Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/4ti2-1.6.9+ds/src/4ti2/4ti2.h
Examining data/4ti2-1.6.9+ds/src/4ti2/4ti2API.cpp
Examining data/4ti2-1.6.9+ds/src/4ti2/4ti2xx.h
Examining data/4ti2-1.6.9+ds/src/banner.h
Examining data/4ti2-1.6.9+ds/src/groebner/4ti2API.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/Algorithm.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/Algorithm.h
Examining data/4ti2-1.6.9+ds/src/groebner/BasicCompletion.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/BasicCompletion.h
Examining data/4ti2-1.6.9+ds/src/groebner/BasicGeneration.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/BasicGeneration.h
Examining data/4ti2-1.6.9+ds/src/groebner/BasicOptions.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/BasicOptions.h
Examining data/4ti2-1.6.9+ds/src/groebner/BasicReduction.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/BasicReduction.h
Examining data/4ti2-1.6.9+ds/src/groebner/Binomial.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/Binomial.h
Examining data/4ti2-1.6.9+ds/src/groebner/BinomialArray.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/BinomialArray.h
Examining data/4ti2-1.6.9+ds/src/groebner/BinomialArrayStream.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/BinomialArrayStream.h
Examining data/4ti2-1.6.9+ds/src/groebner/BinomialCollection.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/BinomialCollection.h
Examining data/4ti2-1.6.9+ds/src/groebner/BinomialFactory.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/BinomialFactory.h
Examining data/4ti2-1.6.9+ds/src/groebner/BinomialSet.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/BinomialSet.h
Examining data/4ti2-1.6.9+ds/src/groebner/BinomialSetStream.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/BinomialSetStream.h
Examining data/4ti2-1.6.9+ds/src/groebner/BinomialStream.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/BinomialStream.h
Examining data/4ti2-1.6.9+ds/src/groebner/BitSet.h
Examining data/4ti2-1.6.9+ds/src/groebner/BitSetStream.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/BitSetStream.h
Examining data/4ti2-1.6.9+ds/src/groebner/Bounded.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/Bounded.h
Examining data/4ti2-1.6.9+ds/src/groebner/CircuitImplementation.h
Examining data/4ti2-1.6.9+ds/src/groebner/CircuitMatrixAlgorithm.h
Examining data/4ti2-1.6.9+ds/src/groebner/CircuitOptions.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/CircuitOptions.h
Examining data/4ti2-1.6.9+ds/src/groebner/CircuitSupportAlgorithm.h
Examining data/4ti2-1.6.9+ds/src/groebner/CircuitsAPI.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/CircuitsAPI.h
Examining data/4ti2-1.6.9+ds/src/groebner/Completion.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/Completion.h
Examining data/4ti2-1.6.9+ds/src/groebner/DataType.h
Examining data/4ti2-1.6.9+ds/src/groebner/Debug.h
Examining data/4ti2-1.6.9+ds/src/groebner/DiagonalAlgorithm.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/DiagonalAlgorithm.h
Examining data/4ti2-1.6.9+ds/src/groebner/EliminateAlgorithm.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/EliminateAlgorithm.h
Examining data/4ti2-1.6.9+ds/src/groebner/Euclidean.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/Euclidean.h
Examining data/4ti2-1.6.9+ds/src/groebner/Extract.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/Extract.h
Examining data/4ti2-1.6.9+ds/src/groebner/Feasible.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/Feasible.h
Examining data/4ti2-1.6.9+ds/src/groebner/FeasibleStream.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/FeasibleStream.h
Examining data/4ti2-1.6.9+ds/src/groebner/Filter.h
Examining data/4ti2-1.6.9+ds/src/groebner/FilterReduction.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/FilterReduction.h
Examining data/4ti2-1.6.9+ds/src/groebner/FlipCompletion.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/FlipCompletion.h
Examining data/4ti2-1.6.9+ds/src/groebner/GeneratingSet.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/GeneratingSet.h
Examining data/4ti2-1.6.9+ds/src/groebner/Generation.h
Examining data/4ti2-1.6.9+ds/src/groebner/Globals.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/Globals.h
Examining data/4ti2-1.6.9+ds/src/groebner/Grading.h
Examining data/4ti2-1.6.9+ds/src/groebner/GroebnerBasis.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/GroebnerBasis.h
Examining data/4ti2-1.6.9+ds/src/groebner/HermiteAlgorithm.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/HermiteAlgorithm.h
Examining data/4ti2-1.6.9+ds/src/groebner/HybridGenSet.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/HybridGenSet.h
Examining data/4ti2-1.6.9+ds/src/groebner/Index.h
Examining data/4ti2-1.6.9+ds/src/groebner/IndexBinomialSet.h
Examining data/4ti2-1.6.9+ds/src/groebner/IndexSetConverter.h
Examining data/4ti2-1.6.9+ds/src/groebner/LatticeBasis.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/LatticeBasis.h
Examining data/4ti2-1.6.9+ds/src/groebner/LongDenseIndexSet.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/LongDenseIndexSet.h
Examining data/4ti2-1.6.9+ds/src/groebner/LongDenseIndexSetStream.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/LongDenseIndexSetStream.h
Examining data/4ti2-1.6.9+ds/src/groebner/Markov.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/Markov.h
Examining data/4ti2-1.6.9+ds/src/groebner/MaxMinGenSet.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/MaxMinGenSet.h
Examining data/4ti2-1.6.9+ds/src/groebner/Minimize.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/Minimize.h
Examining data/4ti2-1.6.9+ds/src/groebner/MinimizeOptions.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/MinimizeOptions.h
Examining data/4ti2-1.6.9+ds/src/groebner/OnesReduction.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/OnesReduction.h
Examining data/4ti2-1.6.9+ds/src/groebner/OnesTree.h
Examining data/4ti2-1.6.9+ds/src/groebner/Optimise.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/Optimise.h
Examining data/4ti2-1.6.9+ds/src/groebner/Options.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/Options.h
