Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/CAligner/CAligner.h
Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/CBaitRecord.h
Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/CBlastParser.h
Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/CDistance_matrix.h
Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/CDnaString2.h
Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/CFile/CFile2_1.h
Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/CHistogram.h
Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/CRequiredTaxon.h
Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSeqNameList.h
Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h
Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequences2.h
Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSplit2.h
Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/CTaxonNamesDictionary.h
Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/Csequence_cluster_and_center_sequence.cpp
Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/Csequence_cluster_and_center_sequence.h
Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/Ctriple.h
Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/DEBUG_STUFF.h
Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/GFF-class.h
Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/GFF-collection.h
Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/bait-filter.cpp
Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/bait-fisher-helper.cpp
Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/bait-fisher-helper.h
Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/bait-fisher.cpp
Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/basic-DNA-RNA-AA-routines.h
Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/easystring.h
Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/fast-dynamic-bitset/fast-dynamic-bitset.h
Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/fast-realloc-vector.h
Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h
Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/global-types-and-parameters.cpp
Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/global-types-and-parameters.h
Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/mydir-unix.cpp
Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/mydir-unix.h
Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/primefactors.h
Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/print_container.h
Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/range_functions.h
Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/scoring-matrices/CScoreMatrix.h
Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/statistic_functions.h
Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/typedefs.h
FINAL RESULTS:
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CDnaString2.h:261:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmp, orig);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CDnaString2.h:262:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmp+len, orig);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CDnaString2.h:297:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmp, orig);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CDnaString2.h:298:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmp+len, orig);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/bait-filter.cpp:205:15: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
int err = system(cmd.c_str());
data/baitfisher-1.2.7+git20190123.241d060+dfsg/bait-filter.cpp:617:29: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
blast_command_error = system(blastcommand.c_str());
data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:1815:14: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int N = vsnprintf(tmp, 5000, format, argList);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/global-types-and-parameters.cpp:76:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
int err = system(cmd.c_str());
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CBlastParser.h:1051:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
accepted_hits_log = fopen(accepted_hits_Log_file_name, "w");
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CFile/CFile2_1.h:59:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFFERSIZE];
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CFile/CFile2_1.h:125:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open(const char *name)
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CFile/CFile2_1.h:130:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open(std::string name)
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CFile/CFile2_1.h:139:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
std::ifstream::open(name);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSeqNameList.h:472:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
os_in_list = fopen(out_in_list, "w");
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSeqNameList.h:473:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
os_not_in_list = fopen(out_not_in_list, "w");
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSeqNameList.h:533:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
os_in_list = fopen(out_in_list, write_mode);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequences2.h:212:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char all_symbols_lookup[256];
data/baitfisher-1.2.7+git20190123.241d060+dfsg/Csequence_cluster_and_center_sequence.cpp:448:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp_dist, distances, sizeof(int)*num_taxa);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/Csequence_cluster_and_center_sequence.cpp:465:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp_dist, distances, sizeof(int)*num_taxa);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/Csequence_cluster_and_center_sequence.cpp:482:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp_dist, distances, sizeof(int)*num_taxa);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/Csequence_cluster_and_center_sequence.cpp:499:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp_dist, distances, sizeof(int)*num_taxa);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/Csequence_cluster_and_center_sequence.cpp:661:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dist_A, distances, sizeof(unsigned)*num_taxa);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/Csequence_cluster_and_center_sequence.cpp:677:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dist_C, distances, sizeof(unsigned)*num_taxa);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/Csequence_cluster_and_center_sequence.cpp:693:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dist_G, distances, sizeof(unsigned)*num_taxa);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/Csequence_cluster_and_center_sequence.cpp:709:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dist_T, distances, sizeof(unsigned)*num_taxa);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/Csequence_cluster_and_center_sequence.cpp:734:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(distances, dist_A, sizeof(unsigned)*num_taxa);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/Csequence_cluster_and_center_sequence.cpp:740:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(distances, dist_G, sizeof(unsigned)*num_taxa);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/Csequence_cluster_and_center_sequence.cpp:749:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(distances, dist_A, sizeof(unsigned)*num_taxa);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/Csequence_cluster_and_center_sequence.cpp:755:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(distances, dist_T, sizeof(unsigned)*num_taxa);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/Csequence_cluster_and_center_sequence.cpp:767:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(distances, dist_C, sizeof(unsigned)*num_taxa);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/Csequence_cluster_and_center_sequence.cpp:773:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(distances, dist_G, sizeof(unsigned)*num_taxa);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/Csequence_cluster_and_center_sequence.cpp:782:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(distances, dist_C, sizeof(unsigned)*num_taxa);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/Csequence_cluster_and_center_sequence.cpp:788:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(distances, dist_T, sizeof(unsigned)*num_taxa);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/Csequence_cluster_and_center_sequence.h:149:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
