Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/bustools-0.40.0/src/BUSData.cpp
Examining data/bustools-0.40.0/src/BUSData.h
Examining data/bustools-0.40.0/src/Common.cpp
Examining data/bustools-0.40.0/src/Common.hpp
Examining data/bustools-0.40.0/src/bustools_capture.cpp
Examining data/bustools-0.40.0/src/bustools_capture.h
Examining data/bustools-0.40.0/src/bustools_correct.cpp
Examining data/bustools-0.40.0/src/bustools_correct.h
Examining data/bustools-0.40.0/src/bustools_count.cpp
Examining data/bustools-0.40.0/src/bustools_count.h
Examining data/bustools-0.40.0/src/bustools_extract.cpp
Examining data/bustools-0.40.0/src/bustools_extract.h
Examining data/bustools-0.40.0/src/bustools_inspect.cpp
Examining data/bustools-0.40.0/src/bustools_inspect.h
Examining data/bustools-0.40.0/src/bustools_linker.cpp
Examining data/bustools-0.40.0/src/bustools_linker.h
Examining data/bustools-0.40.0/src/bustools_main.cpp
Examining data/bustools-0.40.0/src/bustools_merge.cpp
Examining data/bustools-0.40.0/src/bustools_merge.h
Examining data/bustools-0.40.0/src/bustools_project.cpp
Examining data/bustools-0.40.0/src/bustools_project.h
Examining data/bustools-0.40.0/src/bustools_sort.cpp
Examining data/bustools-0.40.0/src/bustools_sort.h
Examining data/bustools-0.40.0/src/bustools_whitelist.cpp
Examining data/bustools-0.40.0/src/bustools_whitelist.h
Examining data/bustools-0.40.0/src/kseq.h
Examining data/bustools-0.40.0/src/roaring.c
Examining data/bustools-0.40.0/src/roaring.h
Examining data/bustools-0.40.0/test/matrix.ec

FINAL RESULTS:

data/bustools-0.40.0/src/roaring.h:51:82:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
#error This code assumes  64-bit long longs (by use of the GCC intrinsics). Your system is not currently supported.
data/bustools-0.40.0/src/bustools_main.cpp:103:15:  [3] (buffer) getopt_long:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
  while ((c = getopt_long(argc, argv, opt_string, long_options, &option_index)) != -1) {
data/bustools-0.40.0/src/bustools_main.cpp:178:15:  [3] (buffer) getopt_long:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
  while ((c = getopt_long(argc, argv, opt_string, long_options, &option_index)) != -1) {
data/bustools-0.40.0/src/bustools_main.cpp:212:15:  [3] (buffer) getopt_long:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
  while ((c = getopt_long(argc, argv, opt_string, long_options, &option_index)) != -1) {
data/bustools-0.40.0/src/bustools_main.cpp:277:15:  [3] (buffer) getopt_long:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
  while ((c = getopt_long(argc, argv, opt_string, long_options, &option_index)) != -1) {
data/bustools-0.40.0/src/bustools_main.cpp:326:15:  [3] (buffer) getopt_long:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
  while ((c = getopt_long(argc, argv, opt_string, long_options, &option_index)) != -1) {
data/bustools-0.40.0/src/bustools_main.cpp:363:15:  [3] (buffer) getopt_long:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
  while ((c = getopt_long(argc, argv, opt_string, long_options, &option_index)) != -1) {
data/bustools-0.40.0/src/bustools_main.cpp:406:15:  [3] (buffer) getopt_long:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
  while ((c = getopt_long(argc, argv, opt_string, long_options, &option_index)) != -1) {
data/bustools-0.40.0/src/bustools_main.cpp:447:15:  [3] (buffer) getopt_long:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
  while ((c = getopt_long(argc, argv, opt_string, long_options, &option_index)) != -1) {
data/bustools-0.40.0/src/bustools_main.cpp:505:15:  [3] (buffer) getopt_long:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
  while ((c = getopt_long(argc, argv, opt_string, long_options, &option_index)) != -1) {
data/bustools-0.40.0/src/bustools_main.cpp:547:15:  [3] (buffer) getopt_long:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
  while ((c = getopt_long(argc, argv, opt_string, long_options, &option_index)) != -1) {
data/bustools-0.40.0/src/bustools_main.cpp:589:15:  [3] (buffer) getopt_long:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
  while ((c = getopt_long(argc, argv, opt_string, long_options, &option_index)) != -1) {
data/bustools-0.40.0/src/BUSData.cpp:76:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char magic[4];  
data/bustools-0.40.0/src/BUSData.cpp:131:8:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  outf.open(filename.c_str(), std::ios::out);
data/bustools-0.40.0/src/BUSData.cpp:160:8:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  outf.open(filename.c_str(), std::ios::out);
data/bustools-0.40.0/src/Common.hpp:71:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const char alpha[4] = {'A','C','G','T'};
data/bustools-0.40.0/src/bustools_capture.cpp:55:8:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    of.open(output); 
