Giters

david-a-wheeler / flawfinder

a static analysis tool for finding vulnerabilities in C/C++ source code

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Declaration of simple C++ method named "read()" triggers CWE-

0xg0nz0 opened this issue · comments

commented

This C++ template method header declaration:

    template <typename T, typename std::enable_if<std::is_base_of<icp::model::Model, T>::value>::type* = nullptr>
    T read(std::istream& in);

triggered a false positive:

sdk/serialization.h:17:  [1] (buffer) read:Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20).