The following issues were found

test/src/unit-conversions.cpp
3 issues
There is an unknown macro here somewhere. Configuration is required. If NLOHMANN_JSON_SERIALIZE_ENUM is a macro then please configure it.
Error

Line: 1647 

              enum class cards {kreuz, pik, herz, karo};

// NOLINTNEXTLINE(cppcoreguidelines-avoid-c-arrays,hicpp-avoid-c-arrays,modernize-avoid-c-arrays) - false positive
NLOHMANN_JSON_SERIALIZE_ENUM(cards,
{
    {cards::kreuz, "kreuz"},
    {cards::pik, "pik"},
    {cards::pik, "puk"},  // second entry for cards::puk; will not be used
    {cards::herz, "herz"},

Reported by Cppcheck.

equal - Function does not check the second iterator for over-read conditions
Security

Line: 297 Column: 24 CWE codes: 126
Suggestion: This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it 

              
            auto v = j2.get<std::vector<int>>();
            auto s = j3.get<std::string>();
            CHECK(std::equal(v.begin(), v.end(), std::begin(nbs)));
            CHECK(s == str);
        }

        SECTION("std::deque<json>")
        {

Reported by FlawFinder.

equal - Function does not check the second iterator for over-read conditions
Security

Line: 399 Column: 24 CWE codes: 126
Suggestion: This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it 

              
            json j2 = nbs;
            j2.get_to(nbs2);
            CHECK(std::equal(std::begin(nbs), std::end(nbs), std::begin(nbs2)));
        }

        SECTION("std::deque<json>")
        {
            std::deque<json> a{"previous", "value"};

Reported by FlawFinder.

include/nlohmann/detail/input/binary_reader.hpp
3 issues
snprintf - If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate
Security

Line: 321 Column: 23 CWE codes: 134
Suggestion: Use a constant for the format specification 

                          default: // anything else not supported (yet)
            {
                std::array<char, 3> cr{{}};
                (std::snprintf)(cr.data(), cr.size(), "%.2hhX", static_cast<unsigned char>(element_type)); // NOLINT(cppcoreguidelines-pro-type-vararg,hicpp-vararg)
                return sax->parse_error(element_type_parse_position, std::string(cr.data()), parse_error::create(114, element_type_parse_position, "Unsupported BSON record type 0x" + std::string(cr.data()), BasicJsonType()));
            }
        }
    }

Reported by FlawFinder.

snprintf - If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate
Security

Line: 2465 Column: 15 CWE codes: 134
Suggestion: Use a constant for the format specification 

                  std::string get_token_string() const
    {
        std::array<char, 3> cr{{}};
        (std::snprintf)(cr.data(), cr.size(), "%.2hhX", static_cast<unsigned char>(current)); // NOLINT(cppcoreguidelines-pro-type-vararg,hicpp-vararg)
        return std::string{cr.data()};
    }

    /*!
    @param[in] format   the current format

Reported by FlawFinder.

memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 2373 Column: 14 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

                      }

        // step 2: convert array into number of type T and return
        std::memcpy(&result, vec.data(), sizeof(NumberType));
        return true;
    }

    /*!
    @brief create a string by reading characters from the input

Reported by FlawFinder.

test/src/unit-json_pointer.cpp
3 issues
access - This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition
Security

Line: 278 Column: 20 CWE codes: 362/367!
Suggestion: Set up the correct permissions (e.g., using setuid()) and try to open the file directly 

                      }
    }

    SECTION("array access")
    {
        SECTION("nonconst access")
        {
            json j = {1, 2, 3};
            const json j_const = j;

Reported by FlawFinder.

access - This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition
Security

Line: 280 Column: 27 CWE codes: 362/367!
Suggestion: Set up the correct permissions (e.g., using setuid()) and try to open the file directly 

              
    SECTION("array access")
    {
        SECTION("nonconst access")
        {
            json j = {1, 2, 3};
            const json j_const = j;