data/bustools-0.40.0/src/bustools_capture.cpp:73:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      inf.open(infn.c_str(), std::ios::binary);
data/bustools-0.40.0/src/bustools_correct.cpp:49:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char magic[4];      
data/bustools-0.40.0/src/bustools_correct.cpp:92:14:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    busf_out.open(opt.output , std::ios::out | std::ios::binary);
data/bustools-0.40.0/src/bustools_correct.cpp:107:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      inf.open(infn.c_str(), std::ios::binary);
data/bustools-0.40.0/src/bustools_count.cpp:43:6:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  of.open(mtx_ofn); 
data/bustools-0.40.0/src/bustools_count.cpp:292:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      inf.open(infn.c_str(), std::ios::binary);
data/bustools-0.40.0/src/bustools_count.cpp:356:6:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  of.open(mtx_ofn, std::ios::binary | std::ios::in | std::ios::out);
data/bustools-0.40.0/src/bustools_count.cpp:373:8:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  bcof.open(barcodes_ofn);
data/bustools-0.40.0/src/bustools_extract.cpp:49:9:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    inf.open(opt.files[0].c_str(), std::ios::binary);
data/bustools-0.40.0/src/bustools_extract.cpp:104:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(buf + bufLen, seq[i]->name.s, seq[i]->name.l);
data/bustools-0.40.0/src/bustools_extract.cpp:107:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(buf + bufLen, seq[i]->comment.s, seq[i]->comment.l);
data/bustools-0.40.0/src/bustools_extract.cpp:112:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(buf + bufLen, seq[i]->seq.s, seq[i]->seq.l);
data/bustools-0.40.0/src/bustools_extract.cpp:118:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(buf + bufLen, seq[i]->name.s, seq[i]->name.l);
data/bustools-0.40.0/src/bustools_extract.cpp:121:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(buf + bufLen, seq[i]->comment.s, seq[i]->comment.l);
data/bustools-0.40.0/src/bustools_extract.cpp:126:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(buf + bufLen, seq[i]->qual.s, seq[i]->qual.l);
data/bustools-0.40.0/src/bustools_inspect.cpp:72:9:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    inf.open(opt.files[0].c_str(), std::ios::binary);
data/bustools-0.40.0/src/bustools_linker.cpp:16:8:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    of.open(opt.output); 
data/bustools-0.40.0/src/bustools_linker.cpp:38:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      inf.open(infn->c_str(), std::ios::binary);
data/bustools-0.40.0/src/bustools_main.cpp:110:21:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      opt.threads = atoi(optarg);
data/bustools-0.40.0/src/bustools_main.cpp:137:24:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      opt.max_memory = atoi(s.substr(0,n).c_str());
data/bustools-0.40.0/src/bustools_main.cpp:412:25:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        opt.threshold = atoi(optarg);
data/bustools-0.40.0/src/bustools_main.cpp:687:18:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE *tmpf = fopen(opt.temp_files.c_str(), "a+");
data/bustools-0.40.0/src/bustools_main.cpp:1484:14:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
          of.open(opt.output); 
data/bustools-0.40.0/src/bustools_main.cpp:1492:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char magic[4];      
data/bustools-0.40.0/src/bustools_main.cpp:1498:17:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            inf.open(infn.c_str(), std::ios::binary);
data/bustools-0.40.0/src/bustools_merge.cpp:34:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    bf[i].open((opt.files[i] + "/output.bus").c_str(), std::ios::binary);
data/bustools-0.40.0/src/bustools_project.cpp:18:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char magic[4];     
data/bustools-0.40.0/src/bustools_project.cpp:37:16:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      busf_out.open(opt.output , std::ios::out | std::ios::binary);
data/bustools-0.40.0/src/bustools_project.cpp:54:13:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        inf.open(infn.c_str(), std::ios::binary);
data/bustools-0.40.0/src/bustools_project.cpp:111:16:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      busf_out.open(opt.output , std::ios::out | std::ios::binary);
data/bustools-0.40.0/src/bustools_project.cpp:128:13:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        inf.open(infn.c_str(), std::ios::binary);
data/bustools-0.40.0/src/bustools_project.cpp:223:8:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    of.open(opt.output_folder + "/matrix.ec");