msa = new char * [taxon_set.size()];
data/baitfisher-1.2.7+git20190123.241d060+dfsg/bait-filter.cpp:216:6: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
is.open(global_bait_filename.c_str());
data/baitfisher-1.2.7+git20190123.241d060+dfsg/bait-filter.cpp:226:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
os.open(global_output_filename.c_str());
data/baitfisher-1.2.7+git20190123.241d060+dfsg/bait-fisher-helper.cpp:42:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
list<faststring> container; char delim_cstring[2];
data/baitfisher-1.2.7+git20190123.241d060+dfsg/bait-fisher-helper.cpp:72:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char delim_cstring[2];
data/baitfisher-1.2.7+git20190123.241d060+dfsg/bait-fisher.cpp:109:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[80];
data/baitfisher-1.2.7+git20190123.241d060+dfsg/bait-fisher.cpp:185:6: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
is.open(fname_parameter_file.c_str());
data/baitfisher-1.2.7+git20190123.241d060+dfsg/bait-fisher.cpp:569:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
log.open("CAligner.log");
data/baitfisher-1.2.7+git20190123.241d060+dfsg/basic-DNA-RNA-AA-routines.h:116:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char is_DNA_lookup[128] = {
data/baitfisher-1.2.7+git20190123.241d060+dfsg/basic-DNA-RNA-AA-routines.h:133:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char is_DNA_or_GAP_lookup[128] = {
data/baitfisher-1.2.7+git20190123.241d060+dfsg/basic-DNA-RNA-AA-routines.h:150:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char is_DNA_or_AMBIG_lookup[128] = {
data/baitfisher-1.2.7+git20190123.241d060+dfsg/basic-DNA-RNA-AA-routines.h:167:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char is_DNA_or_AMBIG_or_GAP_lookup[128] = {
data/baitfisher-1.2.7+git20190123.241d060+dfsg/basic-DNA-RNA-AA-routines.h:537:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char ascii2recode_DNA[128] = {
data/baitfisher-1.2.7+git20190123.241d060+dfsg/basic-DNA-RNA-AA-routines.h:553:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char recode2ascii_DNA[128] = {
data/baitfisher-1.2.7+git20190123.241d060+dfsg/basic-DNA-RNA-AA-routines.h:569:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char recodeISDNAamig[128] = {
data/baitfisher-1.2.7+git20190123.241d060+dfsg/easystring.h:205:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[21]; // Sufficient for 64 bit numbers + sign
data/baitfisher-1.2.7+git20190123.241d060+dfsg/easystring.h:206:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp, "%d", i);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/easystring.h:212:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[21]; // Sufficient for 64 bit numbers + sign
data/baitfisher-1.2.7+git20190123.241d060+dfsg/easystring.h:213:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp, "%ld", i);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/easystring.h:219:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[21]; // Sufficient for 64 bit numbers
data/baitfisher-1.2.7+git20190123.241d060+dfsg/easystring.h:220:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp, "%u", i);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/easystring.h:226:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[21]; // Sufficient for 64 bit numbers
data/baitfisher-1.2.7+git20190123.241d060+dfsg/easystring.h:227:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp, "%lu", i);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/easystring.h:233:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[25]; // Sufficient for 64 bit numbers
data/baitfisher-1.2.7+git20190123.241d060+dfsg/easystring.h:234:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp, "%.*f", pres, x);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/fast-dynamic-bitset/fast-dynamic-bitset.h:54:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char __num_bits_table[256] =
data/baitfisher-1.2.7+git20190123.241d060+dfsg/fast-dynamic-bitset/fast-dynamic-bitset.h:122:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)this, (void*) &a, sizeof(fast_dynamic_bitset) );
data/baitfisher-1.2.7+git20190123.241d060+dfsg/fast-dynamic-bitset/fast-dynamic-bitset.h:124:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)__data,(void*)a.__data, __get_num_byte(__numWords) );
data/baitfisher-1.2.7+git20190123.241d060+dfsg/fast-dynamic-bitset/fast-dynamic-bitset.h:142:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)this, (void*) &a, sizeof(fast_dynamic_bitset) );
data/baitfisher-1.2.7+git20190123.241d060+dfsg/fast-dynamic-bitset/fast-dynamic-bitset.h:144:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)__data,(void*)a.__data, __get_num_byte(__numWords) );
data/baitfisher-1.2.7+git20190123.241d060+dfsg/fast-dynamic-bitset/fast-dynamic-bitset.h:148:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)__data,(void*)a.__data, __get_num_byte(__numWords) );
data/baitfisher-1.2.7+git20190123.241d060+dfsg/fast-realloc-vector.h:101:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_buf, v, len*sizeof(T));
data/baitfisher-1.2.7+git20190123.241d060+dfsg/fast-realloc-vector.h:119:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_buf, v_begin, _len*sizeof(T));
data/baitfisher-1.2.7+git20190123.241d060+dfsg/fast-realloc-vector.h:132:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_buf, a._buf, _len*sizeof(T));
data/baitfisher-1.2.7+git20190123.241d060+dfsg/fast-realloc-vector.h:198:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_buf, v, len*sizeof(T));
data/baitfisher-1.2.7+git20190123.241d060+dfsg/fast-realloc-vector.h:206:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_buf, v_begin, _len*sizeof(T));
data/baitfisher-1.2.7+git20190123.241d060+dfsg/fast-realloc-vector.h:213:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_buf, a._buf, _len*sizeof(T));
data/baitfisher-1.2.7+git20190123.241d060+dfsg/fast-realloc-vector.h:340:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_buf, a._buf, _len*sizeof(T));
data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:239:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_buf, str, _len);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:255:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_buf, str_begin, _len);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:280:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_buf, a._buf, _len);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:631:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_buf, str, _len);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:643:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_buf, str, _len);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:653:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_buf, str_begin, _len);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:666:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_buf, str._buf, _len);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:676:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_buf, str._buf+pos, n);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:719:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_buf+old_len, s, s_len);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:733:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_buf+old_len, s._buf, s_len);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:749:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_buf+old_len, s._buf+pos, n);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:762:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_buf+old_len, s, n);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:789:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_buf+old_len, first_it, n);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:1300:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_buf, a._buf, _len);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:2062:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer+1, _buf, _len);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:2607:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s, _buf+pos, l);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/global-types-and-parameters.cpp:63:6: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
is.open(fn);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/mydir-unix.cpp:44:6: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
is.open(fname);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/scoring-matrices/CScoreMatrix.h:42:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char alphabet_to_index[256];
