0+] 14.6082 [1+] 12.8375 [2+] 7.52545 [3+] 0.664011 [4+] 0.221337 [5+] 0
Symlinks skipped = 1 (--allowlink overrides but see doc for security issue)
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.