Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/rev-plugins-0.7.1/zreverb.cc
Examining data/rev-plugins-0.7.1/zreverb.h
Examining data/rev-plugins-0.7.1/pareq.h
Examining data/rev-plugins-0.7.1/reverbs.h
Examining data/rev-plugins-0.7.1/reverbs.cc
Examining data/rev-plugins-0.7.1/ladspaplugin.h
Examining data/rev-plugins-0.7.1/pareq.cc
Examining data/rev-plugins-0.7.1/ladspa.h
Examining data/rev-plugins-0.7.1/reverbs_if.cc
FINAL RESULTS:
data/rev-plugins-0.7.1/reverbs_if.cc:102:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * const pname1 [Ladspa_zita_reverb::NPORT] =
data/rev-plugins-0.7.1/reverbs_if.cc:172:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * const pname2 [Ladspa_zita_reverb_amb::NPORT] =
data/rev-plugins-0.7.1/zreverb.cc:360:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
x0 = _diff1 [0].process (_delay [0].read () + t);
data/rev-plugins-0.7.1/zreverb.cc:361:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
x1 = _diff1 [1].process (_delay [1].read () + t);
data/rev-plugins-0.7.1/zreverb.cc:362:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
x2 = _diff1 [2].process (_delay [2].read () - t);
data/rev-plugins-0.7.1/zreverb.cc:363:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
x3 = _diff1 [3].process (_delay [3].read () - t);
data/rev-plugins-0.7.1/zreverb.cc:365:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
x4 = _diff1 [4].process (_delay [4].read () + t);
data/rev-plugins-0.7.1/zreverb.cc:366:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
x5 = _diff1 [5].process (_delay [5].read () + t);
data/rev-plugins-0.7.1/zreverb.cc:367:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
x6 = _diff1 [6].process (_delay [6].read () - t);
data/rev-plugins-0.7.1/zreverb.cc:368:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
x7 = _diff1 [7].process (_delay [7].read () - t);
data/rev-plugins-0.7.1/zreverb.h:115:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
float read (void)
ANALYSIS SUMMARY:
Hits = 11
Lines analyzed = 2123 in approximately 0.07 seconds (30993 lines/second)
Physical Source Lines of Code (SLOC) = 1163
Hits@level = [0] 0 [1] 9 [2] 2 [3] 0 [4] 0 [5] 0
Hits@level+ = [0+] 11 [1+] 11 [2+] 2 [3+] 0 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 9.4583 [1+] 9.4583 [2+] 1.71969 [3+] 0 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.