Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/atlc-4.6.1/tests/Test_threads_b.c
Examining data/atlc-4.6.1/tests/try_linux.c
Examining data/atlc-4.6.1/tests/try_portable.c
Examining data/atlc-4.6.1/tests/try_solaris.c
Examining data/atlc-4.6.1/tests/try_aix.c
Examining data/atlc-4.6.1/tests/Test_threads_a.c
Examining data/atlc-4.6.1/tests/sysdata.c
Examining data/atlc-4.6.1/tests/defs.h
Examining data/atlc-4.6.1/tests/try_bsd.c
Examining data/atlc-4.6.1/tests/try_hpux.c
Examining data/atlc-4.6.1/tests/try_irix.c
Examining data/atlc-4.6.1/tests/try_tru64.c
Examining data/atlc-4.6.1/tests/MPI_16a_PI.c
Examining data/atlc-4.6.1/tests/try_unicos.c
Examining data/atlc-4.6.1/tests/benchmark.c
Examining data/atlc-4.6.1/src/finite_difference_mpi.c
Examining data/atlc-4.6.1/src/Erdata.h
Examining data/atlc-4.6.1/src/check_for_shorts.c
Examining data/atlc-4.6.1/src/bmp.h
Examining data/atlc-4.6.1/src/fill_image_vector_for_create_bmp_for_symmetrical_stripline.c
Examining data/atlc-4.6.1/src/check_error.c
Examining data/atlc-4.6.1/src/create_bmp_for_microstrip_coupler.c
Examining data/atlc-4.6.1/src/write_bitmap.c
Examining data/atlc-4.6.1/src/usage_create_bmp_for_symmetrical_stripline.c
Examining data/atlc-4.6.1/src/print_copyright.c
Examining data/atlc-4.6.1/src/check_parameters_of_create_bmp_for_rect_in_rect.c
Examining data/atlc-4.6.1/src/calculate_impedance_for_create_bmp_for_symmetrical_stripline.c
Examining data/atlc-4.6.1/src/usage_create_bmp_for_rect_cen_in_rect.c
Examining data/atlc-4.6.1/src/fill_circ_in_circ.c
Examining data/atlc-4.6.1/src/usage_create_bmp_for_circ_in_circ.c
Examining data/atlc-4.6.1/src/find_energy_per_metre.c
Examining data/atlc-4.6.1/src/create_bmp_for_symmetrical_stripline.c
Examining data/atlc-4.6.1/src/definitions.h
Examining data/atlc-4.6.1/src/find_electric_fields.c
Examining data/atlc-4.6.1/src/fill_rect_in_rect.c
Examining data/atlc-4.6.1/src/read_bitmap_file_headers.c
Examining data/atlc-4.6.1/src/memory.c
Examining data/atlc-4.6.1/src/usage_create_bmp_for_rect_in_rect.c
Examining data/atlc-4.6.1/src/convert_create_bmp_for_circ_in_rect_dimensions_to_integers.c
Examining data/atlc-4.6.1/src/set_oddity_from_Greens_paper.c
Examining data/atlc-4.6.1/src/write_bitmap_out.c
Examining data/atlc-4.6.1/src/check_parameters_of_create_bmp_for_circ_in_circ.c
Examining data/atlc-4.6.1/src/convert_create_bmp_for_circ_in_circ_dimensions_to_integers.c
Examining data/atlc-4.6.1/src/atlc.c
Examining data/atlc-4.6.1/src/find_maximum_values.c
Examining data/atlc-4.6.1/src/create_bmp_for_circ_in_circ.c
Examining data/atlc-4.6.1/src/align_bitmap_image.c
Examining data/atlc-4.6.1/src/design_coupler.c
Examining data/atlc-4.6.1/src/usage_create_any_bitmap.c
Examining data/atlc-4.6.1/src/find_optimal_dimensions_for_microstrip_coupler.c
Examining data/atlc-4.6.1/src/check_parameters_for_find_optimal_dimensions_for_microstrip_coupler.c
Examining data/atlc-4.6.1/src/calculate_integer_values.c
Examining data/atlc-4.6.1/src/create_bmp_for_rect_cen_in_rect.c
Examining data/atlc-4.6.1/src/create_bmp_for_rect_cen_in_rect_coupler.c
Examining data/atlc-4.6.1/src/finite_difference_multi_threaded.c
Examining data/atlc-4.6.1/src/create_bmp_for_stripline_coupler.c
Examining data/atlc-4.6.1/src/usage_atlc.c
Examining data/atlc-4.6.1/src/finite_difference_single_threaded.c
Examining data/atlc-4.6.1/src/readbin.c
Examining data/atlc-4.6.1/src/exit_with_msg_and_exit_code.c
Examining data/atlc-4.6.1/src/set_data_to_sensible_starting_values.c
Examining data/atlc-4.6.1/src/create_bmp_for_rect_in_rect.c
Examining data/atlc-4.6.1/src/exit_codes.h
Examining data/atlc-4.6.1/src/update_voltage_array.c
Examining data/atlc-4.6.1/src/write_fields_for_directional_couplers.c
Examining data/atlc-4.6.1/src/usage_find_optimal_dimensions_for_microstrip_coupler.c
Examining data/atlc-4.6.1/src/check_parameters_of_create_bmp_for_circ_in_rect.c
Examining data/atlc-4.6.1/src/convert_create_bmp_for_rect_in_circ_dimensions_to_integers.c
Examining data/atlc-4.6.1/src/get_file_pointer_with_right_filename.c
Examining data/atlc-4.6.1/src/create_any_bitmap.c
Examining data/atlc-4.6.1/src/usage_create_bmp_for_microstrip_coupler.c
Examining data/atlc-4.6.1/src/convert_create_bmp_for_rect_in_rect_dimensions_to_integers.c
Examining data/atlc-4.6.1/src/usage_create_bmp_for_rect_in_circ.c
Examining data/atlc-4.6.1/src/gsl_types.h
Examining data/atlc-4.6.1/src/fill_rect_in_circ.c
Examining data/atlc-4.6.1/src/calculate_colour_data.c
Examining data/atlc-4.6.1/src/usage_create_bmp_for_stripline_coupler.c
Examining data/atlc-4.6.1/src/give_examples_of_using_design_coupler.c
Examining data/atlc-4.6.1/src/write_fields_for_two_conductor_lines.c
Examining data/atlc-4.6.1/src/usage_create_bmp_for_circ_in_rect.c
Examining data/atlc-4.6.1/src/fill_circ_in_rect.c
Examining data/atlc-4.6.1/src/check_parameters_of_create_bmp_for_rect_in_circ.c
Examining data/atlc-4.6.1/src/setup_arrays.c
Examining data/atlc-4.6.1/src/usage_readbin.c
Examining data/atlc-4.6.1/src/fill_make_coupler.c
Examining data/atlc-4.6.1/src/get_Er1_and_Er2_colours.c
Examining data/atlc-4.6.1/src/usage_create_bmp_for_rect_cen_in_rect_coupler.c
Examining data/atlc-4.6.1/src/calculate_Zodd_and_Zeven.c
Examining data/atlc-4.6.1/src/create_bmp_for_rect_in_circ.c
