Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/CAligner/CAligner.h Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/CBaitRecord.h Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/CBlastParser.h Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/CDistance_matrix.h Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/CDnaString2.h Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/CFile/CFile2_1.h Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/CHistogram.h Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/CRequiredTaxon.h Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSeqNameList.h Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequences2.h Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSplit2.h Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/CTaxonNamesDictionary.h Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/Csequence_cluster_and_center_sequence.cpp Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/Csequence_cluster_and_center_sequence.h Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/Ctriple.h Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/DEBUG_STUFF.h Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/GFF-class.h Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/GFF-collection.h Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/bait-filter.cpp Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/bait-fisher-helper.cpp Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/bait-fisher-helper.h Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/bait-fisher.cpp Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/basic-DNA-RNA-AA-routines.h Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/easystring.h Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/fast-dynamic-bitset/fast-dynamic-bitset.h Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/fast-realloc-vector.h Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/global-types-and-parameters.cpp Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/global-types-and-parameters.h Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/mydir-unix.cpp Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/mydir-unix.h Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/primefactors.h Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/print_container.h Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/range_functions.h Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/scoring-matrices/CScoreMatrix.h Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/statistic_functions.h Examining data/baitfisher-1.2.7+git20190123.241d060+dfsg/typedefs.h FINAL RESULTS: data/baitfisher-1.2.7+git20190123.241d060+dfsg/CDnaString2.h:261:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tmp, orig); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CDnaString2.h:262:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tmp+len, orig); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CDnaString2.h:297:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tmp, orig); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CDnaString2.h:298:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tmp+len, orig); data/baitfisher-1.2.7+git20190123.241d060+dfsg/bait-filter.cpp:205:15: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. int err = system(cmd.c_str()); data/baitfisher-1.2.7+git20190123.241d060+dfsg/bait-filter.cpp:617:29: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. blast_command_error = system(blastcommand.c_str()); data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:1815:14: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. int N = vsnprintf(tmp, 5000, format, argList); data/baitfisher-1.2.7+git20190123.241d060+dfsg/global-types-and-parameters.cpp:76:13: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. int err = system(cmd.c_str()); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CBlastParser.h:1051:27: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). accepted_hits_log = fopen(accepted_hits_Log_file_name, "w"); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CFile/CFile2_1.h:59:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[BUFFERSIZE]; data/baitfisher-1.2.7+git20190123.241d060+dfsg/CFile/CFile2_1.h:125:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void open(const char *name) data/baitfisher-1.2.7+git20190123.241d060+dfsg/CFile/CFile2_1.h:130:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void open(std::string name) data/baitfisher-1.2.7+git20190123.241d060+dfsg/CFile/CFile2_1.h:139:20: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). std::ifstream::open(name); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSeqNameList.h:472:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). os_in_list = fopen(out_in_list, "w"); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSeqNameList.h:473:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). os_not_in_list = fopen(out_not_in_list, "w"); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSeqNameList.h:533:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). os_in_list = fopen(out_in_list, write_mode); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequences2.h:212:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char all_symbols_lookup[256]; data/baitfisher-1.2.7+git20190123.241d060+dfsg/Csequence_cluster_and_center_sequence.cpp:448:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tmp_dist, distances, sizeof(int)*num_taxa); data/baitfisher-1.2.7+git20190123.241d060+dfsg/Csequence_cluster_and_center_sequence.cpp:465:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tmp_dist, distances, sizeof(int)*num_taxa); data/baitfisher-1.2.7+git20190123.241d060+dfsg/Csequence_cluster_and_center_sequence.cpp:482:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tmp_dist, distances, sizeof(int)*num_taxa); data/baitfisher-1.2.7+git20190123.241d060+dfsg/Csequence_cluster_and_center_sequence.cpp:499:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tmp_dist, distances, sizeof(int)*num_taxa); data/baitfisher-1.2.7+git20190123.241d060+dfsg/Csequence_cluster_and_center_sequence.cpp:661:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dist_A, distances, sizeof(unsigned)*num_taxa); data/baitfisher-1.2.7+git20190123.241d060+dfsg/Csequence_cluster_and_center_sequence.cpp:677:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dist_C, distances, sizeof(unsigned)*num_taxa); data/baitfisher-1.2.7+git20190123.241d060+dfsg/Csequence_cluster_and_center_sequence.cpp