            // check reading access

Reported by FlawFinder.

access - This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition
Security

Line: 416 Column: 24 CWE codes: 362/367!
Suggestion: Set up the correct permissions (e.g., using setuid()) and try to open the file directly 

                          CHECK(!j_const.contains("/-"_json_pointer));
        }

        SECTION("const access")
        {
            const json j = {1, 2, 3};

            // check reading access
            CHECK(j["/0"_json_pointer] == j[0]);

Reported by FlawFinder.

test/thirdparty/Fuzzer/test/DSOTestMain.cpp
3 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 21 Column: 5 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

                if (Size < sizeof(int) * 3) {
    x = y = z = 0;
  } else {
    memcpy(&x, Data + 0 * sizeof(int), sizeof(int));
    memcpy(&y, Data + 1 * sizeof(int), sizeof(int));
    memcpy(&z, Data + 2 * sizeof(int), sizeof(int));
  }
  int sum = DSO1(x) + DSO2(y) + (z ? DSOTestExtra(z) : 0);
  if (sum == 3) {

Reported by FlawFinder.

memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 22 Column: 5 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

                  x = y = z = 0;
  } else {
    memcpy(&x, Data + 0 * sizeof(int), sizeof(int));
    memcpy(&y, Data + 1 * sizeof(int), sizeof(int));
    memcpy(&z, Data + 2 * sizeof(int), sizeof(int));
  }
  int sum = DSO1(x) + DSO2(y) + (z ? DSOTestExtra(z) : 0);
  if (sum == 3) {
    fprintf(stderr, "BINGO %d %d %d\n", x, y, z);

Reported by FlawFinder.

memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 23 Column: 5 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

                } else {
    memcpy(&x, Data + 0 * sizeof(int), sizeof(int));
    memcpy(&y, Data + 1 * sizeof(int), sizeof(int));
    memcpy(&z, Data + 2 * sizeof(int), sizeof(int));
  }
  int sum = DSO1(x) + DSO2(y) + (z ? DSOTestExtra(z) : 0);
  if (sum == 3) {
    fprintf(stderr, "BINGO %d %d %d\n", x, y, z);
    *nil = 0;

Reported by FlawFinder.

test/thirdparty/Fuzzer/test/SimpleCmpTest.cpp
2 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 25 Column: 3 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

                int64_t  y = 0;
  int32_t z = 0;
  uint16_t a = 0;
  memcpy(&x, Data, 8);  // 8
  memcpy(&y, Data + 8, 8);  // 16
  memcpy(&z, Data + 16, sizeof(z));  // 20
  memcpy(&a, Data + 20, sizeof(a));  // 22

  if (x > 1234567890 && PrintOnce(__LINE__) &&

Reported by FlawFinder.

memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 26 Column: 3 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

                int32_t z = 0;
  uint16_t a = 0;
  memcpy(&x, Data, 8);  // 8
  memcpy(&y, Data + 8, 8);  // 16
  memcpy(&z, Data + 16, sizeof(z));  // 20
  memcpy(&a, Data + 20, sizeof(a));  // 22

  if (x > 1234567890 && PrintOnce(__LINE__) &&
      x < 1234567895 && PrintOnce(__LINE__) &&

Reported by FlawFinder.

test/thirdparty/Fuzzer/test/ShrinkValueProfileTest.cpp
2 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 17 Column: 3 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

                if (Size < sizeof(uint32_t)) return 0;
  uint32_t X, Y;
  size_t Offset = Size < 8 ? 0 : Size / 2;
  memcpy(&X, Data + Offset, sizeof(uint32_t));
  memcpy(&Y, "FUZZ", sizeof(uint32_t));
  Sink = X == Y;
  return 0;
}

Reported by FlawFinder.

memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 18 Column: 3 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

                uint32_t X, Y;
  size_t Offset = Size < 8 ? 0 : Size / 2;
  memcpy(&X, Data + Offset, sizeof(uint32_t));
  memcpy(&Y, "FUZZ", sizeof(uint32_t));
  Sink = X == Y;
  return 0;
}