Examining data/atlc-4.6.1/src/check_parameters_of_create_bmp_for_microstrip_coupler.c
Examining data/atlc-4.6.1/src/gsl_definitions.h
Examining data/atlc-4.6.1/src/check_for_boundaries.c
Examining data/atlc-4.6.1/src/elliptic_integral.c
Examining data/atlc-4.6.1/src/fill_image_vector_for_create_bmp_for_microstrip_coupler.c
Examining data/atlc-4.6.1/src/print_data_for_two_conductor_lines.c
Examining data/atlc-4.6.1/src/print_data_for_directional_couplers.c
Examining data/atlc-4.6.1/src/get_options.c
Examining data/atlc-4.6.1/src/usage_design_coupler.c
Examining data/atlc-4.6.1/src/convert_create_bmp_for_coupled_microstrip_dimensions_to_integers.c
Examining data/atlc-4.6.1/src/do_fd_calculation.c
Examining data/atlc-4.6.1/src/create_bmp_for_circ_in_rect.c
Examining data/atlc-4.6.1/src/gsl_sf_ellint_Kcomp.c
Examining data/atlc-4.6.1/src/byteswap.c
Examining data/atlc-4.6.1/src/swap_conductor_voltages.c
Examining data/atlc-4.6.1/docs/qex-december-1996/ATLC.C
Examining data/atlc-4.6.1/tools/src/coax.c
Examining data/atlc-4.6.1/tools/src/mymd5sum.c
Examining data/atlc-4.6.1/tools/src/get_options.c
Examining data/atlc-4.6.1/tools/src/md5.h
Examining data/atlc-4.6.1/tools/src/dualcoax.c
Examining data/atlc-4.6.1/tools/src/myfilelength.c
Examining data/atlc-4.6.1/tools/src/locatediff.c
Examining data/atlc-4.6.1/tools/src/usage_coax.c

FINAL RESULTS:

data/atlc-4.6.1/src/atlc.c:139:14:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
      (void) strcpy(output_prefix,my_optarg);
data/atlc-4.6.1/src/atlc.c:194:12:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    (void) strcpy(inputfile_name, argv[my_optind]);
data/atlc-4.6.1/src/atlc.c:195:12:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    (void) strcpy(outputfile_name, output_prefix);
data/atlc-4.6.1/src/atlc.c:196:12:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    (void) strcat(output_prefix,inputfile_name);
data/atlc-4.6.1/src/atlc.c:197:12:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    (void) strcpy(outputfile_name,output_prefix);
data/atlc-4.6.1/src/find_optimal_dimensions_for_microstrip_coupler.c:109:12:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    (void) strcpy(outfile_name, argv[my_optind+6]);
data/atlc-4.6.1/src/find_optimal_dimensions_for_microstrip_coupler.c:115:25:  [4] (shell) popen:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
  if( (exit_code=pclose(popen("rm 1.txt 1.bmp","w"))) != 0)
data/atlc-4.6.1/src/find_optimal_dimensions_for_microstrip_coupler.c:126:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(cmd,"create_bmp_for_microstrip_coupler %f %f %f %f %f %f %f %s\n",w, s, g, h, t, Er1, Er2,temporary_bmp_file);
data/atlc-4.6.1/src/find_optimal_dimensions_for_microstrip_coupler.c:127:24:  [4] (shell) popen:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	if( (exit_code=pclose(popen(cmd,"w"))) != 0)
data/atlc-4.6.1/src/find_optimal_dimensions_for_microstrip_coupler.c:132:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(cmd,"atlc -S -s %s > %s\n", temporary_bmp_file, temporary_txt_file);
data/atlc-4.6.1/src/find_optimal_dimensions_for_microstrip_coupler.c:133:19:  [4] (shell) popen:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	exit_code=pclose(popen(cmd,"w"));
data/atlc-4.6.1/src/find_optimal_dimensions_for_microstrip_coupler.c:134:24:  [4] (shell) popen:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	if( (exit_code=pclose(popen(cmd,"w"))) != 0)
data/atlc-4.6.1/src/find_optimal_dimensions_for_microstrip_coupler.c:141:2:  [4] (buffer) fscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
	fscanf(fp,"%s %d %s %lf %s %lf %s %lf %s %lf %s %lf %s %lf %s %lf",null,&x,null,&Er_odd,null,&Er_even, null, &Zodd,null,&Zeven,null,&Zo, null, &Zdiff,null,&Zcomm);
data/atlc-4.6.1/src/get_file_pointer_with_right_filename.c:55:10:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
  (void) strcpy(temp,basename);
data/atlc-4.6.1/src/get_file_pointer_with_right_filename.c:56:10:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
  (void) strcat(temp,extension);
data/atlc-4.6.1/tests/benchmark.c:139:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf(str,"%s -s -S -t0 %s > /dev/null 2> /dev/null \n", argv[1], argv[2]);
data/atlc-4.6.1/tests/benchmark.c:141:10:  [4] (shell) popen:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
  pclose(popen(str, "w"));
data/atlc-4.6.1/tests/benchmark.c:149:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf(str,"%s -s -S %s > /dev/null\n", argv[1], argv[2]);
data/atlc-4.6.1/tests/benchmark.c:151:10:  [4] (shell) popen:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
  pclose(popen(str, "w"));
data/atlc-4.6.1/tests/try_portable.c:98:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(data->sysname,operating_system.sysname);
data/atlc-4.6.1/tests/try_portable.c:107:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(data->nodename,operating_system.nodename);
data/atlc-4.6.1/tests/try_portable.c:116:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(data->release,operating_system.release);
data/atlc-4.6.1/tests/try_portable.c:125:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(data->version,operating_system.version);
data/atlc-4.6.1/tests/try_portable.c:133:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(data->machine,operating_system.machine);