:693:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dist_G, distances, sizeof(unsigned)*num_taxa); data/baitfisher-1.2.7+git20190123.241d060+dfsg/Csequence_cluster_and_center_sequence.cpp:709:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dist_T, distances, sizeof(unsigned)*num_taxa); data/baitfisher-1.2.7+git20190123.241d060+dfsg/Csequence_cluster_and_center_sequence.cpp:734:8: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(distances, dist_A, sizeof(unsigned)*num_taxa); data/baitfisher-1.2.7+git20190123.241d060+dfsg/Csequence_cluster_and_center_sequence.cpp:740:8: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(distances, dist_G, sizeof(unsigned)*num_taxa); data/baitfisher-1.2.7+git20190123.241d060+dfsg/Csequence_cluster_and_center_sequence.cpp:749:8: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(distances, dist_A, sizeof(unsigned)*num_taxa); data/baitfisher-1.2.7+git20190123.241d060+dfsg/Csequence_cluster_and_center_sequence.cpp:755:8: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(distances, dist_T, sizeof(unsigned)*num_taxa); data/baitfisher-1.2.7+git20190123.241d060+dfsg/Csequence_cluster_and_center_sequence.cpp:767:8: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(distances, dist_C, sizeof(unsigned)*num_taxa); data/baitfisher-1.2.7+git20190123.241d060+dfsg/Csequence_cluster_and_center_sequence.cpp:773:8: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(distances, dist_G, sizeof(unsigned)*num_taxa); data/baitfisher-1.2.7+git20190123.241d060+dfsg/Csequence_cluster_and_center_sequence.cpp:782:8: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(distances, dist_C, sizeof(unsigned)*num_taxa); data/baitfisher-1.2.7+git20190123.241d060+dfsg/Csequence_cluster_and_center_sequence.cpp:788:8: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(distances, dist_T, sizeof(unsigned)*num_taxa); data/baitfisher-1.2.7+git20190123.241d060+dfsg/Csequence_cluster_and_center_sequence.h:149:15: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. msa = new char * [taxon_set.size()]; data/baitfisher-1.2.7+git20190123.241d060+dfsg/bait-filter.cpp:216:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). is.open(global_bait_filename.c_str()); data/baitfisher-1.2.7+git20190123.241d060+dfsg/bait-filter.cpp:226:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). os.open(global_output_filename.c_str()); data/baitfisher-1.2.7+git20190123.241d060+dfsg/bait-fisher-helper.cpp:42:32: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. list<faststring> container; char delim_cstring[2]; data/baitfisher-1.2.7+git20190123.241d060+dfsg/bait-fisher-helper.cpp:72:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char delim_cstring[2]; data/baitfisher-1.2.7+git20190123.241d060+dfsg/bait-fisher.cpp:109:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buffer[80]; data/baitfisher-1.2.7+git20190123.241d060+dfsg/bait-fisher.cpp:185:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). is.open(fname_parameter_file.c_str()); data/baitfisher-1.2.7+git20190123.241d060+dfsg/bait-fisher.cpp:569:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). log.open("CAligner.log"); data/baitfisher-1.2.7+git20190123.241d060+dfsg/basic-DNA-RNA-AA-routines.h:116:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char is_DNA_lookup[128] = { data/baitfisher-1.2.7+git20190123.241d060+dfsg/basic-DNA-RNA-AA-routines.h:133:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char is_DNA_or_GAP_lookup[128] = { data/baitfisher-1.2.7+git20190123.241d060+dfsg/basic-DNA-RNA-AA-routines.h:150:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char is_DNA_or_AMBIG_lookup[128] = { data/baitfisher-1.2.7+git20190123.241d060+dfsg/basic-DNA-RNA-AA-routines.h:167:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char is_DNA_or_AMBIG_or_GAP_lookup[128] = { data/baitfisher-1.2.7+git20190123.241d060+dfsg/basic-DNA-RNA-AA-routines.h:537:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char ascii2recode_DNA[128] = { data/baitfisher-1.2.7+git20190123.241d060+dfsg/basic-DNA-RNA-AA-routines.h:553:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char recode2ascii_DNA[128] = { data/baitfisher-1.2.7+git20190123.241d060+dfsg/basic-DNA-RNA-AA-routines.h:569:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char recodeISDNAamig[128] = { data/baitfisher-1.2.7+git20190123.241d060+dfsg/easystring.h:205:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[21]; // Sufficient for 64 bit numbers + sign data/baitfisher-1.2.7+git20190123.241d060+dfsg/easystring.h:206:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp, "%d", i); data/baitfisher-1.2.7+git20190123.241d060+dfsg/easystring.h:212:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[21]; // Sufficient for 64 bit numbers + sign data/baitfisher-1.2.7+git20190123.241d060+dfsg/easystring.h:213:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp, "%ld", i); data/baitfisher-1.2.7+git20190123.241d060+dfsg/easystring.h:219:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[21]; // Sufficient for 64 bit numbers data/baitfisher-1.2.7+git20190123.241d060+dfsg/easystring.h:220:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp, "%u", i); data/baitfisher-1.2.7+git20190123.241d060+dfsg/easystring.h:226:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[21]; // Sufficient for 64 bit numbers data/baitfisher-1.2.7+git20190123.241d060+dfsg/easystring.h:227:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp, "%lu", i); data/baitfisher-1.2.7+git20190123.241d060+dfsg/easystring.h:233:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[25]; // Sufficient for 64 bit numbers data/baitfisher-1.2.7+git20190123.241d060+dfsg/easystring.h:234:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp, "%.*f", pres, x); data/baitfisher-1.2.7+git20190123.241d060+dfsg/fast-dynamic-bitset/fast-dynamic-bitset.h:54:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const unsigned char __num_bits_table[256] = data/baitfisher-1.2.7+git20190123.241d060+dfsg/fast-dynamic-bitset/fast-dynamic-bitset.h:122:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void*)this, (void*) &a, sizeof(fast_dynamic_bitset) ); data/baitfisher-1.2.7+git20190123.241d060+dfsg/fast-dynamic-bitset/fast-dynamic-bitset.h:124:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void*)__data,(void*)a.