Examining data/4ti2-1.6.9+ds/src/groebner/OrderedCompletion.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/OrderedCompletion.h
Examining data/4ti2-1.6.9+ds/src/groebner/Permutation.h
Examining data/4ti2-1.6.9+ds/src/groebner/ProjectLiftGenSet.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/ProjectLiftGenSet.h
Examining data/4ti2-1.6.9+ds/src/groebner/QSolveAPI.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/QSolveAPI.h
Examining data/4ti2-1.6.9+ds/src/groebner/QSolveAlgorithm.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/QSolveAlgorithm.h
Examining data/4ti2-1.6.9+ds/src/groebner/QSolveConsOrder.h
Examining data/4ti2-1.6.9+ds/src/groebner/QSolveVariant.h
Examining data/4ti2-1.6.9+ds/src/groebner/RayAlgorithm.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/RayAlgorithm.h
Examining data/4ti2-1.6.9+ds/src/groebner/RayImplementation.h
Examining data/4ti2-1.6.9+ds/src/groebner/RayMatrixAlgorithm.h
Examining data/4ti2-1.6.9+ds/src/groebner/RaySupportAlgorithm.h
Examining data/4ti2-1.6.9+ds/src/groebner/RaysAPI.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/RaysAPI.h
Examining data/4ti2-1.6.9+ds/src/groebner/Reduction.h
Examining data/4ti2-1.6.9+ds/src/groebner/SaturationGenSet.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/SaturationGenSet.h
Examining data/4ti2-1.6.9+ds/src/groebner/ShortDenseIndexSet.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/ShortDenseIndexSet.h
Examining data/4ti2-1.6.9+ds/src/groebner/ShortDenseIndexSetStream.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/ShortDenseIndexSetStream.h
Examining data/4ti2-1.6.9+ds/src/groebner/SignPattern.h
Examining data/4ti2-1.6.9+ds/src/groebner/Size.h
Examining data/4ti2-1.6.9+ds/src/groebner/Statistics.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/Statistics.h
Examining data/4ti2-1.6.9+ds/src/groebner/SupportTree.h
Examining data/4ti2-1.6.9+ds/src/groebner/SyzygyCompletion.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/SyzygyCompletion.h
Examining data/4ti2-1.6.9+ds/src/groebner/SyzygyGeneration.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/SyzygyGeneration.h
Examining data/4ti2-1.6.9+ds/src/groebner/TermOrder.h
Examining data/4ti2-1.6.9+ds/src/groebner/Timer.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/Timer.h
Examining data/4ti2-1.6.9+ds/src/groebner/Truncate.h
Examining data/4ti2-1.6.9+ds/src/groebner/Truncated.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/Vector.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/Vector.h
Examining data/4ti2-1.6.9+ds/src/groebner/VectorArray.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/VectorArray.h
Examining data/4ti2-1.6.9+ds/src/groebner/VectorArrayAPI.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/VectorArrayAPI.h
Examining data/4ti2-1.6.9+ds/src/groebner/VectorArrayStream.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/VectorArrayStream.h
Examining data/4ti2-1.6.9+ds/src/groebner/VectorStream.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/VectorStream.h
Examining data/4ti2-1.6.9+ds/src/groebner/WalkAlgorithm.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/WalkAlgorithm.h
Examining data/4ti2-1.6.9+ds/src/groebner/WalkOptions.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/WalkOptions.h
Examining data/4ti2-1.6.9+ds/src/groebner/Weight.h
Examining data/4ti2-1.6.9+ds/src/groebner/WeightAlgorithm.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/WeightAlgorithm.h
Examining data/4ti2-1.6.9+ds/src/groebner/WeightedBinomialSet.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/WeightedBinomialSet.h
Examining data/4ti2-1.6.9+ds/src/groebner/WeightedReduction.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/WeightedReduction.h
Examining data/4ti2-1.6.9+ds/src/groebner/circuits_main.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/circuits_main.h
Examining data/4ti2-1.6.9+ds/src/groebner/groebner_main.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/groebner_main.h
Examining data/4ti2-1.6.9+ds/src/groebner/main.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/markov_main.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/markov_main.h
Examining data/4ti2-1.6.9+ds/src/groebner/minimize_main.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/minimize_main.h
Examining data/4ti2-1.6.9+ds/src/groebner/normalform_main.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/normalform_main.h
Examining data/4ti2-1.6.9+ds/src/groebner/qsolve_main.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/qsolve_main.h
Examining data/4ti2-1.6.9+ds/src/groebner/rays_main.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/rays_main.h
Examining data/4ti2-1.6.9+ds/src/groebner/walk_main.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/walk_main.h
Examining data/4ti2-1.6.9+ds/src/groebner/zbasis_main.cpp
Examining data/4ti2-1.6.9+ds/src/groebner/zbasis_main.h
Examining data/4ti2-1.6.9+ds/src/ppi/ppi.cpp
Examining data/4ti2-1.6.9+ds/src/util/genmodel.c
Examining data/4ti2-1.6.9+ds/src/util/genmodel.h
Examining data/4ti2-1.6.9+ds/src/util/genmodel_main.c
Examining data/4ti2-1.6.9+ds/src/util/gensymm.c
Examining data/4ti2-1.6.9+ds/src/util/gensymm.h
Examining data/4ti2-1.6.9+ds/src/util/gensymm_main.c
Examining data/4ti2-1.6.9+ds/src/util/myheader.h
Examining data/4ti2-1.6.9+ds/src/util/orbit.c
Examining data/4ti2-1.6.9+ds/src/util/orbit.h
Examining data/4ti2-1.6.9+ds/src/util/output.c
Examining data/4ti2-1.6.9+ds/src/util/output.h
Examining data/4ti2-1.6.9+ds/src/util/output_main.c
Examining data/4ti2-1.6.9+ds/src/util/print.c
Examining data/4ti2-1.6.9+ds/src/util/print.h
Examining data/4ti2-1.6.9+ds/src/util/vector.c
Examining data/4ti2-1.6.9+ds/src/util/vector.h
Examining data/4ti2-1.6.9+ds/src/zsolve/4ti2API.cpp
Examining data/4ti2-1.6.9+ds/src/zsolve/Algorithm.hpp
Examining data/4ti2-1.6.9+ds/src/zsolve/BitSet.cpp
Examining data/4ti2-1.6.9+ds/src/zsolve/BitSet.h
Examining data/4ti2-1.6.9+ds/src/zsolve/BoundAPI.hpp
Examining data/4ti2-1.6.9+ds/src/zsolve/Controller.hpp
Examining data/4ti2-1.6.9+ds/src/zsolve/DefaultController.hpp
Examining data/4ti2-1.6.9+ds/src/zsolve/Exception.h
Examining data/4ti2-1.6.9+ds/src/zsolve/GraverAPI.hpp
Examining data/4ti2-1.6.9+ds/src/zsolve/Heuristics.hpp
