Considering the great job finding bugs done by Coverity
on other open source projects I went looking for
similar tools and I found FlawFinder, a very easy to
use security checker.
I ran flawfinder on BRLCAD 7.6.6 and since the US army
should be expected to keep up the finest standards in
security, I thought you might be interested in the
report it produced.