__data, __get_num_byte(__numWords) ); data/baitfisher-1.2.7+git20190123.241d060+dfsg/fast-dynamic-bitset/fast-dynamic-bitset.h:142:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void*)this, (void*) &a, sizeof(fast_dynamic_bitset) ); data/baitfisher-1.2.7+git20190123.241d060+dfsg/fast-dynamic-bitset/fast-dynamic-bitset.h:144:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void*)__data,(void*)a.__data, __get_num_byte(__numWords) ); data/baitfisher-1.2.7+git20190123.241d060+dfsg/fast-dynamic-bitset/fast-dynamic-bitset.h:148:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void*)__data,(void*)a.__data, __get_num_byte(__numWords) ); data/baitfisher-1.2.7+git20190123.241d060+dfsg/fast-realloc-vector.h:101:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(_buf, v, len*sizeof(T)); data/baitfisher-1.2.7+git20190123.241d060+dfsg/fast-realloc-vector.h:119:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(_buf, v_begin, _len*sizeof(T)); data/baitfisher-1.2.7+git20190123.241d060+dfsg/fast-realloc-vector.h:132:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(_buf, a._buf, _len*sizeof(T)); data/baitfisher-1.2.7+git20190123.241d060+dfsg/fast-realloc-vector.h:198:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(_buf, v, len*sizeof(T)); data/baitfisher-1.2.7+git20190123.241d060+dfsg/fast-realloc-vector.h:206:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(_buf, v_begin, _len*sizeof(T)); data/baitfisher-1.2.7+git20190123.241d060+dfsg/fast-realloc-vector.h:213:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(_buf, a._buf, _len*sizeof(T)); data/baitfisher-1.2.7+git20190123.241d060+dfsg/fast-realloc-vector.h:340:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(_buf, a._buf, _len*sizeof(T)); data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:239:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(_buf, str, _len); data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:255:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(_buf, str_begin, _len); data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:280:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(_buf, a._buf, _len); data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:631:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(_buf, str, _len); data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:643:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(_buf, str, _len); data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:653:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(_buf, str_begin, _len); data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:666:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(_buf, str._buf, _len); data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:676:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(_buf, str._buf+pos, n); data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:719:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(_buf+old_len, s, s_len); data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:733:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(_buf+old_len, s._buf, s_len); data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:749:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(_buf+old_len, s._buf+pos, n); data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:762:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(_buf+old_len, s, n); data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:789:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(_buf+old_len, first_it, n); data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:1300:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(_buf, a._buf, _len); data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:2062:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer+1, _buf, _len); data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:2607:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(s, _buf+pos, l); data/baitfisher-1.2.7+git20190123.241d060+dfsg/global-types-and-parameters.cpp:63:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). is.open(fn); data/baitfisher-1.2.7+git20190123.241d060+dfsg/mydir-unix.cpp:44:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). is.open(fname); data/baitfisher-1.2.7+git20190123.241d060+dfsg/scoring-matrices/CScoreMatrix.h:42:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char alphabet_to_index[256]; data/baitfisher-1.2.7+git20190123.241d060+dfsg/scoring-matrices/CScoreMatrix.h:66:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ifs.open(filename); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CFile/CFile2_1.h:82:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::ifstream::read(buffer + overlap, BUFFERSIZE - overlap); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CFile/CFile2_1.h:239:39: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (__status == __good_flag && getchar() != delim ){} data/baitfisher-1.2.7+git20190123.241d060+dfsg/CFile/CFile2_1.h:244:14: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). char c = getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CFile/CFile2_1.h:254:8: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). char getchar() data/baitfisher-1.2.7+git20190123.241d060+dfsg/CFile/CFile2_1.h:289:14: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). char c = getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CFile/CFile2_1.h:294:11: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CFile/CFile2_1.h:302:14: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). char c = getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CFile/CFile2_1.h:307:11: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CFile/CFile2_1.h:315:18: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). char c = getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CFile/CFile2_1.h:322:11: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CFile/CFile2_1.h:335:9: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CFile/CFile2_1.h:339:11: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:285:16: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:290:13: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:294:18: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:303:16: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:308:13: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:312:18: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:323:16: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:328:13: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:332:18: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:345:16: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:414:18: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:443:16: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:560:18: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:591:16: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:675:18: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:690:16: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:754:18: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:768:16: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:817:18: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:827:16: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:888:18: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:1942:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). unsigned