stdin

Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/Candidate.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/Candidate.h
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/CandidateRepository.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/CandidateRepository.h
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/Character.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/Character.h
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/CharacterRepository.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/CharacterRepository.h
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/ClangCompleter/ClangCompleter.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/ClangCompleter/ClangCompleter.h
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/ClangCompleter/ClangHelpers.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/ClangCompleter/ClangHelpers.h
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/ClangCompleter/ClangUtils.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/ClangCompleter/ClangUtils.h
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/ClangCompleter/CompilationDatabase.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/ClangCompleter/CompilationDatabase.h
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/ClangCompleter/CompletionData.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/ClangCompleter/CompletionData.h
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/ClangCompleter/Diagnostic.h
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/ClangCompleter/Documentation.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/ClangCompleter/Documentation.h
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/ClangCompleter/FixIt.h
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/ClangCompleter/Location.h
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/ClangCompleter/Range.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/ClangCompleter/Range.h
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/ClangCompleter/TranslationUnit.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/ClangCompleter/TranslationUnit.h
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/ClangCompleter/TranslationUnitStore.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/ClangCompleter/TranslationUnitStore.h
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/ClangCompleter/UnsavedFile.h
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/CodePoint.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/CodePoint.h
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/CodePointRepository.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/CodePointRepository.h
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/IdentifierCompleter.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/IdentifierCompleter.h
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/IdentifierDatabase.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/IdentifierDatabase.h
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/IdentifierUtils.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/IdentifierUtils.h
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/PythonSupport.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/PythonSupport.h
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/Result.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/Result.h
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/Utils.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/Utils.h
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/Word.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/Word.h
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/benchmarks/BenchUtils.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/benchmarks/BenchUtils.h
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/benchmarks/IdentifierCompleter_bench.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/benchmarks/PythonSupport_bench.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/benchmarks/main.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/tests/CandidateRepository_test.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/tests/Candidate_test.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/tests/CharacterRepository_test.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/tests/Character_test.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/tests/ClangCompleter/ClangCompleter_test.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/tests/ClangCompleter/TranslationUnit_test.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/tests/CodePointRepository_test.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/tests/CodePoint_test.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/tests/IdentifierCompleter_test.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/tests/IdentifierUtils_test.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/tests/Normalization_test.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/tests/TestUtils.h
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/tests/Utils_test.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/tests/Word_test.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/tests/main.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/tests/testdata/SWObject.h
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/tests/testdata/basic.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/tests/testdata/goto.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/tests/TestUtils.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/versioning.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/versioning.h
Examining data/ycmd-0+20201028+git1d415c5+ds/cpp/ycm/ycm_core.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/examples/samples/some_cpp.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/bindings/testdata/foo.c
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clang/testdata/FixIt_Clang_cpp11.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clang/testdata/GetDoc_Clang.cc
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clang/testdata/GetParent_Clang_test.cc
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clang/testdata/GetType_Clang_test.cc
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clang/testdata/GoTo_Clang_ZeroBasedLineAndColumn_test.cc
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clang/testdata/GoTo_all_Clang_test.cc
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clang/testdata/basic.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clang/testdata/cache_test/foo.h
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clang/testdata/client_data/include.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clang/testdata/client_data/include.hpp
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clang/testdata/client_data/macro.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clang/testdata/client_data/main.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clang/testdata/completion_availability.cc
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clang/testdata/completion_docstring.cc
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clang/testdata/completion_fixit.cc
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clang/testdata/cuda/cuda.h
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clang/testdata/driver_mode_cl/executable/driver_mode_cl.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clang/testdata/driver_mode_cl/executable/driver_mode_cl_include/driver_mode_cl_include.h
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clang/testdata/driver_mode_cl/flag/driver_mode_cl.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clang/testdata/driver_mode_cl/flag/driver_mode_cl_include/driver_mode_cl_include.h
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clang/testdata/general_fallback/lang_c.c
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clang/testdata/general_fallback/lang_cpp.cc
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clang/testdata/get_doc/include/test.hpp
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clang/testdata/get_doc/test.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clang/testdata/location_extent.cc
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clang/testdata/max_diagnostics.cc
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clang/testdata/multiple_missing_includes.cc
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clang/testdata/noflags/basic.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clang/testdata/test-include/Frameworks/OpenGL.framework/Headers/gl.h
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clang/testdata/test-include/Frameworks/common.framework/Headers/dummy.h
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clang/testdata/test-include/a.hpp
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clang/testdata/test-include/dir with spaces/d.hpp
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clang/testdata/test-include/main.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clang/testdata/test-include/quote/b.hpp
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clang/testdata/test-include/system/a.hpp
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clang/testdata/test-include/system/c.hpp
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clang/testdata/unicode.cc
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clang/testdata/unity.cc
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clang/testdata/unity.h
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clang/testdata/unitya.cc
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clangd/testdata/FixIt_Clang_cpp11.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clangd/testdata/GetDoc_Clang_test.cc
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clangd/testdata/GetType_Clang_test.cc
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clangd/testdata/GoTo_Clang_ZeroBasedLineAndColumn_test.cc
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clangd/testdata/basic.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clangd/testdata/cuda/cuda.h
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clangd/testdata/docstring.h
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clangd/testdata/driver_mode_cl/executable/driver_mode_cl.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clangd/testdata/driver_mode_cl/executable/driver_mode_cl_include/driver_mode_cl_include.h
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clangd/testdata/driver_mode_cl/flag/driver_mode_cl.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clangd/testdata/driver_mode_cl/flag/driver_mode_cl_include/driver_mode_cl_include.h
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clangd/testdata/extra_conf/bar.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clangd/testdata/extra_conf/foo.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clangd/testdata/extra_conf/include/foo.h
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clangd/testdata/extra_conf/subdir/include/bar.h
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clangd/testdata/general_fallback/lang_c.c
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clangd/testdata/general_fallback/lang_cpp.cc
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clangd/testdata/general_fallback/make_drink.cc
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clangd/testdata/general_fallback/make_drink.h
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clangd/testdata/goto.cc
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clangd/testdata/location_extent.cc
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clangd/testdata/max_diagnostics.cc
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clangd/testdata/multiple_missing_includes.cc
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clangd/testdata/template.cc
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clangd/testdata/test-include/a.hpp
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clangd/testdata/test-include/dir with spaces/d.hpp
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clangd/testdata/test-include/main.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clangd/testdata/test-include/quote/b.hpp
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clangd/testdata/test-include/system/a.hpp
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clangd/testdata/test-include/system/c.hpp
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clangd/testdata/unicode.cc
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/testdata/filename_completer/inner_dir/test.cpp
Examining data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/testdata/filename_completer/inner_dir/test.hpp

FINAL RESULTS:

data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clang/testdata/test-include/main.cpp:12:11:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
#include <system/
data/ycmd-0+20201028+git1d415c5+ds/ycmd/tests/clangd/testdata/test-include/main.cpp:10:11:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
#include <system/

ANALYSIS SUMMARY:

Hits = 2
Lines analyzed = 10205 in approximately 0.25 seconds (40629 lines/second)
Physical Source Lines of Code (SLOC) = 6230
Hits@level = [0]   0 [1]   0 [2]   0 [3]   0 [4]   2 [5]   0
Hits@level+ = [0+]   2 [1+]   2 [2+]   2 [3+]   2 [4+]   2 [5+]   0
Hits/KSLOC@level+ = [0+] 0.321027 [1+] 0.321027 [2+] 0.321027 [3+] 0.321027 [4+] 0.321027 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.