Home / facebook / zstd
Repository Analysis

facebook/zstd

Zstandard - Fast real-time compression algorithm

2.1 Likely human-written View on GitHub
2.1
Adjusted Score
2.1
Raw Score
100%
Time Factor
2026-05-14
Last Push
27,175
Stars
C
Language
156,981
Lines of Code
410
Files
300
Pattern Hits
2026-05-31
Scan Date

Score History

Severity Breakdown

CRITICAL 0HIGH 2MEDIUM 17LOW 281

Pattern Findings

300 matches across 9 categories. Click a row to expand file-level details.

Over-Commented Block235 hits · 228 pts
SeverityFileLineSnippet
LOWzlibWrapper/gzread.c421 }
LOWzlibWrapper/gzguts.h21#else
LOWzlibWrapper/gzguts.h41#else
LOWzlibWrapper/gzguts.h61# define NO_GZCOMPRESS
LOWzlibWrapper/gzguts.h81
LOWzlibWrapper/gzguts.h101# endif
LOWzlibWrapper/gzguts.h121# define local static
LOWzlibWrapper/gzguts.h141# else
LOWzlibWrapper/gzcompatibility.h21#else
LOWzlibWrapper/gzcompatibility.h41#if defined(_WIN32) && !defined(Z_SOLO)
LOWzlibWrapper/zstd_zlibwrapper.c21#include <stdarg.h> /* va_list, for z_gzprintf */
LOWzlibWrapper/examples/example_original.c21*/
LOWzlibWrapper/examples/zwrapbench.c41/*-************************************
LOWzlibWrapper/examples/minigzip.c21#define _POSIX_SOURCE /* fileno */
LOWzlibWrapper/examples/minigzip.c41# include <stdlib.h>
LOWtests/paramgrill.c21
LOWtests/paramgrill.c61# define DEBUG 0
LOWtests/fuzzer.c21
LOWtests/decodecorpus.c21#include "zstd.h"
LOWtests/decodecorpus.c161* Constants and Structs
LOWtests/zstreamtest.c21
LOWtests/DEPRECATED-test-zstd-speed.py1#! /usr/bin/env python3
LOWtests/fullbench.c21#include <assert.h>
LOWtests/roundTripCrash.c21#include <stddef.h> /* size_t */
LOWtests/rateLimiter.py1#!/usr/bin/env python3
LOWtests/gzip/mixed.sh1#!/bin/sh
LOWtests/gzip/memcpy-abuse.sh1#!/bin/sh
LOWtests/gzip/zdiff.sh1#!/bin/sh
LOWtests/gzip/init.sh1# source this file; set up for tests
LOWtests/gzip/init.sh21# The typical skeleton of a test looks like this:
LOWtests/gzip/init.sh41#
LOWtests/gzip/init.sh61
LOWtests/gzip/init.sh121 NULLCMD=:
LOWtests/gzip/init.sh481 # As autoconf-generated configure scripts do, ensure that IFS
LOWtests/gzip/init.sh501# Failing that, we'll roll our own mktemp-like function:
LOWtests/gzip/trailing-nul.sh1#!/bin/sh
LOWtests/gzip/help-version.sh1#! /bin/sh
LOWtests/gzip/stdin.sh1#!/bin/sh
LOWtests/gzip/zgrep-context.sh1#!/bin/sh
LOWtests/gzip/znew-k.sh1#!/bin/sh
LOWtests/gzip/zgrep-signal.sh1#!/bin/sh
LOWtests/gzip/gzip-env.sh1#!/bin/sh
LOWtests/gzip/null-suffix-clobber.sh1#!/bin/sh
LOWtests/gzip/zgrep-f.sh1#!/bin/sh
LOWtests/gzip/hufts.sh1#!/bin/sh
LOWtests/gzip/z-suffix.sh1#!/bin/sh
LOWtests/gzip/list.sh1#!/bin/sh
LOWtests/gzip/keep.sh1#!/bin/sh
LOWtests/gzip/unpack-invalid.sh1#!/bin/sh
LOWtests/gzip/helin-segv.sh1#!/bin/sh
LOWtests/gzip/test-driver.sh1#! /bin/sh
LOWtests/gzip/test-driver.sh141# mode: shell-script
LOWtests/fuzz/fuzz_helpers.h21#include "zstd.h"
LOWtests/fuzz/fuzz_helpers.h41 ((cond) ? (void)0 \
LOWcontrib/pzstd/Pzstd.cpp1/*
LOWcontrib/pzstd/Pzstd.h1/*
LOWcontrib/pzstd/utils/Likely.h21
LOWcontrib/linux-kernel/btrfs-benchmark.sh1# !/bin/sh
LOWcontrib/linux-kernel/btrfs-benchmark.sh61# none
LOWcontrib/linux-kernel/btrfs-benchmark.sh81# zstd 3
175 more matches not shown…
Fake / Example Data16 hits · 23 pts
SeverityFileLineSnippet
LOWtests/loremOut.h12 * Generate @size bytes of compressible data using lorem ipsum generator into
LOWtests/fullbench.c933 * if @compressibility < 0.0, use Lorem Ipsum generator
LOWtests/loremOut.c12 * Generates a stream of Lorem ipsum paragraphs to stdout,
LOWcontrib/seekable_format/tests/seekable_tests.c272 { char const inBuffer[] = "Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididu
LOWcontrib/seekable_format/tests/seekable_tests.c272 { char const inBuffer[] = "Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididu
LOWprograms/lorem.h11/* lorem ipsum generator */
LOWprograms/lorem.h17 * Generate @size bytes of compressible data using lorem ipsum generator
LOWprograms/benchzstd.h128 * if @compressibility < 0.0, uses the lorem ipsum generator
LOWprograms/README.md140If no file is provided, the benchmark will use a procedurally generated "lorem ipsum" content.