name_len = strlen(s_name); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2206:16: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2208:18: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2212:18: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2214:13: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2252:16: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2254:18: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2258:18: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2260:13: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2293:16: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2295:18: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2299:18: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2301:13: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2336:16: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2338:18: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2342:18: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2344:13: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2406:16: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2408:18: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2412:18: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2414:13: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2455:16: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2457:18: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2461:18: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2463:13: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2509:16: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2511:18: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2515:18: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2517:13: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2636:16: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2638:18: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2642:18: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/CSequence_Mol2_1.h:2644:13: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = infile.getchar(); data/baitfisher-1.2.7+git20190123.241d060+dfsg/fast-dynamic-bitset/fast-dynamic-bitset.h:369:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). is.read((char*) __data,__numWords*sizeof(my_uint_32)); data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:231:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). _len = strlen(str); data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:309:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). _len = strlen(_buf); data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:323:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). _len = strlen(_buf); data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:371:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). _len = strlen(_buf); data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:384:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). _len = strlen(_buf); data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:397:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). _len = strlen(_buf); data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:410:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). _len = strlen(_buf); data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:427:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). _len = strlen(_buf); data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:629:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). _len = strlen(str); data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:639:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t ll = strlen(str); data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:713:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int s_len = strlen(s); data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:1966:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t s_len = strlen(s); data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:2007:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char *e = s + strlen(s); data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:2024:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t s_len = strlen(s); data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:2311:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t s_len = strlen(s); data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:2321:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t s_len = strlen(s); data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:2442:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t s_len = strlen(s); data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:2463:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t s_len = strlen(s); data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:2513:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t s_len = strlen(s); data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:2534:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t s_len = strlen(s); data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:2642:64: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char *p = find_fundamental(begin()+pos, end(), s, s+strlen(s) ); data/baitfisher-1.2.7+git20190123.241d060+dfsg/faststring2.h:2718:63: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char *p = rfind_fundamental(begin()+pos, rend(), s+strlen(s)-1, s-1 ); ANALYSIS SUMMARY: Hits = 180 Lines analyzed = 41826 in approximately 1.15 seconds (36270 lines/second) Physical Source Lines of Code (SLOC) = 30737 Hits@level = [0] 68 [1] 89 [2] 83 [3] 0 [4] 8 [5] 0 Hits@level+ = [0+] 248 [1+] 180 [2+] 91 [3+] 8 [4+] 8 [5+] 0 Hits/KSLOC@level+ = [0+] 8.06845 [1+] 5.85613 [2+] 2.9606 [3+] 0.260273 [4+] 0.260273 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.