Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/tasklist.c
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/syntax_extension.h
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/commonmarker.c
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/html.h
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/utf8.h
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/cmark.c
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/parser.h
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/cmark-gfm_version.h
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/config.h
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/iterator.h
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/houdini_html_u.c
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/linked_list.c
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/footnotes.c
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/ext_scanners.h
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/ext_scanners.c
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/commonmarker.h
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/latex.c
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/syntax_extension.c
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/html.c
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/cmark-gfm.h
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/references.c
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/cmark-gfm-core-extensions.h
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/houdini.h
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/autolink.c
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/xml.c
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/cmark-gfm_export.h
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/man.c
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/iterator.c
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/houdini_href_e.c
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/chunk.h
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/buffer.h
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/inlines.c
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/cmark_ctype.c
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/render.c
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/node.c
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/blocks.c
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/tagfilter.c
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/cmark-gfm-extension_api.h
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/strikethrough.h
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/table.h
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/buffer.c
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/plaintext.c
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/registry.h
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/tasklist.h
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/commonmark.c
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/map.h
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/core-extensions.c
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/arena.c
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/scanners.c
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/scanners.h
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/cmark_ctype.h
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/registry.c
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/strikethrough.c
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/footnotes.h
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/references.h
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/node.h
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/render.h
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/plugin.h
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/inlines.h
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/houdini_html_e.c
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/cmark-gfm-extensions_export.h
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/table.c
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/utf8.c
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/tagfilter.h
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/autolink.h
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/plugin.c
Examining data/ruby-commonmarker-0.21.0/ext/commonmarker/map.c
FINAL RESULTS:
data/ruby-commonmarker-0.21.0/ext/commonmarker/config.h:43:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf c99_snprintf
data/ruby-commonmarker-0.21.0/ext/commonmarker/config.h:44:9: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define vsnprintf c99_vsnprintf
data/ruby-commonmarker-0.21.0/ext/commonmarker/syntax_extension.c:25:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(res->name, name);
data/ruby-commonmarker-0.21.0/ext/commonmarker/arena.c:90:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_ptr, ptr, ((size_t *) ptr)[-1]);
data/ruby-commonmarker-0.21.0/ext/commonmarker/autolink.c:29:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (link_len > len && strncasecmp((char *)link, valid_uris[i], len) == 0 &&
data/ruby-commonmarker-0.21.0/ext/commonmarker/blocks.c:488:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char n[32];
data/ruby-commonmarker-0.21.0/ext/commonmarker/blocks.c:639:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[4096];
data/ruby-commonmarker-0.21.0/ext/commonmarker/blocks.c:1249:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&((*container)->as.list), data, sizeof(*data));
data/ruby-commonmarker-0.21.0/ext/commonmarker/blocks.c:1256:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&((*container)->as.list), data, sizeof(*data));
data/ruby-commonmarker-0.21.0/ext/commonmarker/buffer.c:17:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmark_strbuf__initbuf[1];
data/ruby-commonmarker-0.21.0/ext/commonmarker/chunk.h:70:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(str, c->data, c->len);
data/ruby-commonmarker-0.21.0/ext/commonmarker/chunk.h:90:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(c->data, str, c->len + 1);
data/ruby-commonmarker-0.21.0/ext/commonmarker/commonmark.c:32:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char encoded[ENCODED_SIZE];
data/ruby-commonmarker-0.21.0/ext/commonmarker/commonmark.c:180:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fencechar[2] = {'\0', '\0'};
data/ruby-commonmarker-0.21.0/ext/commonmarker/commonmark.c:182:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char listmarker[LISTMARKER_SIZE];
data/ruby-commonmarker-0.21.0/ext/commonmarker/commonmark.c:489:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char n[32];