LOWprograms/zstd.1.md675When no `FILE` is provided, the benchmark will use a procedurally generated `lorem ipsum` text.
LOWprograms/benchzstd.c1004 name = "Lorem ipsum";
LOWprograms/lorem.c13 * This is a very simple lorem ipsum generator
LOWprograms/lorem.c20 * The resulting compression / ratio curve of the lorem ipsum generator
LOWprograms/lorem.c25 * The compression ratio achievable on the generated lorem ipsum
LOWprograms/lorem.c240/* It's "common" for lorem ipsum generators to start with the same first
LOWprograms/zstdcli.c906 double compressibility = -1.0; /* lorem ipsum generator */
Excessive Try-Catch Wrapping18 hits · 22 pts
SeverityFileLineSnippet
LOWtests/DEPRECATED-test-zstd-speed.py74 except Exception:
LOWtests/DEPRECATED-test-zstd-speed.py370 except Exception as e:
MEDIUMtests/DEPRECATED-test-zstd-speed.py71def does_command_exist(command):
LOWtests/fuzz/fuzz.py397 except Exception as e:
LOWtests/fuzz/fuzz.py583 except Exception as e:
LOWtests/fuzz/fuzz.py636 except Exception as e:
LOWtests/fuzz/fuzz.py660 except Exception as e:
LOWtests/fuzz/fuzz.py739 except Exception as e:
LOWtests/fuzz/fuzz.py814 except Exception as e:
LOWtests/fuzz/fuzz.py839 except Exception as e:
MEDIUMtests/fuzz/fuzz.py905 print("Error: No such command {} (pass -h for help)".format(command))
MEDIUMtests/fuzz/fuzz.py394def build(args):
MEDIUMtests/fuzz/fuzz.py580def libfuzzer_cmd(args):
MEDIUMtests/fuzz/fuzz.py633def afl(args):
MEDIUMtests/fuzz/fuzz.py651def regression(args):
MEDIUMtests/fuzz/fuzz.py736def gen(args):
MEDIUMtests/fuzz/fuzz.py807def minimize(args):
MEDIUMtests/fuzz/fuzz.py833def zip_cmd(args):
Self-Referential Comments6 hits · 18 pts
SeverityFileLineSnippet
MEDIUMtests/gzip/init.cfg1# This file is sourced by init.sh, *before* its initialization.
MEDIUMtests/gzip/init.sh136# The following code attempts to find a shell with support for these features.
MEDIUMtests/gzip/init.sh451 # Create an alias, FOO, for each FOO.exe in this directory.
MEDIUMtests/gzip/init.sh495# Create a temporary directory, much like mktemp -d does.
MEDIUMtests/gzip/help-version.sh147# Create a file in the current directory, not in $TMPDIR.
MEDIUMtests/gzip/test-driver.sh26# This file is maintained in Automake, please report
Deep Nesting11 hits · 11 pts
SeverityFileLineSnippet
LOWtests/automated_benchmarking.py260
LOWtests/test-license.py136
LOWtests/fuzz/fuzz.py736
LOWtests/cli-tests/run.py132
LOWtests/cli-tests/run.py583
LOWcontrib/freestanding_lib/freestanding.py115
LOWcontrib/freestanding_lib/freestanding.py149
LOWcontrib/freestanding_lib/freestanding.py261
LOWcontrib/freestanding_lib/freestanding.py523
LOWcontrib/freestanding_lib/freestanding.py573
LOWcontrib/freestanding_lib/freestanding.py614
Cross-Language Confusion2 hits · 8 pts
SeverityFileLineSnippet
HIGHtests/automated_benchmarking.py103 os.system("cd ../ && make -j && cd tests")
HIGHcontrib/freestanding_lib/freestanding.py55 Handles && and ||.
Decorative Section Separators2 hits · 6 pts
SeverityFileLineSnippet
MEDIUMtests/gzip/init.sh19# =========================
MEDIUMtests/gzip/init.sh40# ====================================
Unused Imports5 hits · 5 pts
SeverityFileLineSnippet
LOWtests/check_size.py13
LOWtests/test-zstd-versions.py19
LOWtests/DEPRECATED-test-zstd-speed.py20
LOWtests/test-license.py13
LOWcontrib/freestanding_lib/freestanding.py13
Hyper-Verbose Identifiers5 hits · 5 pts
SeverityFileLineSnippet
LOWtests/automated_benchmarking.py73def get_builds_for_latest_hash():
LOWtests/automated_benchmarking.py145def benchmark_dictionary_single(executable, filenames_directory, dictionary_filename, level, iterations):
LOWtests/automated_benchmarking.py172def parse_regressions_and_labels(old_cspeed, new_cspeed, old_dspeed, new_dspeed, baseline_build, test_build):
LOWtests/automated_benchmarking.py221def get_regressions_dictionary(baseline_build, test_build, filenames_directory, dictionary_filename, levels, iterations)
LOWtests/DEPRECATED-test-zstd-speed.py92def send_email_with_attachments(branch, commit, last_commit, args, text, results_files,