Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/wfmath-1.0.2+dfsg1/atlas/atlas_0_6_test.cpp
Examining data/wfmath-1.0.2+dfsg1/doc/shape.h
Examining data/wfmath-1.0.2+dfsg1/wfmath/atlasconv.h
Examining data/wfmath-1.0.2+dfsg1/wfmath/axisbox.cpp
Examining data/wfmath-1.0.2+dfsg1/wfmath/axisbox.h
Examining data/wfmath-1.0.2+dfsg1/wfmath/axisbox_funcs.h
Examining data/wfmath-1.0.2+dfsg1/wfmath/ball.cpp
Examining data/wfmath-1.0.2+dfsg1/wfmath/ball.h
Examining data/wfmath-1.0.2+dfsg1/wfmath/ball_funcs.h
Examining data/wfmath-1.0.2+dfsg1/wfmath/ball_test.cpp
Examining data/wfmath-1.0.2+dfsg1/wfmath/basis.h
Examining data/wfmath-1.0.2+dfsg1/wfmath/const.cpp
Examining data/wfmath-1.0.2+dfsg1/wfmath/const.h
Examining data/wfmath-1.0.2+dfsg1/wfmath/const_test.cpp
Examining data/wfmath-1.0.2+dfsg1/wfmath/error.h
Examining data/wfmath-1.0.2+dfsg1/wfmath/general_test.h
Examining data/wfmath-1.0.2+dfsg1/wfmath/int_to_string.cpp
Examining data/wfmath-1.0.2+dfsg1/wfmath/int_to_string.h
Examining data/wfmath-1.0.2+dfsg1/wfmath/intersect.cpp
Examining data/wfmath-1.0.2+dfsg1/wfmath/intersect.h
Examining data/wfmath-1.0.2+dfsg1/wfmath/intersect_decls.h
Examining data/wfmath-1.0.2+dfsg1/wfmath/intstring_test.cpp
Examining data/wfmath-1.0.2+dfsg1/wfmath/line.cpp
Examining data/wfmath-1.0.2+dfsg1/wfmath/line.h
Examining data/wfmath-1.0.2+dfsg1/wfmath/line_funcs.h
Examining data/wfmath-1.0.2+dfsg1/wfmath/line_test.cpp
Examining data/wfmath-1.0.2+dfsg1/wfmath/miniball.h
Examining data/wfmath-1.0.2+dfsg1/wfmath/miniball_funcs.h
Examining data/wfmath-1.0.2+dfsg1/wfmath/point.cpp
Examining data/wfmath-1.0.2+dfsg1/wfmath/point.h
Examining data/wfmath-1.0.2+dfsg1/wfmath/point_funcs.h
Examining data/wfmath-1.0.2+dfsg1/wfmath/point_test.cpp
Examining data/wfmath-1.0.2+dfsg1/wfmath/polygon.cpp
Examining data/wfmath-1.0.2+dfsg1/wfmath/polygon.h
Examining data/wfmath-1.0.2+dfsg1/wfmath/polygon_funcs.h
Examining data/wfmath-1.0.2+dfsg1/wfmath/polygon_intersect.cpp
Examining data/wfmath-1.0.2+dfsg1/wfmath/polygon_intersect.h
Examining data/wfmath-1.0.2+dfsg1/wfmath/polygon_test.cpp
Examining data/wfmath-1.0.2+dfsg1/wfmath/probability.cpp
Examining data/wfmath-1.0.2+dfsg1/wfmath/probability.h
Examining data/wfmath-1.0.2+dfsg1/wfmath/probability_test.cpp
Examining data/wfmath-1.0.2+dfsg1/wfmath/quaternion.cpp
Examining data/wfmath-1.0.2+dfsg1/wfmath/quaternion.h
Examining data/wfmath-1.0.2+dfsg1/wfmath/quaternion_test.cpp
Examining data/wfmath-1.0.2+dfsg1/wfmath/randgen.h
Examining data/wfmath-1.0.2+dfsg1/wfmath/rotbox.cpp
Examining data/wfmath-1.0.2+dfsg1/wfmath/rotbox.h
Examining data/wfmath-1.0.2+dfsg1/wfmath/rotbox_funcs.h
Examining data/wfmath-1.0.2+dfsg1/wfmath/rotmatrix.cpp
Examining data/wfmath-1.0.2+dfsg1/wfmath/rotmatrix.h
Examining data/wfmath-1.0.2+dfsg1/wfmath/rotmatrix_funcs.h
Examining data/wfmath-1.0.2+dfsg1/wfmath/rotmatrix_test.cpp
Examining data/wfmath-1.0.2+dfsg1/wfmath/segment.cpp
Examining data/wfmath-1.0.2+dfsg1/wfmath/segment.h
Examining data/wfmath-1.0.2+dfsg1/wfmath/segment_funcs.h