data/atlc-4.6.1/tests/try_solaris.c:100:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(data->cpu_type,infop.pi_processor_type);
data/atlc-4.6.1/tests/try_solaris.c:101:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(data->fpu_type,infop.pi_fputypes);
data/atlc-4.6.1/tests/try_unicos.c:69:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(data->hw_platform,mftype[sysconf(_SC_CRAY_MFTYPE)] );
data/atlc-4.6.1/docs/qex-december-1996/ATLC.C:17:12:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
         W=atoi(argv[1]); /* Read shield width (in grid points) from command line.    */
data/atlc-4.6.1/docs/qex-december-1996/ATLC.C:18:12:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
         H=atoi(argv[2]); /* Read shield height (in grid points) from command line.   */
data/atlc-4.6.1/docs/qex-december-1996/ATLC.C:19:12:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
         w=atoi(argv[3]); /* Read strip width (in grid points) from command line.     */
data/atlc-4.6.1/docs/qex-december-1996/ATLC.C:20:12:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
         h=atoi(argv[4]); /* Read strip height (in grid points) from command line.    */
data/atlc-4.6.1/docs/qex-december-1996/ATLC.C:21:12:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
         t=atoi(argv[5]); /* Read strip thickness (in grid points) from command line. */
data/atlc-4.6.1/src/atlc.c:152:25:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      number_of_workers=atol(my_optarg);
data/atlc-4.6.1/src/atlc.c:235:26:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      if( (image_data_fp=fopen(inputfile_name, "rb")) == NULL)
data/atlc-4.6.1/src/bmp.h:27:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char   zzMagic[2];	/* 00 "BM" */
data/atlc-4.6.1/src/byteswap.c:40:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	unsigned char b[8],c[8];
data/atlc-4.6.1/src/byteswap.c:41:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	(void) memcpy(b,a,8); 
data/atlc-4.6.1/src/byteswap.c:50:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	(void) memcpy(a,c,8);
data/atlc-4.6.1/src/create_bmp_for_circ_in_circ.c:84:16:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      bmp_size=atol(my_optarg); 
data/atlc-4.6.1/src/create_bmp_for_circ_in_circ.c:106:26:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      if( (image_data_fp=fopen(filename,"wb")) == NULL)
data/atlc-4.6.1/src/create_bmp_for_circ_in_rect.c:73:16:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      bmp_size=atol(my_optarg); 
data/atlc-4.6.1/src/create_bmp_for_circ_in_rect.c:89:25:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      if((image_data_fp=fopen(argv[my_optind+6],"wb"))==NULL)
data/atlc-4.6.1/src/create_bmp_for_microstrip_coupler.c:58:20:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      pcb.bmp_size=atol(my_optarg); 
data/atlc-4.6.1/src/create_bmp_for_microstrip_coupler.c:92:21:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      image_data_fp=fopen(argv[my_optind+7],"wb");
data/atlc-4.6.1/src/create_bmp_for_rect_cen_in_rect.c:68:16:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      bmp_size=atol(my_optarg); 
data/atlc-4.6.1/src/create_bmp_for_rect_cen_in_rect.c:83:25:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      if((image_data_fp=fopen(argv[my_optind+5],"wb"))==NULL)
data/atlc-4.6.1/src/create_bmp_for_rect_cen_in_rect_coupler.c:41:16:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      bmp_size=atol(my_optarg); 
data/atlc-4.6.1/src/create_bmp_for_rect_cen_in_rect_coupler.c:57:25:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      if((image_data_fp=fopen(argv[my_optind+5],"wb"))==NULL)
data/atlc-4.6.1/src/create_bmp_for_rect_in_circ.c:62:16:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      bmp_size=atol(my_optarg); 
data/atlc-4.6.1/src/create_bmp_for_rect_in_circ.c:67:25:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      if((image_data_fp=fopen(my_optarg,"wb"))==NULL)
data/atlc-4.6.1/src/create_bmp_for_rect_in_rect.c:71:16:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      bmp_size=atol(my_optarg); 
data/atlc-4.6.1/src/create_bmp_for_rect_in_rect.c:91:25:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      if((image_data_fp=fopen(argv[my_optind+10],"wb"))==NULL)
data/atlc-4.6.1/src/create_bmp_for_stripline_coupler.c:66:16:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      bmp_size=atol(my_optarg); 
data/atlc-4.6.1/src/create_bmp_for_stripline_coupler.c:93:22:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if( (image_data_fp=fopen(argv[my_optind+4],"wb")) ==NULL)
data/atlc-4.6.1/src/create_bmp_for_symmetrical_stripline.c:81:5:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
  W=atoi(argv[my_optind]);
data/atlc-4.6.1/src/create_bmp_for_symmetrical_stripline.c:82:5:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
  H=atoi(argv[my_optind+1])+2*BORDER;
data/atlc-4.6.1/src/create_bmp_for_symmetrical_stripline.c:89:5:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
  w=atoi(argv[my_optind+2]);
data/atlc-4.6.1/src/create_bmp_for_symmetrical_stripline.c:103:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if((fp=fopen(argv[my_optind+3],"wb")) == NULL)
