The following issues were found

include/nlohmann/thirdparty/hedley/hedley.hpp
2 issues
printf - If format strings can be influenced by an attacker, they can be exploited
Security

Line: 1318 Column: 86 CWE codes: 134
Suggestion: Use a constant for the format specification 

                  JSON_HEDLEY_MCST_LCC_VERSION_CHECK(1,25,10)
    #define JSON_HEDLEY_PRINTF_FORMAT(string_idx,first_to_check) __attribute__((__format__(__printf__, string_idx, first_to_check)))
#elif JSON_HEDLEY_PELLES_VERSION_CHECK(6,0,0)
    #define JSON_HEDLEY_PRINTF_FORMAT(string_idx,first_to_check) __declspec(vaformat(printf,string_idx,first_to_check))
#else
    #define JSON_HEDLEY_PRINTF_FORMAT(string_idx,first_to_check)
#endif

#if defined(JSON_HEDLEY_CONSTEXPR)

Reported by FlawFinder.

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 1817 Column: 12 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

                      sizeof(*( \
                  1 ? \
                  ((void*) ((expr) * 0L) ) : \
((struct { char v[sizeof(void) * 2]; } *) 1) \
                ) \
              ) \
                                            )
#  endif
#endif

Reported by FlawFinder.

test/src/unit-iterators1.cpp
2 issues
The iterator 'it' is invalid before being assigned. Dereferencing or comparing it with another iterator is invalid operation.
Error

Line: 43 CWE codes: 664 

                      SECTION("uninitialized")
        {
            json::iterator it;
            CHECK(it.m_object == nullptr);

            json::const_iterator cit;
            CHECK(cit.m_object == nullptr);
        }

Reported by Cppcheck.

The iterator 'cit' is invalid before being assigned. Dereferencing or comparing it with another iterator is invalid operation.
Error

Line: 46 CWE codes: 664 

                          CHECK(it.m_object == nullptr);

            json::const_iterator cit;
            CHECK(cit.m_object == nullptr);
        }

        SECTION("boolean")
        {
            json j = true;

Reported by Cppcheck.

test/thirdparty/Fuzzer/FuzzerUtil.cpp
2 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 184 Column: 3 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              
std::string DescribePC(const char *SymbolizedFMT, uintptr_t PC) {
  if (!EF->__sanitizer_symbolize_pc) return "<can not symbolize>";
  char PcDescr[1024];
  EF->__sanitizer_symbolize_pc(reinterpret_cast<void*>(PC),
                               SymbolizedFMT, PcDescr, sizeof(PcDescr));
  PcDescr[sizeof(PcDescr) - 1] = 0;  // Just in case.
  return PcDescr;
}

Reported by FlawFinder.

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 211 Column: 3 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              bool ExecuteCommandAndReadOutput(const std::string &Command, std::string *Out) {
  FILE *Pipe = OpenProcessPipe(Command.c_str(), "r");
  if (!Pipe) return false;
  char Buff[1024];
  size_t N;
  while ((N = fread(Buff, 1, sizeof(Buff), Pipe)) > 0)
    Out->append(Buff, N);
  return true;
}

Reported by FlawFinder.

test/thirdparty/Fuzzer/test/SimpleDictionaryTest.cpp
2 issues
strlen - Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected)
Security

Line: 18 Column: 14 CWE codes: 126 

              
extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
  const char *Expected = "ElvisPresley";
  if (Size < strlen(Expected)) return 0;
  size_t Match = 0;
  for (size_t i = 0; Expected[i]; i++)
    if (Expected[i] + Zero == Data[i])
      Match++;
  if (Match == strlen(Expected)) {

Reported by FlawFinder.

strlen - Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected)
Security

Line: 23 Column: 16 CWE codes: 126 

                for (size_t i = 0; Expected[i]; i++)
    if (Expected[i] + Zero == Data[i])
      Match++;
  if (Match == strlen(Expected)) {
    std::cout << "BINGO; Found the target, exiting\n";
    exit(1);
  }
  return 0;
}

Reported by FlawFinder.

test/thirdparty/Fuzzer/test/Switch2Test.cpp
1 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 26 Column: 5 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

                int Res = 0;
  for (int i = 0; i < N; i++) {
    int X;
    memcpy(&X, Data + i * sizeof(int), sizeof(int));
    Res += Switch(X);
  }
  if (Res == 5 || Res == 3 || Res == 6 || Res == 7) {
    fprintf(stderr, "BINGO; Found the target, exiting; Res=%d\n", Res);
    exit(1);

Reported by FlawFinder.

doc/scripts/send_to_wandbox.py
1 issues
Missing parentheses in call to 'print'. Did you mean print(response['url'])? (<unknown>, line 113)
Error

Line: 113 Column: 16 

                  })

    if 'status' in response and response['status'] == '0':
        print response['url']
        return 0
    else:
        print response
        return 1

Reported by Pylint.

include/nlohmann/detail/conversions/to_chars.hpp
1 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 45 Column: 10 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

                  static_assert(sizeof(Target) == sizeof(Source), "size mismatch");

    Target target;
    std::memcpy(&target, &source, sizeof(Source));
    return target;
}

struct diyfp // f * 2^e
{

Reported by FlawFinder.

include/nlohmann/detail/input/lexer.hpp
1 issues
snprintf - If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate
Security

Line: 1450 Column: 23 CWE codes: 134
Suggestion: Use a constant for the format specification 

                          {
                // escape control characters
                std::array<char, 9> cs{{}};
                (std::snprintf)(cs.data(), cs.size(), "<U+%.4X>", static_cast<unsigned char>(c)); // NOLINT(cppcoreguidelines-pro-type-vararg,hicpp-vararg)
                result += cs.data();
            }
            else
            {
                // add character as is

Reported by FlawFinder.

test/src/unit-udt.cpp
1 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 589 Column: 14 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

                      // serializers
        nlohmann::from_json(j, value);
        auto* bytes = static_cast<char*>(static_cast<void*>(&value));
        std::memcpy(&t, bytes, sizeof(value));
    }

    template <
        typename BasicJsonType, typename U = T,
        typename std::enable_if <

Reported by FlawFinder.

test/thirdparty/Fuzzer/FuzzerCorpus.h
1 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 76 Column: 5 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

                  II.U = U;
    II.NumFeatures = NumFeatures;
    II.MayDeleteFile = MayDeleteFile;
    memcpy(II.Sha1, Hash, kSHA1NumBytes);
    UpdateCorpusDistribution();
    ValidateFeatureSet();
  }

  bool HasUnit(const Unit &U) { return Hashes.count(Hash(U)); }

Reported by FlawFinder.