data/ruby-commonmarker-0.21.0/ext/commonmarker/houdini_html_u.c:16:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
strncmp((const char *)s, (const char *)cmark_entities[i].entity, len);
data/ruby-commonmarker-0.21.0/ext/commonmarker/houdini_html_u.c:16:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
strncmp((const char *)s, (const char *)cmark_entities[i].entity, len);
data/ruby-commonmarker-0.21.0/ext/commonmarker/houdini_html_u.c:18:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
return (const unsigned char *)cmark_entities[i].bytes;
data/ruby-commonmarker-0.21.0/ext/commonmarker/html.c:68:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char n[32];
data/ruby-commonmarker-0.21.0/ext/commonmarker/html.c:87:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFFER_SIZE];
data/ruby-commonmarker-0.21.0/ext/commonmarker/html.c:399:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char n[32];
data/ruby-commonmarker-0.21.0/ext/commonmarker/html.h:17:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFFER_SIZE];
data/ruby-commonmarker-0.21.0/ext/commonmarker/inlines.c:122:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(c.data, src->data, len);
data/ruby-commonmarker-0.21.0/ext/commonmarker/inlines.c:1505:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
return (char *) memcpy (result, s, len);
data/ruby-commonmarker-0.21.0/ext/commonmarker/latex.c:226:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char list_number_string[LIST_NUMBER_STRING_SIZE];
data/ruby-commonmarker-0.21.0/ext/commonmarker/man.c:132:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char list_number_s[LIST_NUMBER_SIZE];
data/ruby-commonmarker-0.21.0/ext/commonmarker/plaintext.c:40:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char listmarker[LISTMARKER_SIZE];
data/ruby-commonmarker-0.21.0/ext/commonmarker/plaintext.c:206:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char n[32];
data/ruby-commonmarker-0.21.0/ext/commonmarker/strikethrough.c:12:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[101];
data/ruby-commonmarker-0.21.0/ext/commonmarker/table.c:784:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(a, alignments, ncols);
data/ruby-commonmarker-0.21.0/ext/commonmarker/xml.c:40:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFFER_SIZE];
data/ruby-commonmarker-0.21.0/ext/commonmarker/autolink.c:27:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(valid_uris[i]);
data/ruby-commonmarker-0.21.0/ext/commonmarker/autolink.c:160:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (size < 4 || memcmp(data, "www.", strlen("www.")) != 0)
data/ruby-commonmarker-0.21.0/ext/commonmarker/autolink.c:220:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
link_end = strlen("://");
data/ruby-commonmarker-0.21.0/ext/commonmarker/buffer.c:98:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string ? (bufsize_t)strlen(string) : 0);
data/ruby-commonmarker-0.21.0/ext/commonmarker/buffer.c:119:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmark_strbuf_put(buf, (const unsigned char *)string, (bufsize_t)strlen(string));
data/ruby-commonmarker-0.21.0/ext/commonmarker/chunk.h:87:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c->len = (bufsize_t)strlen(str);
data/ruby-commonmarker-0.21.0/ext/commonmarker/chunk.h:98:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bufsize_t len = data ? (bufsize_t)strlen(data) : 0;
data/ruby-commonmarker-0.21.0/ext/commonmarker/commonmark.c:65:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
renderer->column += (int)strlen(encoded);
data/ruby-commonmarker-0.21.0/ext/commonmarker/commonmark.c:76:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t code_len = strlen(code);
data/ruby-commonmarker-0.21.0/ext/commonmarker/commonmark.c:97:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t code_len = strlen(code);
data/ruby-commonmarker-0.21.0/ext/commonmarker/commonmark.c:250:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
marker_width = (bufsize_t)strlen(listmarker);
data/ruby-commonmarker-0.21.0/ext/commonmarker/commonmark.c:292:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
info_len = strlen(info);
data/ruby-commonmarker-0.21.0/ext/commonmarker/commonmark.c:295:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
code_len = strlen(code);
data/ruby-commonmarker-0.21.0/ext/commonmarker/commonmark.c:378:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
code_len = strlen(code);
data/ruby-commonmarker-0.21.0/ext/commonmarker/commonmark.c:451:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(title) > 0) {
data/ruby-commonmarker-0.21.0/ext/commonmarker/commonmark.c:468:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(title) > 0) {
data/ruby-commonmarker-0.21.0/ext/commonmarker/inlines.c:1495:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen (s);
data/ruby-commonmarker-0.21.0/ext/commonmarker/latex.c:172:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
url_len = strlen(url);
data/ruby-commonmarker-0.21.0/ext/commonmarker/latex.c:178:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
title_len = strlen(title);
data/ruby-commonmarker-0.21.0/ext/commonmarker/plaintext.c:95:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
marker_width = (bufsize_t)strlen(listmarker);
data/ruby-commonmarker-0.21.0/ext/commonmarker/render.c:25:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int length = (int)strlen(source);
data/ruby-commonmarker-0.21.0/ext/commonmarker/syntax_extension.c:24:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
res->name = (char *) _mem->calloc(1, sizeof(char) * (strlen(name)) + 1);
data/ruby-commonmarker-0.21.0/ext/commonmarker/table.c:219:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)strlen(parent_string));
data/ruby-commonmarker-0.21.0/ext/commonmarker/table.c:242:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)strlen(parent_string));
data/ruby-commonmarker-0.21.0/ext/commonmarker/table.c:285:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
table_header->end_column = parent_container->start_column + (int)strlen(parent_string) - 2;
data/ruby-commonmarker-0.21.0/ext/commonmarker/table.c:308:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)strlen((char *)input) - 1 - cmark_parser_get_offset(parser), false);
ANALYSIS SUMMARY:
Hits = 58
Lines analyzed = 25678 in approximately 0.60 seconds (42535 lines/second)
Physical Source Lines of Code (SLOC) = 21767
Hits@level = [0] 23 [1] 26 [2] 29 [3] 0 [4] 3 [5] 0
Hits@level+ = [0+] 81 [1+] 58 [2+] 32 [3+] 3 [4+] 3 [5+] 0
Hits/KSLOC@level+ = [0+] 3.72123 [1+] 2.66458 [2+] 1.47012 [3+] 0.137823 [4+] 0.137823 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.