data/atlc-4.6.1/src/definitions.h:266:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char   zzMagic[2];	/* 00 "BM" */
data/atlc-4.6.1/src/find_optimal_dimensions_for_microstrip_coupler.c:113:10:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  (void) strcpy(temporary_bmp_file,"1.bmp");
data/atlc-4.6.1/src/find_optimal_dimensions_for_microstrip_coupler.c:114:10:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  (void) strcpy(temporary_txt_file,"1.txt");
data/atlc-4.6.1/src/find_optimal_dimensions_for_microstrip_coupler.c:139:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	if ((fp=fopen(temporary_txt_file,"r")) ==NULL)
data/atlc-4.6.1/src/find_optimal_dimensions_for_microstrip_coupler.c:153:17:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	  if ((fp_best=fopen(outfile_name,"a")) == NULL)
data/atlc-4.6.1/src/get_file_pointer_with_right_filename.c:57:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if((fp=fopen(temp,"w+b"))==NULL)
data/atlc-4.6.1/src/get_options.c:74:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char errbuf[2];
data/atlc-4.6.1/src/read_bitmap_file_headers.c:71:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      fp=fopen(filename,"rb");
data/atlc-4.6.1/src/readbin.c:60:8:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    fp=fopen(argv[my_optind],"rb");
data/atlc-4.6.1/tests/MPI_16a_PI.c:52:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char processor_name[MPI_MAX_PROCESSOR_NAME];
data/atlc-4.6.1/tests/benchmark.c:67:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  strcpy((char *) data.eff,"unknown");
data/atlc-4.6.1/tests/benchmark.c:69:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  strcpy((char *) data.eff,"N/A");
data/atlc-4.6.1/tests/benchmark.c:72:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  strcpy((char *) data.mhz,"unknown");
data/atlc-4.6.1/tests/benchmark.c:73:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  strcpy((char *) data.cpu_type,"unknown");
data/atlc-4.6.1/tests/benchmark.c:74:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  strcpy((char *) data.fpu_type,"unknown");
data/atlc-4.6.1/tests/benchmark.c:75:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  strcpy((char *) data.max_cpus,"unknown");
data/atlc-4.6.1/tests/benchmark.c:76:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  strcpy((char *) data.cpus,"unknown");
data/atlc-4.6.1/tests/benchmark.c:77:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  strcpy((char *) data.sysname,"unknown");
data/atlc-4.6.1/tests/benchmark.c:78:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  strcpy((char *) data.nodename,"unknown");
data/atlc-4.6.1/tests/benchmark.c:79:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  strcpy((char *) data.release,"unknown");
data/atlc-4.6.1/tests/benchmark.c:80:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  strcpy((char *) data.version,"unknown");
data/atlc-4.6.1/tests/benchmark.c:81:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  strcpy((char *) data.machine,"unknown");
data/atlc-4.6.1/tests/benchmark.c:82:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  strcpy((char *) data.hw_provider,"unknown");
data/atlc-4.6.1/tests/benchmark.c:83:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  strcpy((char *) data.hw_platform,"unknown");
data/atlc-4.6.1/tests/benchmark.c:84:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  strcpy((char *) data.speedup,"N/A    ");
data/atlc-4.6.1/tests/benchmark.c:85:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  strcpy((char *) data.t2,"N/A    ");
data/atlc-4.6.1/tests/benchmark.c:86:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  strcpy((char *) data.L1data,"unknown");
data/atlc-4.6.1/tests/benchmark.c:87:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  strcpy((char *) data.L1instruction,"unknown");
data/atlc-4.6.1/tests/benchmark.c:88:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  strcpy((char *) data.L2,"unknown");
data/atlc-4.6.1/tests/benchmark.c:125:11:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if ((fp=fopen(argv[1],"rb")) == NULL)
data/atlc-4.6.1/tests/benchmark.c:130:11:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if ((fp=fopen(argv[2],"rb")) == NULL)
data/atlc-4.6.1/tests/benchmark.c:143:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf(data.t1,"%d",(int) (finished1-start1));
data/atlc-4.6.1/tests/benchmark.c:153:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf(data.t2,"%d",(int) (finished2-start2));
data/atlc-4.6.1/tests/benchmark.c:154:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf(data.speedup,"%.3f\n",atof(data.t1)/atof(data.t2)); /* other N/A */
data/atlc-4.6.1/tests/benchmark.c:162:6:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
  if(atoi(data.cpus) != 0)
data/atlc-4.6.1/tests/benchmark.c:163:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(data.eff,"%.3f",atof(data.speedup)/atoi(data.cpus)); /* otherwise unknown */
data/atlc-4.6.1/tests/benchmark.c:163:48:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    sprintf(data.eff,"%.3f",atof(data.speedup)/atoi(data.cpus)); /* otherwise unknown */
data/atlc-4.6.1/tests/defs.h:43:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char mhz[MAX_SIZE];                  /* Speed in MHz. Note its a string */