data/baitfisher-1.2.7+git20190123.241d060+dfsg/scoring-matrices/CScoreMatrix.h:66:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ifs.open(filename);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CFile/CFile2_1.h:82:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
std::ifstream::read(buffer + overlap, BUFFERSIZE - overlap);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CFile/CFile2_1.h:239:39: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (__status == __good_flag && getchar() != delim ){}
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CFile/CFile2_1.h:244:14: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
char c = getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CFile/CFile2_1.h:254:8: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
char getchar()
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CFile/CFile2_1.h:289:14: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
char c = getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CFile/CFile2_1.h:294:11: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CFile/CFile2_1.h:302:14: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
char c = getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CFile/CFile2_1.h:307:11: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CFile/CFile2_1.h:315:18: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
char c = getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CFile/CFile2_1.h:322:11: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CFile/CFile2_1.h:335:9: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CFile/CFile2_1.h:339:11: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:285:16: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:290:13: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:294:18: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:303:16: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:308:13: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:312:18: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:323:16: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:328:13: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:332:18: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:345:16: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:414:18: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:443:16: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:560:18: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:591:16: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:675:18: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:690:16: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:754:18: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:768:16: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:817:18: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:827:16: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:888:18: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:1942:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned name_len = strlen(s_name);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2206:16: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2208:18: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2212:18: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2214:13: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2252:16: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2254:18: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2258:18: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2260:13: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2293:16: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2295:18: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2299:18: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2301:13: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2336:16: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2338:18: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2342:18: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2344:13: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2406:16: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2408:18: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2412:18: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2414:13: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2455:16: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2457:18: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2461:18: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2463:13: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2509:16: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2511:18: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2515:18: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2517:13: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2636:16: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2638:18: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2642:18: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2644:13: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = infile.getchar();
data/baitfisher-1.2.7+git20190123.241d060+dfsg/fast-dynamic-bitset/fast-dynamic-bitset.h:369:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
is.read((char*) __data,__numWords*sizeof(my_uint_32));
data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:231:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
_len = strlen(str);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:309:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
_len = strlen(_buf);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:323:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
_len = strlen(_buf);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:371:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
_len = strlen(_buf);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:384:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
_len = strlen(_buf);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:397:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
_len = strlen(_buf);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:410:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
_len = strlen(_buf);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:427:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
_len = strlen(_buf);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:629:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
_len = strlen(str);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:639:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t ll = strlen(str);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:713:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int s_len = strlen(s);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:1966:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t s_len = strlen(s);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:2007:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char *e = s + strlen(s);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:2024:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t s_len = strlen(s);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:2311:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t s_len = strlen(s);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:2321:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t s_len = strlen(s);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:2442:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t s_len = strlen(s);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:2463:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t s_len = strlen(s);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:2513:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t s_len = strlen(s);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:2534:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t s_len = strlen(s);
data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:2642:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char *p = find_fundamental(begin()+pos, end(), s, s+strlen(s) );
data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:2718:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char *p = rfind_fundamental(begin()+pos, rend(), s+strlen(s)-1, s-1 );
ANALYSIS SUMMARY:
Hits = 180
Lines analyzed = 41826 in approximately 1.15 seconds (36270 lines/second)
Physical Source Lines of Code (SLOC) = 30737
Hits@level = [0] 68 [1] 89 [2] 83 [3] 0 [4] 8 [5] 0
Hits@level+ = [0+] 248 [1+] 180 [2+] 91 [3+] 8 [4+] 8 [5+] 0
Hits/KSLOC@level+ = [0+] 8.06845 [1+] 5.85613 [2+] 2.9606 [3+] 0.260273 [4+] 0.260273 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.