Reported by FlawFinder.

test/src/unit-regression1.cpp
2 issues
open - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?
Security

Line: 1422 Column: 16 CWE codes: 362 

                              | std::ios_base::badbit
            ); // handle different exceptions as 'file not found', 'permission denied'

            is.open(TEST_DATA_DIRECTORY "/regression/working_file.json");
            json _;
            CHECK_NOTHROW(_ = nlohmann::json::parse(is));
        }

        {

Reported by FlawFinder.

open - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?
Security

Line: 1435 Column: 16 CWE codes: 362 

                              | std::ios_base::badbit
            ); // handle different exceptions as 'file not found', 'permission denied'

            is.open(TEST_DATA_DIRECTORY "/json_nlohmann_tests/all_unicode.json.cbor",
                    std::ios_base::in | std::ios_base::binary);
            json _;
            CHECK_NOTHROW(_ = nlohmann::json::from_cbor(is));
        }
    }

Reported by FlawFinder.

include/nlohmann/detail/input/input_adapters.hpp
2 issues
fgetc - Check buffer boundaries if used in a loop including recursive loops
Security

Line: 56 Column: 21 CWE codes: 120 20 

              
    std::char_traits<char>::int_type get_character() noexcept
    {
        return std::fgetc(m_file);
    }

  private:
    /// the file pointer to read from
    std::FILE* m_file;

Reported by FlawFinder.

strlen - Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected)
Security

Line: 441 Column: 24 CWE codes: 126 

                             int >::type = 0 >
contiguous_bytes_input_adapter input_adapter(CharT b)
{
    auto length = std::strlen(reinterpret_cast<const char*>(b));
    const auto* ptr = reinterpret_cast<const char*>(b);
    return input_adapter(ptr, ptr + length);
}

template<typename T, std::size_t N>

Reported by FlawFinder.

include/nlohmann/detail/output/binary_writer.hpp
2 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 1547 Column: 14 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

                  {
        // step 1: write number to array of length NumberType
        std::array<CharType, sizeof(NumberType)> vec{};
        std::memcpy(vec.data(), &n, sizeof(NumberType));

        // step 2: write array to output (with possible reordering)
        if (is_little_endian != OutputIsLittleEndian)
        {
            // reverse byte order prior to conversion if necessary

Reported by FlawFinder.

memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 1605 Column: 14 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

                      static_assert(sizeof(std::uint8_t) == sizeof(CharType), "size of CharType must be equal to std::uint8_t");
        static_assert(std::is_trivial<CharType>::value, "CharType must be trivial");
        CharType result;
        std::memcpy(&result, &x, sizeof(x));
        return result;
    }

    template<typename C = CharType,
             enable_if_t<std::is_unsigned<C>::value>* = nullptr>

Reported by FlawFinder.

test/thirdparty/Fuzzer/FuzzerIOWindows.cpp
2 issues
strlen - Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected)
Security

Line: 100 Column: 28 CWE codes: 126 

                  std::string FileName = DirPlusFile(Dir, FindInfo.cFileName);

    if (FindInfo.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) {
      size_t FilenameLen = strlen(FindInfo.cFileName);
      if ((FilenameLen == 1 && FindInfo.cFileName[0] == '.') ||
          (FilenameLen == 2 && FindInfo.cFileName[0] == '.' &&
                               FindInfo.cFileName[1] == '.'))
        continue;

Reported by FlawFinder.

strlen - Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected)
Security

Line: 205 Column: 16 CWE codes: 126 

              // Returns number of characters considered if successful.
static size_t ParseCustomString(const std::string &Ref, size_t Offset,
                                const char *Patt) {
  size_t Len = strlen(Patt);
  if (Offset + Len > Ref.size())
    return 0;
  return Ref.compare(Offset, Len, Patt) == 0 ? Len : 0;
}

Reported by FlawFinder.