Examining data/4ti2-1.6.9+ds/src/zsolve/HilbertAPI.hpp
Examining data/4ti2-1.6.9+ds/src/zsolve/Integer.h
Examining data/4ti2-1.6.9+ds/src/zsolve/Lattice.hpp
Examining data/4ti2-1.6.9+ds/src/zsolve/LinearSystem.hpp
Examining data/4ti2-1.6.9+ds/src/zsolve/Norms.hpp
Examining data/4ti2-1.6.9+ds/src/zsolve/Options.cpp
Examining data/4ti2-1.6.9+ds/src/zsolve/Options.h
Examining data/4ti2-1.6.9+ds/src/zsolve/RelAPI.cpp
Examining data/4ti2-1.6.9+ds/src/zsolve/RelAPI.h
Examining data/4ti2-1.6.9+ds/src/zsolve/Relation.hpp
Examining data/4ti2-1.6.9+ds/src/zsolve/SignAPI.cpp
Examining data/4ti2-1.6.9+ds/src/zsolve/SignAPI.h
Examining data/4ti2-1.6.9+ds/src/zsolve/Timer.cpp
Examining data/4ti2-1.6.9+ds/src/zsolve/Timer.h
Examining data/4ti2-1.6.9+ds/src/zsolve/Variables.hpp
Examining data/4ti2-1.6.9+ds/src/zsolve/Vector.hpp
Examining data/4ti2-1.6.9+ds/src/zsolve/VectorArray.hpp
Examining data/4ti2-1.6.9+ds/src/zsolve/VectorArrayAPI.hpp
Examining data/4ti2-1.6.9+ds/src/zsolve/ZSolveAPI.hpp
Examining data/4ti2-1.6.9+ds/src/zsolve/main.cpp
Examining data/4ti2-1.6.9+ds/src/zsolve/zsolve.h
Examining data/4ti2-1.6.9+ds/test/qsolve/api/circuits_main.cpp
Examining data/4ti2-1.6.9+ds/test/qsolve/api/qsolve_main.cpp
Examining data/4ti2-1.6.9+ds/test/qsolve/api/rays_main.cpp
Examining data/4ti2-1.6.9+ds/test/qsolve/api/test_input_conversion_64.cpp
Examining data/4ti2-1.6.9+ds/test/qsolve/api/test_input_conversion_gmp.cpp
Examining data/4ti2-1.6.9+ds/test/zsolve/api/test_zsolve_api.cpp
FINAL RESULTS:
data/4ti2-1.6.9+ds/src/util/genmodel.c:220:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName,argv[argc-1]);
data/4ti2-1.6.9+ds/src/util/genmodel.c:222:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outFileName,argv[argc-1]);
data/4ti2-1.6.9+ds/src/util/gensymm.c:146:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName,argv[argc-1]);
data/4ti2-1.6.9+ds/src/util/gensymm.c:172:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outFileName,fileName);
data/4ti2-1.6.9+ds/src/util/output.c:443:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName,argv[argc-1]);
data/4ti2-1.6.9+ds/src/util/output.c:446:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outFileName,fileName);
data/4ti2-1.6.9+ds/src/util/output.c:451:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName,argv[argc-1]);
data/4ti2-1.6.9+ds/src/util/output.c:453:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(symFileName,fileName);
data/4ti2-1.6.9+ds/src/util/output.c:458:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName,argv[argc-1]);
data/4ti2-1.6.9+ds/src/util/output.c:460:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(symFileName,fileName);
data/4ti2-1.6.9+ds/src/util/output.c:478:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outFileName,fileName);
data/4ti2-1.6.9+ds/src/util/output.c:484:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName,argv[argc-1]);
data/4ti2-1.6.9+ds/src/util/output.c:486:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(domFileName,argv[argc-2]);
data/4ti2-1.6.9+ds/src/util/output.c:490:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outFileName,fileName);
data/4ti2-1.6.9+ds/src/util/output.c:497:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName,argv[argc-1]);
data/4ti2-1.6.9+ds/src/util/output.c:499:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(symFileName,fileName);
data/4ti2-1.6.9+ds/src/util/output.c:504:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName,argv[argc-1]);
data/4ti2-1.6.9+ds/src/util/output.c:506:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(symFileName,fileName);
data/4ti2-1.6.9+ds/src/util/output.c:523:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outFileName,fileName);
data/4ti2-1.6.9+ds/src/util/output.c:530:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName,argv[argc-1]);
data/4ti2-1.6.9+ds/src/util/output.c:532:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(symFileName,fileName);
data/4ti2-1.6.9+ds/src/util/output.c:537:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(symFileName,fileName);
data/4ti2-1.6.9+ds/src/util/output.c:551:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outFileName,fileName);
data/4ti2-1.6.9+ds/src/util/output.c:556:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName,argv[argc-1]);
data/4ti2-1.6.9+ds/src/util/output.c:564:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outFileName,fileName);
data/4ti2-1.6.9+ds/src/util/output.c:566:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(outFileName,argv[i+1]);
data/4ti2-1.6.9+ds/src/util/output.c:573:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outFileName,fileName);
data/4ti2-1.6.9+ds/src/util/output.c:575:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(outFileName,argv[i+1]);
data/4ti2-1.6.9+ds/src/util/output.c:577:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(outFileName,argv[i+2]);
data/4ti2-1.6.9+ds/src/util/output.c:585:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName,argv[argc-1]);
data/4ti2-1.6.9+ds/src/util/output.c:593:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outFileName,fileName);
data/4ti2-1.6.9+ds/src/util/output.c:595:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(outFileName,argv[i+1]);
data/4ti2-1.6.9+ds/src/util/output.c:602:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outFileName,fileName);
data/4ti2-1.6.9+ds/src/util/output.c:604:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(outFileName,argv[i+1]);
data/4ti2-1.6.9+ds/src/util/output.c:606:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(outFileName,argv[i+2]);
data/4ti2-1.6.9+ds/src/util/output.c:614:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName,argv[argc-1]);
data/4ti2-1.6.9+ds/src/util/output.c:621:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName,argv[argc-1]);
data/4ti2-1.6.9+ds/src/util/output.c:628:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outFileName,fileName);
data/4ti2-1.6.9+ds/src/util/output.c:630:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(outFileName,argv[i+1]);
data/4ti2-1.6.9+ds/src/util/output.c:637:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName,argv[argc-3]);