data/atlc-4.6.1/tests/defs.h:44:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char cpus[MAX_SIZE];                 /* Number of CPUs running          */
data/atlc-4.6.1/tests/defs.h:45:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char max_cpus[MAX_SIZE];             /* Maximum number of CPUs support by system */
data/atlc-4.6.1/tests/defs.h:46:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char sysname[MAX_SIZE];              /* System name - got by uname */
data/atlc-4.6.1/tests/defs.h:47:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char nodename[MAX_SIZE];             /* nodename - got via uname            */
data/atlc-4.6.1/tests/defs.h:48:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char release[MAX_SIZE];              /* Got via uname, but often wrong      */
data/atlc-4.6.1/tests/defs.h:49:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char version[MAX_SIZE];              /* Version of the OS. Sometimes wrong. */
data/atlc-4.6.1/tests/defs.h:50:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char machine[MAX_SIZE];              /* Machine name                        */
data/atlc-4.6.1/tests/defs.h:51:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char cpu_type[MAX_SIZE*3];           /* The CPU type                        */
data/atlc-4.6.1/tests/defs.h:52:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char fpu_type[MAX_SIZE*3];           /* The FPU type                        */
data/atlc-4.6.1/tests/defs.h:53:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char memory[MAX_SIZE];               /* The memory in Mb                    */ 
data/atlc-4.6.1/tests/defs.h:54:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char hw_provider[MAX_SIZE];          /* The hardware provider - Sun, IBM etc */
data/atlc-4.6.1/tests/defs.h:55:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char hw_platform[MAX_SIZE];          /* The hardware platform - eg sun4u    */
data/atlc-4.6.1/tests/defs.h:56:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char t1[MAX_SIZE];                   /* Time in s to run benchmark single threaded */
data/atlc-4.6.1/tests/defs.h:57:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char t2[MAX_SIZE];                   /* Time in s to run benchmark multi threaded */
data/atlc-4.6.1/tests/defs.h:58:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char speedup[MAX_SIZE];              /* t1/t2 */
data/atlc-4.6.1/tests/defs.h:59:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char eff[MAX_SIZE];                  /* The efficiency - t1/(t2*cpus)     */
data/atlc-4.6.1/tests/defs.h:60:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char L1data[MAX_SIZE];               /* Size of level 1 data cache in kb  */
data/atlc-4.6.1/tests/defs.h:61:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char L1instruction[MAX_SIZE];        /* Size of level 1 instuction cache in kb */
data/atlc-4.6.1/tests/defs.h:62:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char L2[MAX_SIZE];                   /* Size of L2 cache                  */ 
data/atlc-4.6.1/tests/sysdata.c:59:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  strcpy((char *) data.mhz,"unknown");
data/atlc-4.6.1/tests/sysdata.c:60:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  strcpy((char *) data.cpu_type,"unknown");
data/atlc-4.6.1/tests/sysdata.c:61:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  strcpy((char *) data.fpu_type,"unknown");
data/atlc-4.6.1/tests/sysdata.c:62:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  strcpy((char *) data.max_cpus,"unknown");
data/atlc-4.6.1/tests/sysdata.c:63:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  strcpy((char *) data.cpus,"unknown");
data/atlc-4.6.1/tests/sysdata.c:64:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  strcpy((char *) data.memory,"unknown");
data/atlc-4.6.1/tests/sysdata.c:65:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  strcpy((char *) data.sysname,"unknown");
data/atlc-4.6.1/tests/sysdata.c:66:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  strcpy((char *) data.nodename,"unknown");
data/atlc-4.6.1/tests/sysdata.c:67:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  strcpy((char *) data.release,"unknown");
data/atlc-4.6.1/tests/sysdata.c:68:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  strcpy((char *) data.version,"unknown");
data/atlc-4.6.1/tests/sysdata.c:69:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  strcpy((char *) data.machine,"unknown");
data/atlc-4.6.1/tests/sysdata.c:70:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  strcpy((char *) data.hw_provider,"unknown");
data/atlc-4.6.1/tests/sysdata.c:71:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  strcpy((char *) data.hw_platform,"unknown");
data/atlc-4.6.1/tests/sysdata.c:72:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  strcpy((char *) data.L1data,"unknown");
data/atlc-4.6.1/tests/sysdata.c:73:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  strcpy((char *) data.L1instruction,"unknown");
data/atlc-4.6.1/tests/sysdata.c:74:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  strcpy((char *) data.L2,"unknown");
