Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/skimage-0.17.2/skimage/_shared/fast_exp.h Examining data/skimage-0.17.2/skimage/_shared/vectorized_ops.h Examining data/skimage-0.17.2/skimage/feature/conditional_omp.h Examining data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h Examining data/skimage-0.17.2/skimage/measure/mc_meta/MarchingCubes.cpp Examining data/skimage-0.17.2/skimage/restoration/unwrap_2d_ljmu.c Examining data/skimage-0.17.2/skimage/restoration/unwrap_3d_ljmu.c FINAL RESULTS: data/skimage-0.17.2/skimage/restoration/unwrap_2d_ljmu.c:167:5: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(seed); data/skimage-0.17.2/skimage/restoration/unwrap_3d_ljmu.c:172:5: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(seed); data/skimage-0.17.2/skimage/_shared/fast_exp.h:23:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char t[8]; data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:44:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char cases[256][2] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:316:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char tiling1[16][3] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:348:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char tiling2[24][6] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:391:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char test3[24] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:429:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char tiling3_1[24][6] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:467:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char tiling3_2[24][12] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:512:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char test4[8] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:534:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char tiling4_1[8][6] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:556:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char tiling4_2[8][18] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:580:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char tiling5[48][9] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:651:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char test6[48][3] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:713:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char tiling6_1_1[48][9] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:775:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char tiling6_1_2[48][27] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:837:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char tiling6_2[48][15] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:915:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char test7[16][5] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:945:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char tiling7_1[16][9] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:975:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char tiling7_2[16][3][15] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1068:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char tiling7_3[16][3][27] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1161:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char tiling7_4_1[16][15] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1191:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char tiling7_4_2[16][27] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1223:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char tiling8[6][6] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1245:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char tiling9[8][12] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1278:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char test10[6][3] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1298:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char tiling10_1_1[6][12] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1318:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char tiling10_1_1_[6][12] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1338:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char tiling10_1_2[6][24] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1358:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char tiling10_2[6][24] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1378:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char tiling10_2_[6][24] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1400:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char tiling11[12][12] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1437:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char test12[24][4] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1475:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char tiling12_1_1[24][12] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1513:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char tiling12_1_1_[24][12] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1551:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char tiling12_1_2[24][24] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1589:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char tiling12_2[24][24] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1627:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char tiling12_2_[24][24] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1671:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char test13[2][7] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1692:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char subconfig13[64] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1772:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char tiling13_1[2][12] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1789:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char tiling13_1_[2][12] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1806:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char tiling13_2[2][6][18] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1836:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char tiling13_2_[2][6][18] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1866:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char tiling13_3[2][12][30] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1908:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char tiling13_3_[2][12][30] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1950:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char tiling13_4[2][4][36] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1977:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char tiling13_5_1[2][4][18] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:2003:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char tiling13_5_2[2][4][30] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:2031:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char tiling14[12][12] = { data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:2060:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char casesClassic[256][16] = { data/skimage-0.17.2/skimage/measure/mc_meta/MarchingCubes.cpp:798:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( _triangles, temp, _Ntrigs*sizeof(Triangle) ) ; data/skimage-0.17.2/skimage/measure/mc_meta/MarchingCubes.cpp:873:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( _vertices, temp, _Nverts*sizeof(Vertex) ) ; data/skimage-0.17.2/skimage/measure/mc_meta/MarchingCubes.cpp:1032:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[sizeof(float)] ; data/skimage-0.17.2/skimage/measure/mc_meta/MarchingCubes.cpp:1034:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen( fn, "wb" ) ; data/skimage-0.17.2/skimage/measure/mc_meta/MarchingCubes.cpp:1105:20: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen( fn, "w" ); data/skimage-0.17.2/skimage/measure/mc_meta/MarchingCubes.cpp:1182:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen( fn, "r" ); data/skimage-0.17.2/skimage/measure/mc_meta/MarchingCubes.cpp:1280:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen( fn, "w" ) ; ANALYSIS SUMMARY: Hits = 58 Lines analyzed = 5704 in approximately 0.36 seconds (15932 lines/second) Physical Source Lines of Code (SLOC) = 4270 Hits@level = [0] 26 [1] 0 [2] 56 [3] 2 [4] 0 [5] 0 Hits@level+ = [0+] 84 [1+] 58 [2+] 58 [3+] 2 [4+] 0 [5+] 0 Hits/KSLOC@level+ = [0+] 19.6721 [1+] 13.5831 [2+] 13.5831 [3+] 0.468384 [4+] 0 [5+] 0 Dot directories skipped = 3 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.