data/4ti2-1.6.9+ds/src/util/output.c:639:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName,argv[argc-2]);
data/4ti2-1.6.9+ds/src/util/output.c:643:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName,argv[argc-1]);
data/4ti2-1.6.9+ds/src/util/output.c:647:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName,argv[argc-1]);
data/4ti2-1.6.9+ds/src/util/output.c:650:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outFileName,fileName);
data/4ti2-1.6.9+ds/src/util/output.c:655:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName,argv[argc-1]);
data/4ti2-1.6.9+ds/src/util/output.c:660:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outFileName,fileName);
data/4ti2-1.6.9+ds/src/util/output.c:665:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName,argv[argc-1]);
data/4ti2-1.6.9+ds/src/util/output.c:667:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outFileName,fileName);
data/4ti2-1.6.9+ds/src/util/output.c:672:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName,argv[argc-1]);
data/4ti2-1.6.9+ds/src/util/output.c:674:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outFileName,fileName);
data/4ti2-1.6.9+ds/src/util/output.c:679:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName,argv[argc-1]);
data/4ti2-1.6.9+ds/src/util/output.c:681:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outFileName,fileName);
data/4ti2-1.6.9+ds/src/util/output.c:686:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName,argv[argc-1]);
data/4ti2-1.6.9+ds/src/util/output.c:688:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outFileName,fileName);
data/4ti2-1.6.9+ds/src/util/output.c:693:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName,argv[argc-1]);
data/4ti2-1.6.9+ds/src/util/output.c:695:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outFileName,fileName);
data/4ti2-1.6.9+ds/src/util/output.c:700:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName,argv[argc-1]);
data/4ti2-1.6.9+ds/src/util/output.c:702:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outFileName,fileName);
data/4ti2-1.6.9+ds/src/util/output.c:706:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(varFileName,fileName);
data/4ti2-1.6.9+ds/src/util/output.c:723:8: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (fscanf(in,"%s",s) != 1) {
data/4ti2-1.6.9+ds/src/util/output.c:735:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName,argv[argc-1]);
data/4ti2-1.6.9+ds/src/util/output.c:746:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName,argv[argc-2]);
data/4ti2-1.6.9+ds/src/util/output.c:749:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName,argv[argc-1]);
data/4ti2-1.6.9+ds/src/util/output.c:751:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outFileName,fileName);
data/4ti2-1.6.9+ds/src/util/output.c:758:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName,argv[argc-1]);
data/4ti2-1.6.9+ds/src/util/output.c:761:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outFileName,fileName);
data/4ti2-1.6.9+ds/src/util/output.c:769:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName,argv[argc-1]);
data/4ti2-1.6.9+ds/src/util/output.c:771:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(symFileName,argv[argc-2]);
data/4ti2-1.6.9+ds/src/util/output.c:774:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outFileName,symFileName);
data/4ti2-1.6.9+ds/src/util/output.c:781:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName,argv[argc-1]);
data/4ti2-1.6.9+ds/src/util/output.c:790:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outFileName,fileName);
data/4ti2-1.6.9+ds/src/util/output.c:796:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName,argv[argc-1]);
data/4ti2-1.6.9+ds/src/util/output.c:800:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outFileName,fileName);
data/4ti2-1.6.9+ds/src/util/output.c:811:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName,argv[argc-1]);
data/4ti2-1.6.9+ds/src/util/output.c:814:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outFileName,fileName);
data/4ti2-1.6.9+ds/src/util/output.c:824:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName,argv[argc-1]);
data/4ti2-1.6.9+ds/src/util/output.c:827:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outFileName,fileName);
data/4ti2-1.6.9+ds/src/util/output.c:832:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName,argv[argc-1]);
data/4ti2-1.6.9+ds/src/util/output.c:833:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(groFileName,fileName);
data/4ti2-1.6.9+ds/src/util/output.c:836:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(costFileName,argv[argc-1]);
data/4ti2-1.6.9+ds/src/util/output.c:848:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outFileName,fileName);
data/4ti2-1.6.9+ds/src/util/output.c:853:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(varFileName,fileName);
data/4ti2-1.6.9+ds/src/util/output.c:871:8: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (fscanf(in,"%s",s) != 1) {
data/4ti2-1.6.9+ds/src/util/output.c:880:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outFileName,fileName);
data/4ti2-1.6.9+ds/src/util/print.c:780:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outFileName,fileName);
data/4ti2-1.6.9+ds/src/util/print.c:790:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outFileName,fileName);
data/4ti2-1.6.9+ds/src/util/print.c:800:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outFileName,fileName);
data/4ti2-1.6.9+ds/src/util/print.c:810:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outFileName,fileName);
data/4ti2-1.6.9+ds/src/zsolve/Algorithm.hpp:669:35: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
Algorithm (LinearSystem <T> * system, Controller <T>* controller)
data/4ti2-1.6.9+ds/src/zsolve/Algorithm.hpp:675:32: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
m_controller->log_system (system);
data/4ti2-1.6.9+ds/src/zsolve/Algorithm.hpp:680:61: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
LinearSystem <T> * homo = homogenize_linear_system (system);
data/4ti2-1.6.9+ds/src/zsolve/Controller.hpp:39:49: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
virtual void log_system (LinearSystem <T> * system) = 0;