data/atlc-4.6.1/tests/try_aix.c:57:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  strcpy(data->hw_provider,"IBM");
data/atlc-4.6.1/tests/try_aix.c:62:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->hw_platform,"7015-930");
data/atlc-4.6.1/tests/try_aix.c:63:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->mhz,"25");
data/atlc-4.6.1/tests/try_aix.c:64:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->cpu_type,"Power");
data/atlc-4.6.1/tests/try_aix.c:69:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->hw_platform,"7015-930_or_7016-730");
data/atlc-4.6.1/tests/try_aix.c:70:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->mhz,"25");
data/atlc-4.6.1/tests/try_aix.c:71:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->cpu_type,"Power");
data/atlc-4.6.1/tests/try_aix.c:75:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->hw_platform,"7013-540");
data/atlc-4.6.1/tests/try_aix.c:76:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->mhz,"30");
data/atlc-4.6.1/tests/try_aix.c:77:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->cpu_type,"Power");
data/atlc-4.6.1/tests/try_aix.c:81:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->hw_platform,"7013-540");
data/atlc-4.6.1/tests/try_aix.c:82:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->mhz,"30");
data/atlc-4.6.1/tests/try_aix.c:83:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->cpu_type,"Power");
data/atlc-4.6.1/tests/try_aix.c:87:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->hw_platform,"7013-53H");
data/atlc-4.6.1/tests/try_aix.c:88:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->mhz,"33");
data/atlc-4.6.1/tests/try_aix.c:89:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->cpu_type,"Power");
data/atlc-4.6.1/tests/try_aix.c:93:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->hw_platform,"7013-550");
data/atlc-4.6.1/tests/try_aix.c:94:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->mhz,"41.6");
data/atlc-4.6.1/tests/try_aix.c:95:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->cpu_type,"Power");
data/atlc-4.6.1/tests/try_aix.c:99:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->hw_platform,"7015-930");
data/atlc-4.6.1/tests/try_aix.c:100:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->mhz,"25");
data/atlc-4.6.1/tests/try_aix.c:101:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->cpu_type,"Power");
data/atlc-4.6.1/tests/try_aix.c:105:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->hw_platform,"7015-950");
data/atlc-4.6.1/tests/try_aix.c:106:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->mhz,"41");
data/atlc-4.6.1/tests/try_aix.c:107:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->cpu_type,"Power");
data/atlc-4.6.1/tests/try_aix.c:111:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->hw_platform,"7013-520");
data/atlc-4.6.1/tests/try_aix.c:112:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->mhz,"20");
data/atlc-4.6.1/tests/try_aix.c:113:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->cpu_type,"Power");
data/atlc-4.6.1/tests/try_aix.c:117:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->hw_platform,"7012-320");
data/atlc-4.6.1/tests/try_aix.c:118:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->mhz,"20");
data/atlc-4.6.1/tests/try_aix.c:119:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->cpu_type,"Power");
data/atlc-4.6.1/tests/try_aix.c:123:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->hw_platform,"7013-52H");
data/atlc-4.6.1/tests/try_aix.c:124:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->mhz,"25");
data/atlc-4.6.1/tests/try_aix.c:125:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->cpu_type,"Power");
data/atlc-4.6.1/tests/try_aix.c:129:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->hw_platform,"7012-32H");
data/atlc-4.6.1/tests/try_aix.c:130:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->mhz,"25");
data/atlc-4.6.1/tests/try_aix.c:131:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->cpu_type,"Power");
data/atlc-4.6.1/tests/try_aix.c:135:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->hw_platform,"7012-340");
data/atlc-4.6.1/tests/try_aix.c:136:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->mhz,"33");
data/atlc-4.6.1/tests/try_aix.c:137:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->cpu_type,"Power");
data/atlc-4.6.1/tests/try_aix.c:141:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->hw_platform,"7012-350");
data/atlc-4.6.1/tests/try_aix.c:142:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->mhz,"41");
data/atlc-4.6.1/tests/try_aix.c:143:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->cpu_type,"Power");
data/atlc-4.6.1/tests/try_aix.c:147:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->hw_platform,"7011-220");
data/atlc-4.6.1/tests/try_aix.c:148:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->mhz,"33");
data/atlc-4.6.1/tests/try_aix.c:149:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->cpu_type,"RSC");
data/atlc-4.6.1/tests/try_aix.c:153:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->hw_platform,"7008-M20_or_7008-M2A");
data/atlc-4.6.1/tests/try_aix.c:154:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->mhz,"33");
data/atlc-4.6.1/tests/try_aix.c:155:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->cpu_type,"Power");