Examining data/wfmath-1.0.2+dfsg1/wfmath/shape_test.cpp
Examining data/wfmath-1.0.2+dfsg1/wfmath/shape_test.h
Examining data/wfmath-1.0.2+dfsg1/wfmath/shuffle.h
Examining data/wfmath-1.0.2+dfsg1/wfmath/stream.h
Examining data/wfmath-1.0.2+dfsg1/wfmath/timestamp.cpp
Examining data/wfmath-1.0.2+dfsg1/wfmath/timestamp.h
Examining data/wfmath-1.0.2+dfsg1/wfmath/timestamp_test.cpp
Examining data/wfmath-1.0.2+dfsg1/wfmath/vector.cpp
Examining data/wfmath-1.0.2+dfsg1/wfmath/vector.h
Examining data/wfmath-1.0.2+dfsg1/wfmath/vector_funcs.h
Examining data/wfmath-1.0.2+dfsg1/wfmath/vector_test.cpp
Examining data/wfmath-1.0.2+dfsg1/wfmath/wfmath.h
Examining data/wfmath-1.0.2+dfsg1/wfmath/wrapped_array.h
Examining data/wfmath-1.0.2+dfsg1/wfmath/zero.h
Examining data/wfmath-1.0.2+dfsg1/wfmath/MersenneTwister.h
Examining data/wfmath-1.0.2+dfsg1/wfmath/randgen.cpp
Examining data/wfmath-1.0.2+dfsg1/wfmath/randgen_test.cpp
Examining data/wfmath-1.0.2+dfsg1/wfmath/stream.cpp
FINAL RESULTS:
data/wfmath-1.0.2+dfsg1/wfmath/int_to_string.cpp:15:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char digits[10] = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9'};
data/wfmath-1.0.2+dfsg1/wfmath/int_to_string.cpp:44:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[bufsize];
data/wfmath-1.0.2+dfsg1/wfmath/int_to_string.cpp:70:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[bufsize];
data/wfmath-1.0.2+dfsg1/wfmath/intstring_test.cpp:52:12: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
assert(atol(IntToString(val2).c_str()) == val2);
data/wfmath-1.0.2+dfsg1/wfmath/randgen.cpp:115:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* urandom = fopen( "/dev/urandom", "rb" );
data/wfmath-1.0.2+dfsg1/wfmath/timestamp.cpp:144:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&i, &fileTime, sizeof(LARGE_INTEGER));
data/wfmath-1.0.2+dfsg1/wfmath/stream.cpp:81:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
b.read(ist);
data/wfmath-1.0.2+dfsg1/wfmath/stream.h:57:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual void read(std::istream& is) = 0;
data/wfmath-1.0.2+dfsg1/wfmath/stream.h:73:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual void read(std::istream& is) {is >> m_data;}
data/wfmath-1.0.2+dfsg1/wfmath/stream.h:333:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_PolyReader<dim> read;
data/wfmath-1.0.2+dfsg1/wfmath/stream.h:349:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
is >> read.pd;
data/wfmath-1.0.2+dfsg1/wfmath/stream.h:350:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read_list.push_back(read);
ANALYSIS SUMMARY:
Hits = 12
Lines analyzed = 15106 in approximately 0.34 seconds (44669 lines/second)
Physical Source Lines of Code (SLOC) = 9069
Hits@level = [0] 4 [1] 6 [2] 6 [3] 0 [4] 0 [5] 0
Hits@level+ = [0+] 16 [1+] 12 [2+] 6 [3+] 0 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 1.76425 [1+] 1.32319 [2+] 0.661594 [3+] 0 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.