data/4ti2-1.6.9+ds/src/zsolve/Controller.hpp:40:61: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
virtual void log_homogenized_system (LinearSystem <T> * system) = 0;
data/4ti2-1.6.9+ds/src/zsolve/Controller.hpp:41:45: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
virtual void log_lattice (Lattice <T> * system) = 0;
data/4ti2-1.6.9+ds/src/zsolve/Controller.hpp:53:46: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
virtual void save_lattice (Lattice <T> * system) = 0;
data/4ti2-1.6.9+ds/src/zsolve/DefaultController.hpp:60:41: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void log_system (LinearSystem <T> * system)
data/4ti2-1.6.9+ds/src/zsolve/DefaultController.hpp:63:61: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
*m_console << "Linear system to solve:\n\n" << *system << std::endl;
data/4ti2-1.6.9+ds/src/zsolve/DefaultController.hpp:65:57: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
*m_log << "Linear system to solve:\n\n" << *system << std::endl;
data/4ti2-1.6.9+ds/src/zsolve/DefaultController.hpp:68:53: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void log_homogenized_system (LinearSystem <T> * system)
data/4ti2-1.6.9+ds/src/zsolve/DefaultController.hpp:71:87: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
*m_console << "Linear system of homogeneous equalities to solve:\n\n" << *system << std::endl;
data/4ti2-1.6.9+ds/src/zsolve/DefaultController.hpp:73:83: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
*m_log << "Linear system of homogeneous equalities to solve:\n\n" << *system << std::endl;
data/4ti2-1.6.9+ds/src/zsolve/Lattice.hpp:263:72: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
template <typename T> Lattice <T>* generate_lattice (LinearSystem <T>* system)
data/4ti2-1.6.9+ds/src/zsolve/Lattice.hpp:273:44: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
Lattice <T>* result = new Lattice <T> (system);
data/4ti2-1.6.9+ds/src/zsolve/LinearSystem.hpp:155:97: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
template <typename X> friend std::ostream& operator<< (std::ostream& out, LinearSystem <X>& system);
data/4ti2-1.6.9+ds/src/zsolve/LinearSystem.hpp:158:86: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
template <typename T> std::ostream& operator<< (std::ostream& out, LinearSystem <T>& system)
data/4ti2-1.6.9+ds/src/zsolve/LinearSystem.hpp:160:19: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
size_t vars = system.variables ();
data/4ti2-1.6.9+ds/src/zsolve/LinearSystem.hpp:161:19: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
size_t rels = system.relations ();
data/4ti2-1.6.9+ds/src/zsolve/LinearSystem.hpp:166:38: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
VariableProperty <T> & var = system.get_variable (i);
data/4ti2-1.6.9+ds/src/zsolve/LinearSystem.hpp:170:62: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
space[i] = max <size_t> (space[i], integer_space(system.matrix () [j][i]));
data/4ti2-1.6.9+ds/src/zsolve/LinearSystem.hpp:177:30: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
Relation <T> & rel = system.get_relation (i);
data/4ti2-1.6.9+ds/src/zsolve/LinearSystem.hpp:180:69: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
space[vars+1] = max <size_t> (space[vars+1], integer_space (system.rhs () [i]));
data/4ti2-1.6.9+ds/src/zsolve/LinearSystem.hpp:186:38: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
VariableProperty <T> & var = system.get_variable (i);
data/4ti2-1.6.9+ds/src/zsolve/LinearSystem.hpp:196:38: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
VariableProperty <T> & var = system.get_variable (i);
data/4ti2-1.6.9+ds/src/zsolve/LinearSystem.hpp:206:38: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
VariableProperty <T> & var = system.get_variable (i);
data/4ti2-1.6.9+ds/src/zsolve/LinearSystem.hpp:230:29: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const T value = system.matrix () [i][j];
data/4ti2-1.6.9+ds/src/zsolve/LinearSystem.hpp:236:30: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
Relation <T> & rel = system.get_relation (i);
data/4ti2-1.6.9+ds/src/zsolve/LinearSystem.hpp:241:25: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const T value = system.rhs () [i];
data/4ti2-1.6.9+ds/src/zsolve/LinearSystem.hpp:337:12: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
return system;
data/4ti2-1.6.9+ds/src/zsolve/ZSolveAPI.hpp:343:40: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
algorithm = new Algorithm <T> (system, controller);
data/4ti2-1.6.9+ds/src/zsolve/ZSolveAPI.hpp:344:16: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
delete system;
data/4ti2-1.6.9+ds/src/groebner/BasicOptions.cpp:65:13: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt_long (argc, argv, "p:qh", long_options, &option_index);
data/4ti2-1.6.9+ds/src/groebner/BasicOptions.cpp:67:13: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt(argc, argv, "p:qh");
data/4ti2-1.6.9+ds/src/groebner/CircuitOptions.cpp:74:13: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt_long (argc, argv, "mso:f:p:qh",
data/4ti2-1.6.9+ds/src/groebner/CircuitOptions.cpp:77:13: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt(argc, argv, "mso:f:p:qh");
data/4ti2-1.6.9+ds/src/groebner/MinimizeOptions.cpp:69:13: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt_long (argc, argv, "a:r:f:t:p:qh",
data/4ti2-1.6.9+ds/src/groebner/MinimizeOptions.cpp:72:13: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt(argc, argv, "a:r:f:t:p:qh");
data/4ti2-1.6.9+ds/src/groebner/Options.cpp:71:13: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt_long (argc, argv, "g:a:m:r:f:t:p:qh",
data/4ti2-1.6.9+ds/src/groebner/Options.cpp:74:13: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt(argc, argv, "g:a:m:r:f:t:p:qh");
data/4ti2-1.6.9+ds/src/groebner/QSolveAPI.cpp:182:13: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt_long (argc, argv, "mso:f:p:qh",
data/4ti2-1.6.9+ds/src/groebner/QSolveAPI.cpp:185:13: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt(argc, argv, "mso:f:p:qh");
data/4ti2-1.6.9+ds/src/groebner/WalkOptions.cpp:67:13: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt_long (argc, argv, "f:t:p:qh",