data/atlc-4.6.1/tests/try_aix.c:159:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->hw_platform,"7011-250");
data/atlc-4.6.1/tests/try_aix.c:160:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->mhz,"66");
data/atlc-4.6.1/tests/try_aix.c:161:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->cpu_type,"PowerPC");
data/atlc-4.6.1/tests/try_aix.c:165:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->hw_platform,"7011-230");
data/atlc-4.6.1/tests/try_aix.c:166:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->mhz,"45");
data/atlc-4.6.1/tests/try_aix.c:167:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->cpu_type,"RSC");
data/atlc-4.6.1/tests/try_aix.c:171:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->hw_platform,"7009-C10");
data/atlc-4.6.1/tests/try_aix.c:172:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->mhz,"80");
data/atlc-4.6.1/tests/try_aix.c:173:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->cpu_type,"PowerPC");
data/atlc-4.6.1/tests/try_aix.c:177:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->hw_platform,"9076-SP2_Thin_or_9076-SP2_Thin");
data/atlc-4.6.1/tests/try_aix.c:178:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->mhz,"67");
data/atlc-4.6.1/tests/try_aix.c:179:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->cpu_type,"Power2");
data/atlc-4.6.1/tests/try_aix.c:183:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->hw_platform,"7012-380_or_7030-3AT");
data/atlc-4.6.1/tests/try_aix.c:184:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->mhz,"59");
data/atlc-4.6.1/tests/try_aix.c:185:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->cpu_type,"Power2");
data/atlc-4.6.1/tests/try_aix.c:189:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->hw_platform,"9076-SP2_Thin_w-L2");
data/atlc-4.6.1/tests/try_aix.c:190:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->mhz,"67");
data/atlc-4.6.1/tests/try_aix.c:191:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(data->cpu_type,"Power2");
data/atlc-4.6.1/tests/try_aix.c:195:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf(data->memory,"%ld",sysconf(_SC_AIX_REALMEM)/1024);
data/atlc-4.6.1/tests/try_bsd.c:87:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(data->cpus,"%d ",  cpus);
data/atlc-4.6.1/tests/try_bsd.c:101:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(data->memory,"%d", ram/(1024*1024));
data/atlc-4.6.1/tests/try_hpux.c:93:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(data->max_cpus,"%ld",max_CPUs);
data/atlc-4.6.1/tests/try_hpux.c:98:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(data->cpus,"%ld",CPUs_online);
data/atlc-4.6.1/tests/try_hpux.c:102:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf(data->cpu_type,"%ld",_CPU_REVISION);
data/atlc-4.6.1/tests/try_hpux.c:103:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf(data->fpu_type,"%ld",_FPU_MODEL);
data/atlc-4.6.1/tests/try_hpux.c:111:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf(data->memory,"%ld",(long) (0.5+ram));
data/atlc-4.6.1/tests/try_hpux.c:119:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(data->mhz,"%.1f",clock_speed_in_Hz/1000000);
data/atlc-4.6.1/tests/try_irix.c:67:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(data->cpus,"%ld ",CPUs_online);
data/atlc-4.6.1/tests/try_irix.c:77:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(data->mhz,"%d",(int) invp->inv_controller);
data/atlc-4.6.1/tests/try_irix.c:79:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(data->cpu_type,"%d",invp->inv_state);
data/atlc-4.6.1/tests/try_irix.c:81:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(data->fpu_type,"%d",invp->inv_state);
data/atlc-4.6.1/tests/try_irix.c:89:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(data->memory,"%d", invp->inv_state);
data/atlc-4.6.1/tests/try_irix.c:91:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(data->L1data,"%d", invp->inv_state/1024);
data/atlc-4.6.1/tests/try_irix.c:93:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(data->L1instruction,"%d", invp->inv_state/1024);
data/atlc-4.6.1/tests/try_irix.c:95:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(data->L2,"%d", invp->inv_state/1024);
data/atlc-4.6.1/tests/try_irix.c:97:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(data->L2,"%d", invp->inv_state/1024);
data/atlc-4.6.1/tests/try_irix.c:102:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf(data->hw_provider,"SGI");
data/atlc-4.6.1/tests/try_linux.c:82:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(data->cpus,"%d", sysconf( _SC_NPROCESSORS_CONF));
data/atlc-4.6.1/tests/try_portable.c:153:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(data->cpus,"%ld",sysconf(_SC_NPROCESSORS_ONLN));
data/atlc-4.6.1/tests/try_solaris.c:93:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(data->max_cpus,"%ld",max_CPUs);
data/atlc-4.6.1/tests/try_solaris.c:104:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(data->mhz,"%d",clock_speed_in_MHz);
data/atlc-4.6.1/tests/try_tru64.c:67:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char hw[100];
data/atlc-4.6.1/tests/try_tru64.c:84:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(data->max_cpus,"%d",cpu_state_buffer.cs_cpu_slots);
