Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/skimage-0.17.2/skimage/_shared/fast_exp.h
Examining data/skimage-0.17.2/skimage/_shared/vectorized_ops.h
Examining data/skimage-0.17.2/skimage/feature/conditional_omp.h
Examining data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h
Examining data/skimage-0.17.2/skimage/measure/mc_meta/MarchingCubes.cpp
Examining data/skimage-0.17.2/skimage/restoration/unwrap_2d_ljmu.c
Examining data/skimage-0.17.2/skimage/restoration/unwrap_3d_ljmu.c
FINAL RESULTS:
data/skimage-0.17.2/skimage/restoration/unwrap_2d_ljmu.c:167:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(seed);
data/skimage-0.17.2/skimage/restoration/unwrap_3d_ljmu.c:172:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(seed);
data/skimage-0.17.2/skimage/_shared/fast_exp.h:23:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char t[8];
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:44:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char cases[256][2] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:316:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char tiling1[16][3] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:348:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char tiling2[24][6] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:391:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char test3[24] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:429:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char tiling3_1[24][6] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:467:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char tiling3_2[24][12] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:512:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char test4[8] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:534:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char tiling4_1[8][6] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:556:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char tiling4_2[8][18] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:580:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char tiling5[48][9] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:651:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char test6[48][3] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:713:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char tiling6_1_1[48][9] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:775:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char tiling6_1_2[48][27] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:837:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char tiling6_2[48][15] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:915:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char test7[16][5] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:945:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char tiling7_1[16][9] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:975:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char tiling7_2[16][3][15] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1068:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char tiling7_3[16][3][27] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1161:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char tiling7_4_1[16][15] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1191:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char tiling7_4_2[16][27] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1223:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char tiling8[6][6] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1245:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char tiling9[8][12] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1278:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char test10[6][3] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1298:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char tiling10_1_1[6][12] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1318:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char tiling10_1_1_[6][12] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1338:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char tiling10_1_2[6][24] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1358:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char tiling10_2[6][24] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1378:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char tiling10_2_[6][24] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1400:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char tiling11[12][12] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1437:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char test12[24][4] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1475:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char tiling12_1_1[24][12] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1513:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char tiling12_1_1_[24][12] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1551:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char tiling12_1_2[24][24] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1589:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char tiling12_2[24][24] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1627:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char tiling12_2_[24][24] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1671:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char test13[2][7] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1692:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char subconfig13[64] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1772:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char tiling13_1[2][12] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1789:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char tiling13_1_[2][12] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1806:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char tiling13_2[2][6][18] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1836:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char tiling13_2_[2][6][18] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1866:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char tiling13_3[2][12][30] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1908:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char tiling13_3_[2][12][30] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1950:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char tiling13_4[2][4][36] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:1977:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char tiling13_5_1[2][4][18] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:2003:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char tiling13_5_2[2][4][30] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:2031:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char tiling14[12][12] = {
data/skimage-0.17.2/skimage/measure/mc_meta/LookUpTable.h:2060:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char casesClassic[256][16] = {
data/skimage-0.17.2/skimage/measure/mc_meta/MarchingCubes.cpp:798:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( _triangles, temp, _Ntrigs*sizeof(Triangle) ) ;
data/skimage-0.17.2/skimage/measure/mc_meta/MarchingCubes.cpp:873:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( _vertices, temp, _Nverts*sizeof(Vertex) ) ;
data/skimage-0.17.2/skimage/measure/mc_meta/MarchingCubes.cpp:1032:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[sizeof(float)] ;
data/skimage-0.17.2/skimage/measure/mc_meta/MarchingCubes.cpp:1034:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen( fn, "wb" ) ;
data/skimage-0.17.2/skimage/measure/mc_meta/MarchingCubes.cpp:1105:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen( fn, "w" );
data/skimage-0.17.2/skimage/measure/mc_meta/MarchingCubes.cpp:1182:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen( fn, "r" );
data/skimage-0.17.2/skimage/measure/mc_meta/MarchingCubes.cpp:1280:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen( fn, "w" ) ;
ANALYSIS SUMMARY:
Hits = 58
Lines analyzed = 5704 in approximately 0.36 seconds (15932 lines/second)
Physical Source Lines of Code (SLOC) = 4270
Hits@level = [0] 26 [1] 0 [2] 56 [3] 2 [4] 0 [5] 0
Hits@level+ = [0+] 84 [1+] 58 [2+] 58 [3+] 2 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 19.6721 [1+] 13.5831 [2+] 13.5831 [3+] 0.468384 [4+] 0 [5+] 0
Dot directories skipped = 3 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.