data/4ti2-1.6.9+ds/src/groebner/WalkOptions.cpp:70:13: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt(argc, argv, "f:t:p:qh");
data/4ti2-1.6.9+ds/src/ppi/ppi.cpp:1125:18: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((optc = getopt_long (argc, argv, "hvb", longopts, NULL)) != -1)
data/4ti2-1.6.9+ds/src/util/genmodel.c:192:18: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((optc = getopt_long (argc, argv, "hvq", longopts, NULL)) != -1)
data/4ti2-1.6.9+ds/src/util/gensymm.c:116:18: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((optc = getopt_long (argc, argv, "hvq", longopts, NULL)) != -1)
data/4ti2-1.6.9+ds/src/zsolve/Heuristics.hpp:140:9: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand (time (NULL));
data/4ti2-1.6.9+ds/src/zsolve/Options.cpp:99:14: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt_long(argc, argv, "b::hl::qru::v::HGmp:", long_options, NULL)) != -1)
data/4ti2-1.6.9+ds/src/groebner/HybridGenSet.cpp:120:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[250];
data/4ti2-1.6.9+ds/src/groebner/HybridGenSet.cpp:127:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, " Lift %3d: Col: %3d ", fin.count(), column);
data/4ti2-1.6.9+ds/src/groebner/LongDenseIndexSet.h:157:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char bit_count[256];
data/4ti2-1.6.9+ds/src/groebner/ProjectLiftGenSet.cpp:134:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[250];
data/4ti2-1.6.9+ds/src/groebner/ProjectLiftGenSet.cpp:135:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, " Lift %3d: Col: %3d ", fin.count()+1, index);
data/4ti2-1.6.9+ds/src/groebner/ProjectLiftGenSet.cpp:150:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, " Lift %3d: Col: %3d ", fin.count(), column);
data/4ti2-1.6.9+ds/src/groebner/SaturationGenSet.cpp:112:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[250];
data/4ti2-1.6.9+ds/src/groebner/SaturationGenSet.cpp:119:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, " Sat %3d: Col: %3d ",
data/4ti2-1.6.9+ds/src/groebner/SaturationGenSet.cpp:150:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, " Sat %3d: Col: %3d ",
data/4ti2-1.6.9+ds/src/groebner/ShortDenseIndexSet.h:151:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char bit_count[256];
data/4ti2-1.6.9+ds/src/ppi/ppi.cpp:85:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
signed char Stuff[4];
data/4ti2-1.6.9+ds/src/ppi/ppi.cpp:95:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(this, &aux, sizeof(VectorAux) -4 + 1 + aux.Length());
data/4ti2-1.6.9+ds/src/ppi/ppi.cpp:121:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aux, v.aux, sizeof(VectorAux) -4 + 1 + v.aux->Length());
data/4ti2-1.6.9+ds/src/ppi/ppi.cpp:1177:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[20];
data/4ti2-1.6.9+ds/src/ppi/ppi.cpp:1178:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "ppi%d.dat", n);
data/4ti2-1.6.9+ds/src/ppi/ppi.cpp:1180:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen(fname, "wb");
data/4ti2-1.6.9+ds/src/ppi/ppi.cpp:1193:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[20];
data/4ti2-1.6.9+ds/src/ppi/ppi.cpp:1194:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "ppi%d.gra", n);
data/4ti2-1.6.9+ds/src/ppi/ppi.cpp:1210:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[20];
data/4ti2-1.6.9+ds/src/ppi/ppi.cpp:1211:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "ppi%d.mat", n);
data/4ti2-1.6.9+ds/src/util/genmodel.c:54:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(in = fopen(fileName,"r"))) {
data/4ti2-1.6.9+ds/src/util/genmodel.c:184:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[PATH_MAX],outFileName[PATH_MAX];
data/4ti2-1.6.9+ds/src/util/genmodel.c:221:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fileName,".mod");
data/4ti2-1.6.9+ds/src/util/genmodel.c:223:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(outFileName,".mat");
data/4ti2-1.6.9+ds/src/util/genmodel.c:234:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(out = fopen(outFileName,"w"))) {
data/4ti2-1.6.9+ds/src/util/gensymm.c:107:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[PATH_MAX],outFileName[PATH_MAX];
data/4ti2-1.6.9+ds/src/util/gensymm.c:147:5: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
x=atoi(argv[argc-5]);
data/4ti2-1.6.9+ds/src/util/gensymm.c:148:5: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
y=atoi(argv[argc-4]);
data/4ti2-1.6.9+ds/src/util/gensymm.c:149:5: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
z=atoi(argv[argc-3]);
data/4ti2-1.6.9+ds/src/util/gensymm.c:150:5: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
w=atoi(argv[argc-2]);
data/4ti2-1.6.9+ds/src/util/gensymm.c:173:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(outFileName,".sym");
data/4ti2-1.6.9+ds/src/util/gensymm.c:175:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(out = fopen(outFileName,"w"))) {
data/4ti2-1.6.9+ds/src/util/output.c:53:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(in = fopen(fileName,"r"))) {
data/4ti2-1.6.9+ds/src/util/output.c:412:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[PATH_MAX],outFileName[PATH_MAX],domFileName[PATH_MAX],symFileName[PATH_MAX],
data/4ti2-1.6.9+ds/src/util/output.c:447:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(outFileName,".pos");
data/4ti2-1.6.9+ds/src/util/output.c:454:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(symFileName,".sym.full");
data/4ti2-1.6.9+ds/src/util/output.c:461:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(symFileName,".sym");
data/4ti2-1.6.9+ds/src/util/output.c:473:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(symFileName,".full");
data/4ti2-1.6.9+ds/src/util/output.c:479:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(outFileName,".rep");
data/4ti2-1.6.9+ds/src/util/output.c:491:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(outFileName,".nondom");
data/4ti2-1.6.9+ds/src/util/output.c:500:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(symFileName,".sym.full");
data/4ti2-1.6.9+ds/src/util/output.c:507:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(symFileName,".sym");
data/4ti2-1.6.9+ds/src/util/output.c:519:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(symFileName,".full");
