Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/ros-geometry-1.13.2/eigen_conversions/include/eigen_conversions/eigen_kdl.h Examining data/ros-geometry-1.13.2/eigen_conversions/include/eigen_conversions/eigen_msg.h Examining data/ros-geometry-1.13.2/eigen_conversions/src/eigen_kdl.cpp Examining data/ros-geometry-1.13.2/eigen_conversions/src/eigen_msg.cpp Examining data/ros-geometry-1.13.2/kdl_conversions/include/kdl_conversions/kdl_msg.h Examining data/ros-geometry-1.13.2/kdl_conversions/src/kdl_msg.cpp Examining data/ros-geometry-1.13.2/tf/include/tf/LinearMath/Matrix3x3.h Examining data/ros-geometry-1.13.2/tf/include/tf/LinearMath/MinMax.h Examining data/ros-geometry-1.13.2/tf/include/tf/LinearMath/QuadWord.h Examining data/ros-geometry-1.13.2/tf/include/tf/LinearMath/Quaternion.h Examining data/ros-geometry-1.13.2/tf/include/tf/LinearMath/Scalar.h Examining data/ros-geometry-1.13.2/tf/include/tf/LinearMath/Transform.h Examining data/ros-geometry-1.13.2/tf/include/tf/LinearMath/Vector3.h Examining data/ros-geometry-1.13.2/tf/include/tf/exceptions.h Examining data/ros-geometry-1.13.2/tf/include/tf/message_filter.h Examining data/ros-geometry-1.13.2/tf/include/tf/tf.h Examining data/ros-geometry-1.13.2/tf/include/tf/time_cache.h Examining data/ros-geometry-1.13.2/tf/include/tf/transform_broadcaster.h Examining data/ros-geometry-1.13.2/tf/include/tf/transform_datatypes.h Examining data/ros-geometry-1.13.2/tf/include/tf/transform_listener.h Examining data/ros-geometry-1.13.2/tf/src/cache.cpp Examining data/ros-geometry-1.13.2/tf/src/change_notifier.cpp Examining data/ros-geometry-1.13.2/tf/src/empty_listener.cpp Examining data/ros-geometry-1.13.2/tf/src/static_transform_publisher.cpp Examining data/ros-geometry-1.13.2/tf/src/tf.cpp Examining data/ros-geometry-1.13.2/tf/src/tf_echo.cpp Examining data/ros-geometry-1.13.2/tf/src/tf_monitor.cpp Examining data/ros-geometry-1.13.2/tf/src/transform_broadcaster.cpp Examining data/ros-geometry-1.13.2/tf/src/transform_listener.cpp Examining data/ros-geometry-1.13.2/tf/test/cache_unittest.cpp Examining data/ros-geometry-1.13.2/tf/test/operator_overload.cpp Examining data/ros-geometry-1.13.2/tf/test/quaternion.cpp Examining data/ros-geometry-1.13.2/tf/test/speed_test.cpp Examining data/ros-geometry-1.13.2/tf/test/testBroadcaster.cpp Examining data/ros-geometry-1.13.2/tf/test/testListener.cpp Examining data/ros-geometry-1.13.2/tf/test/test_message_filter.cpp Examining data/ros-geometry-1.13.2/tf/test/test_transform_datatypes.cpp Examining data/ros-geometry-1.13.2/tf/test/tf_benchmark.cpp Examining data/ros-geometry-1.13.2/tf/test/tf_unittest.cpp Examining data/ros-geometry-1.13.2/tf/test/tf_unittest_future.cpp Examining data/ros-geometry-1.13.2/tf/test/transform_listener_unittest.cpp Examining data/ros-geometry-1.13.2/tf/test/transform_twist_test.cpp Examining data/ros-geometry-1.13.2/tf/test/velocity_test.cpp Examining data/ros-geometry-1.13.2/tf_conversions/include/tf_conversions/tf_eigen.h Examining data/ros-geometry-1.13.2/tf_conversions/include/tf_conversions/tf_kdl.h Examining data/ros-geometry-1.13.2/tf_conversions/src/tf_eigen.cpp Examining data/ros-geometry-1.13.2/tf_conversions/src/tf_kdl.cpp Examining data/ros-geometry-1.13.2/tf_conversions/test/test_eigen_tf.cpp Examining data/ros-geometry-1.13.2/tf_conversions/test/test_kdl_tf.cpp FINAL RESULTS: data/ros-geometry-1.13.2/tf/test/cache_unittest.cpp:42:3: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(temp_time_struct.tv_usec); data/ros-geometry-1.13.2/tf/test/operator_overload.cpp:41:3: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(temp_time_struct.tv_usec); data/ros-geometry-1.13.2/tf/test/quaternion.cpp:45:3: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(temp_time_struct.tv_usec); data/ros-geometry-1.13.2/tf/test/tf_benchmark.cpp:41:3: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(temp_time_struct.tv_usec); data/ros-geometry-1.13.2/tf/test/tf_unittest.cpp:46:3: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(temp_time_struct.tv_usec); data/ros-geometry-1.13.2/tf/test/tf_unittest_future.cpp:14:3: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(temp_time_struct.tv_usec); data/ros-geometry-1.13.2/tf/test/transform_listener_unittest.cpp:40:3: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(temp_time_struct.tv_usec); data/ros-geometry-1.13.2/tf_conversions/test/test_eigen_tf.cpp:146:3: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand ( time(NULL) ); data/ros-geometry-1.13.2/tf_conversions/test/test_kdl_tf.cpp:200:3: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand ( time(NULL) ); data/ros-geometry-1.13.2/tf/test/testBroadcaster.cpp:95:7: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(1000); ANALYSIS SUMMARY: Hits = 10 Lines analyzed = 13517 in approximately 0.44 seconds (30817 lines/second) Physical Source Lines of Code (SLOC) = 8457 Hits@level = [0] 40 [1] 1 [2] 0 [3] 9 [4] 0 [5] 0 Hits@level+ = [0+] 50 [1+] 10 [2+] 9 [3+] 9 [4+] 0 [5+] 0 Hits/KSLOC@level+ = [0+] 5.91226 [1+] 1.18245 [2+] 1.06421 [3+] 1.06421 [4+] 0 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.