Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/ros-common-msgs-1.13.0/sensor_msgs/include/sensor_msgs/distortion_models.h Examining data/ros-common-msgs-1.13.0/sensor_msgs/include/sensor_msgs/fill_image.h Examining data/ros-common-msgs-1.13.0/sensor_msgs/include/sensor_msgs/image_encodings.h Examining data/ros-common-msgs-1.13.0/sensor_msgs/include/sensor_msgs/impl/point_cloud2_iterator.h Examining data/ros-common-msgs-1.13.0/sensor_msgs/include/sensor_msgs/point_cloud2_iterator.h Examining data/ros-common-msgs-1.13.0/sensor_msgs/include/sensor_msgs/point_cloud_conversion.h Examining data/ros-common-msgs-1.13.0/sensor_msgs/include/sensor_msgs/point_field_conversion.h Examining data/ros-common-msgs-1.13.0/sensor_msgs/test/main.cpp Examining data/ros-common-msgs-1.13.0/sensor_msgs/test/test_image_encodings.cpp FINAL RESULTS: data/ros-common-msgs-1.13.0/sensor_msgs/include/sensor_msgs/fill_image.h:57:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&image.data[0], data_arg, st0); data/ros-common-msgs-1.13.0/sensor_msgs/include/sensor_msgs/image_encodings.h:170:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int n_channel = atoi(encoding.substr(prefix.size(), data/ros-common-msgs-1.13.0/sensor_msgs/include/sensor_msgs/image_encodings.h:217:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). return atoi(prefix.c_str()); // ex. 8UC -> 8 data/ros-common-msgs-1.13.0/sensor_msgs/include/sensor_msgs/image_encodings.h:218:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int n_channel = atoi(encoding.substr(prefix.size(), data/ros-common-msgs-1.13.0/sensor_msgs/include/sensor_msgs/image_encodings.h:221:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). return atoi(prefix.c_str()); // valid encoding string data/ros-common-msgs-1.13.0/sensor_msgs/include/sensor_msgs/point_cloud_conversion.h:98:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&output.data[cp * output.point_step + output.fields[0].offset], &input.points[cp].x, sizeof (float)); data/ros-common-msgs-1.13.0/sensor_msgs/include/sensor_msgs/point_cloud_conversion.h:99:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&output.data[cp * output.point_step + output.fields[1].offset], &input.points[cp].y, sizeof (float)); data/ros-common-msgs-1.13.0/sensor_msgs/include/sensor_msgs/point_cloud_conversion.h:100:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&output.data[cp * output.point_step + output.fields[2].offset], &input.points[cp].z, sizeof (float)); data/ros-common-msgs-1.13.0/sensor_msgs/include/sensor_msgs/point_cloud_conversion.h:105:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&output.data[cp * output.point_step + output.fields[3 + d].offset], &input.channels[d].values[cp], sizeof (float)); ANALYSIS SUMMARY: Hits = 9 Lines analyzed = 1622 in approximately 0.09 seconds (18114 lines/second) Physical Source Lines of Code (SLOC) = 809 Hits@level = [0] 0 [1] 0 [2] 9 [3] 0 [4] 0 [5] 0 Hits@level+ = [0+] 9 [1+] 9 [2+] 9 [3+] 0 [4+] 0 [5+] 0 Hits/KSLOC@level+ = [0+] 11.1248 [1+] 11.1248 [2+] 11.1248 [3+] 0 [4+] 0 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.