data/4ti2-1.6.9+ds/src/util/output.c:524:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(outFileName,".maxnondom");
data/4ti2-1.6.9+ds/src/util/output.c:533:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(symFileName,".sym.full");
data/4ti2-1.6.9+ds/src/util/output.c:538:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(symFileName,".sym");
data/4ti2-1.6.9+ds/src/util/output.c:552:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(outFileName,".exp");
data/4ti2-1.6.9+ds/src/util/output.c:562:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
degree=atoi(argv[i+1]);
data/4ti2-1.6.9+ds/src/util/output.c:565:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(outFileName,".deg.");
data/4ti2-1.6.9+ds/src/util/output.c:570:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lowdegree=atoi(argv[i+1]);
data/4ti2-1.6.9+ds/src/util/output.c:571:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
highdegree=atoi(argv[i+2]);
data/4ti2-1.6.9+ds/src/util/output.c:574:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(outFileName,".deg.");
data/4ti2-1.6.9+ds/src/util/output.c:591:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
degree=atoi(argv[i+1]);
data/4ti2-1.6.9+ds/src/util/output.c:594:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(outFileName,".supp.");
data/4ti2-1.6.9+ds/src/util/output.c:599:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lowdegree=atoi(argv[i+1]);
data/4ti2-1.6.9+ds/src/util/output.c:600:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
highdegree=atoi(argv[i+2]);
data/4ti2-1.6.9+ds/src/util/output.c:603:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(outFileName,".supp.");
data/4ti2-1.6.9+ds/src/util/output.c:616:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sizeOfLayer=atoi(argv[i+1]);
data/4ti2-1.6.9+ds/src/util/output.c:627:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
coord=atoi(argv[i+1]);
data/4ti2-1.6.9+ds/src/util/output.c:629:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(outFileName,".nonzero.");
data/4ti2-1.6.9+ds/src/util/output.c:651:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(outFileName,".0-1");
data/4ti2-1.6.9+ds/src/util/output.c:657:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
x=atoi(argv[i+1]);
data/4ti2-1.6.9+ds/src/util/output.c:658:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
y=atoi(argv[i+2]);
data/4ti2-1.6.9+ds/src/util/output.c:659:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
z=atoi(argv[i+3]);
data/4ti2-1.6.9+ds/src/util/output.c:661:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(outFileName,".3way");
data/4ti2-1.6.9+ds/src/util/output.c:668:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(outFileName,".tra");
data/4ti2-1.6.9+ds/src/util/output.c:675:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(outFileName,".maple");
data/4ti2-1.6.9+ds/src/util/output.c:682:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(outFileName,".macaulay2");
data/4ti2-1.6.9+ds/src/util/output.c:689:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(outFileName,".mathematica");
data/4ti2-1.6.9+ds/src/util/output.c:696:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(outFileName,".cocoa");
data/4ti2-1.6.9+ds/src/util/output.c:703:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(outFileName,".bin");
data/4ti2-1.6.9+ds/src/util/output.c:707:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(varFileName,".vars");
data/4ti2-1.6.9+ds/src/util/output.c:708:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((in = fopen(varFileName,"r"))) {
data/4ti2-1.6.9+ds/src/util/output.c:752:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(outFileName,".submat");
data/4ti2-1.6.9+ds/src/util/output.c:760:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
coord=atoi(argv[argc-2]);
data/4ti2-1.6.9+ds/src/util/output.c:762:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(outFileName,".remcol");
data/4ti2-1.6.9+ds/src/util/output.c:775:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(outFileName,".stab");
data/4ti2-1.6.9+ds/src/util/output.c:783:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
coord=atoi(argv[argc-3]);
data/4ti2-1.6.9+ds/src/util/output.c:784:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
val=atoi(argv[argc-2]);
data/4ti2-1.6.9+ds/src/util/output.c:791:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(outFileName,".fil");
data/4ti2-1.6.9+ds/src/util/output.c:798:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
coord=atoi(argv[argc-3]);
data/4ti2-1.6.9+ds/src/util/output.c:799:6: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
val=atoi(argv[argc-2]);
data/4ti2-1.6.9+ds/src/util/output.c:801:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(outFileName,".addcol");
data/4ti2-1.6.9+ds/src/util/output.c:810:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
for (j=2;j<argc-1;j++) fixpoints[j-2]=atoi(argv[j]);
data/4ti2-1.6.9+ds/src/util/output.c:815:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(outFileName,".fix");
data/4ti2-1.6.9+ds/src/util/output.c:823:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
for (j=2;j<argc-1;j++) fixpoints[j-2]=atoi(argv[j]);
data/4ti2-1.6.9+ds/src/util/output.c:828:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(outFileName,".fox");
data/4ti2-1.6.9+ds/src/util/output.c:834:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(groFileName,".gro");
data/4ti2-1.6.9+ds/src/util/output.c:837:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(costFileName,".cost");
data/4ti2-1.6.9+ds/src/util/output.c:849:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(outFileName,".ini");
data/4ti2-1.6.9+ds/src/util/output.c:854:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(varFileName,".vars");
data/4ti2-1.6.9+ds/src/util/output.c:855:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((in = fopen(varFileName,"r"))) {
data/4ti2-1.6.9+ds/src/util/output.c:881:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(outFileName,".ini.bin");
data/4ti2-1.6.9+ds/src/util/print.c:92:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(out = fopen(fileName,"w"))) {
data/4ti2-1.6.9+ds/src/util/print.c:118:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(out = fopen(fileName,"w"))) {