data/atlc-4.6.1/tests/try_tru64.c:85:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(data->cpus,"%d",cpucountset(cpu_state_buffer.cs_running));
data/atlc-4.6.1/tests/try_tru64.c:93:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(data->mhz,"%d",cpu_info_buffer.mhz);
data/atlc-4.6.1/tests/try_tru64.c:118:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(data->memory,"%d\n", int_buff/1024);
data/atlc-4.6.1/tests/try_unicos.c:49:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(data->cpus,"%ld",CPUs_online);
data/atlc-4.6.1/tests/try_unicos.c:56:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(data->mhz,"%.1f",1e6/cpu_cycle_time_in_ps);
data/atlc-4.6.1/tests/try_unicos.c:64:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  strcpy(data->hw_provider,"Cray");
data/atlc-4.6.1/tools/src/get_options.c:76:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char errbuf[2];
data/atlc-4.6.1/tools/src/locatediff.c:46:12:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if( (fp1=fopen(argv[1],"rb")) == NULL)
data/atlc-4.6.1/tools/src/locatediff.c:51:12:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if( (fp2=fopen(argv[2],"rb")) == NULL)
data/atlc-4.6.1/tools/src/myfilelength.c:49:12:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if ( (fp=fopen(argv[1],"rb")) == NULL)
data/atlc-4.6.1/tools/src/mymd5sum.c:203:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy( (void *) (ctx->buffer + left), (void *) input, fill );
data/atlc-4.6.1/tools/src/mymd5sum.c:219:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy( (void *) (ctx->buffer + left), (void *) input, length );
data/atlc-4.6.1/tools/src/mymd5sum.c:286:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char output[33];
data/atlc-4.6.1/tools/src/mymd5sum.c:288:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char md5sum[16], buffer[1000];
data/atlc-4.6.1/tools/src/mymd5sum.c:300:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf( output + j * 2, "%02x", md5sum[j] );
data/atlc-4.6.1/tools/src/mymd5sum.c:318:21:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if( ! ( f = fopen( argv[1], "rb" ) ) )
data/atlc-4.6.1/src/atlc.c:102:10:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
  (void) strcpy(output_prefix,"");
data/atlc-4.6.1/src/atlc.c:257:36:  [1] (buffer) fgetc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      image_data[i]=(unsigned char)fgetc(image_data_fp);
data/atlc-4.6.1/src/create_bmp_for_circ_in_circ.c:105:16:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      filename=strncpy(filename, argv[my_optind+4],1000);
data/atlc-4.6.1/src/get_file_pointer_with_right_filename.c:54:12:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
  basename=strncpy(basename,filename,strlen(filename)-4);
data/atlc-4.6.1/src/get_file_pointer_with_right_filename.c:54:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  basename=strncpy(basename,filename,strlen(filename)-4);
data/atlc-4.6.1/src/get_options.c:80:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		(void) fwrite(argv[0], (unsigned)strlen(argv[0]),1,stderr);
data/atlc-4.6.1/src/get_options.c:81:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		(void) fwrite(s, (unsigned)strlen(s),1,stderr);
data/atlc-4.6.1/tests/try_aix.c:58:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
  strncpy(model,data->machine,10);
data/atlc-4.6.1/tests/try_aix.c:65:5:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
    strcpy(data->max_cpus,"1");
data/atlc-4.6.1/tests/try_portable.c:99:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    string_length=strlen(data->sysname);
data/atlc-4.6.1/tests/try_portable.c:108:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    string_length=strlen(data->nodename);
data/atlc-4.6.1/tests/try_portable.c:117:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    string_length=strlen(data->release);
data/atlc-4.6.1/tests/try_portable.c:126:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    string_length=strlen(data->version);
data/atlc-4.6.1/tests/try_portable.c:134:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    string_length=strlen(data->machine);
data/atlc-4.6.1/tests/try_tru64.c:104:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    string_length=strlen(procid);
data/atlc-4.6.1/tests/try_tru64.c:124:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    string_length=strlen(hw);
data/atlc-4.6.1/tools/src/get_options.c:82:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		(void) fwrite(argv[0], (unsigned)strlen(argv[0]),1,stderr);
data/atlc-4.6.1/tools/src/get_options.c:83:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		(void) fwrite(s, (unsigned)strlen(s),1,stderr);
data/atlc-4.6.1/tools/src/mymd5sum.c:295:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  md5_update( &ctx, (uint8 *) msg[i], strlen( msg[i] ) );

ANALYSIS SUMMARY:

Hits = 258
Lines analyzed = 13621 in approximately 0.63 seconds (21694 lines/second)
Physical Source Lines of Code (SLOC) = 8519
Hits@level = [0] 1071 [1]  19 [2] 212 [3]   0 [4]  27 [5]   0
Hits@level+ = [0+] 1329 [1+] 258 [2+] 239 [3+]  27 [4+]  27 [5+]   0
Hits/KSLOC@level+ = [0+] 156.004 [1+] 30.2852 [2+] 28.0549 [3+] 3.16939 [4+] 3.16939 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.