data/4ti2-1.6.9+ds/src/util/print.c:158:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(out = fopen(fileName,"w"))) {
data/4ti2-1.6.9+ds/src/util/print.c:198:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(out = fopen(fileName,"w"))) {
data/4ti2-1.6.9+ds/src/util/print.c:226:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(out = fopen(fileName,"w"))) {
data/4ti2-1.6.9+ds/src/util/print.c:328:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(out = fopen(fileName,"w"))) {
data/4ti2-1.6.9+ds/src/util/print.c:387:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(out = fopen(fileName,"w"))) {
data/4ti2-1.6.9+ds/src/util/print.c:464:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(out = fopen(fileName,"w"))) {
data/4ti2-1.6.9+ds/src/util/print.c:490:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(out = fopen(fileName,"w"))) {
data/4ti2-1.6.9+ds/src/util/print.c:518:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(out = fopen(fileName,"w"))) {
data/4ti2-1.6.9+ds/src/util/print.c:596:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(out = fopen(outFileName,"w"))) {
data/4ti2-1.6.9+ds/src/util/print.c:660:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(out = fopen(outFileName,"w"))) {
data/4ti2-1.6.9+ds/src/util/print.c:738:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(out = fopen(outFileName,"w"))) {
data/4ti2-1.6.9+ds/src/util/print.c:768:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outFileName[PATH_MAX];
data/4ti2-1.6.9+ds/src/util/print.c:801:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(outFileName,".dual.hil");
data/4ti2-1.6.9+ds/src/util/print.c:811:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(outFileName,".ray");
data/4ti2-1.6.9+ds/src/util/print.c:823:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(out = fopen(fileName,"w"))) {
data/4ti2-1.6.9+ds/test/qsolve/api/test_input_conversion_64.cpp:69:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
switch (atoi(argv[1])) {
data/4ti2-1.6.9+ds/test/qsolve/api/test_input_conversion_64.cpp:85:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *qsolve_argv[2] = { "qsolve", "-q" };
data/4ti2-1.6.9+ds/test/qsolve/api/test_input_conversion_gmp.cpp:68:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
switch (atoi(argv[1])) {
data/4ti2-1.6.9+ds/test/qsolve/api/test_input_conversion_gmp.cpp:84:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *qsolve_argv[2] = { "qsolve", "-q" };
data/4ti2-1.6.9+ds/src/4ti2/4ti2xx.h:45:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual void read(std::istream& in) = 0;
data/4ti2-1.6.9+ds/src/4ti2/4ti2xx.h:67:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual void read(const char* project) = 0;
data/4ti2-1.6.9+ds/src/groebner/QSolveAPI.cpp:96:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
mat->read(in);
data/4ti2-1.6.9+ds/src/groebner/QSolveAPI.cpp:321:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QSolveAPI::read(const char* basename_c_str)
data/4ti2-1.6.9+ds/src/groebner/QSolveAPI.h:44:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual void read(const char* basename);
data/4ti2-1.6.9+ds/src/groebner/VectorArrayAPI.cpp:66:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VectorArrayAPI::read(std::istream& in)
data/4ti2-1.6.9+ds/src/groebner/VectorArrayAPI.h:42:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual void read(std::istream& in);
data/4ti2-1.6.9+ds/src/groebner/qsolve_main.cpp:61:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
qsolve_api->read(0);
data/4ti2-1.6.9+ds/src/util/output.c:576:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(outFileName,"-");
data/4ti2-1.6.9+ds/src/util/output.c:605:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(outFileName,"-");
data/4ti2-1.6.9+ds/src/zsolve/BoundAPI.hpp:35:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual void read(std::istream& in);
data/4ti2-1.6.9+ds/src/zsolve/BoundAPI.hpp:53:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
BoundAPI<T>::read(std::istream& in)
data/4ti2-1.6.9+ds/src/zsolve/RelAPI.cpp:36:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
RelAPI::read(std::istream& in)
data/4ti2-1.6.9+ds/src/zsolve/RelAPI.h:34:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual void read(std::istream& in);
data/4ti2-1.6.9+ds/src/zsolve/SignAPI.cpp:36:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
SignAPI::read(std::istream& in)
data/4ti2-1.6.9+ds/src/zsolve/SignAPI.h:34:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual void read(std::istream& in);
data/4ti2-1.6.9+ds/src/zsolve/VectorArray.hpp:265:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read (std::istream& in, bool with_dims = true)
data/4ti2-1.6.9+ds/src/zsolve/VectorArray.hpp:290:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
va.read (in);
data/4ti2-1.6.9+ds/src/zsolve/VectorArrayAPI.hpp:45:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual void read(std::istream& in);
data/4ti2-1.6.9+ds/src/zsolve/VectorArrayAPI.hpp:177:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VectorArrayAPI<T>::read(std::istream& in)
data/4ti2-1.6.9+ds/src/zsolve/VectorArrayAPI.hpp:179:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
data.read(in, false);
data/4ti2-1.6.9+ds/src/zsolve/ZSolveAPI.hpp:59:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual void read(const char* project);
data/4ti2-1.6.9+ds/src/zsolve/ZSolveAPI.hpp:132:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ZSolveAPI<T>::read(const char* project_c_str)
data/4ti2-1.6.9+ds/src/zsolve/ZSolveAPI.hpp:230:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
mat->read(in);
data/4ti2-1.6.9+ds/src/zsolve/main.cpp:58:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
state->read(options.project().c_str());
ANALYSIS SUMMARY:
Hits = 276
Lines analyzed = 34937 in approximately 0.82 seconds (42535 lines/second)
Physical Source Lines of Code (SLOC) = 24695
Hits@level = [0] 220 [1] 25 [2] 114 [3] 17 [4] 120 [5] 0
Hits@level+ = [0+] 496 [1+] 276 [2+] 251 [3+] 137 [4+] 120 [5+] 0
Hits/KSLOC@level+ = [0+] 20.085 [1+] 11.1764 [2+] 10.164 [3+] 5.54768 [4+] 4.85928 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.