data/bustools-0.40.0/src/bustools_project.cpp:242:8:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    of.open(opt.output_folder + "/genes.txt");
data/bustools-0.40.0/src/bustools_project.cpp:253:10:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      of.open(opt.output); 
data/bustools-0.40.0/src/bustools_project.cpp:263:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      inf.open(opt.files[0].c_str(), std::ios::binary);
data/bustools-0.40.0/src/bustools_sort.cpp:155:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char magic[4];
data/bustools-0.40.0/src/bustools_sort.cpp:191:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      inf.open(infn.c_str(), std::ios::binary);
data/bustools-0.40.0/src/bustools_sort.cpp:253:8:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    of.open(opt.output, std::ios::out | std::ios::binary); 
data/bustools-0.40.0/src/bustools_sort.cpp:289:13:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      bf[i].open((opt.temp_files + std::to_string(i)).c_str(), std::ios::binary);
data/bustools-0.40.0/src/bustools_sort.cpp:357:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char magic[4];
data/bustools-0.40.0/src/bustools_sort.cpp:363:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      inf.open(infn.c_str(), std::ios::binary);
data/bustools-0.40.0/src/bustools_sort.cpp:406:8:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    of.open(opt.output, std::ios::out | std::ios::binary); 
data/bustools-0.40.0/src/bustools_whitelist.cpp:24:9:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    inf.open(opt.files[0].c_str(), std::ios::binary);
data/bustools-0.40.0/src/kseq.h:129:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(str->s + str->l, ks->buf + ks->begin, i - ks->begin); \
data/bustools-0.40.0/src/roaring.c:528:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        if (A != C) memcpy(C, A, sizeof(uint16_t) * s_a);
data/bustools-0.40.0/src/roaring.c:611:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(buffer, B + i_b, (s_b - i_b) * sizeof(uint16_t));
data/bustools-0.40.0/src/roaring.c:1080:26:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        if (a1 != a_out) memcpy(a_out, a1, sizeof(uint16_t) * length1);
data/bustools-0.40.0/src/roaring.c:1140:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out + pos_out, array_1 + pos1, n_elems * sizeof(uint16_t));
data/bustools-0.40.0/src/roaring.c:1144:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out + pos_out, array_2 + pos2, n_elems * sizeof(uint16_t));
data/bustools-0.40.0/src/roaring.c:1630:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(buffer + leftoversize, array1 + 8 * pos1,
data/bustools-0.40.0/src/roaring.c:1639:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(buffer + leftoversize, array2 + 8 * pos2,
data/bustools-0.40.0/src/roaring.c:1763:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(buffer + leftoversize, array1 + 8 * pos1,
data/bustools-0.40.0/src/roaring.c:1767:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(output, array2 + 8 * pos2,
data/bustools-0.40.0/src/roaring.c:1777:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(buffer + leftoversize, array2 + 8 * pos2,
data/bustools-0.40.0/src/roaring.c:1781:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(output, array1 + 8 * pos1,
data/bustools-0.40.0/src/roaring.c:2558:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(out, &val,
data/bustools-0.40.0/src/roaring.c:2579:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(out + outpos, &val,
data/bustools-0.40.0/src/roaring.c:2964:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(newcontainer->array, src->array,
data/bustools-0.40.0/src/roaring.c:3043:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(dst->array, src->array, cardinality * sizeof(uint16_t));
data/bustools-0.40.0/src/roaring.c:3229:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out + outpos, &val,
data/bustools-0.40.0/src/roaring.c:3276:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(buf, &cardinality, off = sizeof(cardinality));
data/bustools-0.40.0/src/roaring.c:3278:12:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    if (l) memcpy(&buf[off], container->array, l);
data/bustools-0.40.0/src/roaring.c:3290:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(buf, container->array, container->cardinality * sizeof(uint16_t));
data/bustools-0.40.0/src/roaring.c:3323:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(container->array, buf, container->cardinality * sizeof(uint16_t));
data/bustools-0.40.0/src/roaring.c:3363:18:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        if (len) memcpy(ptr->array, &buf[off], len);
data/bustools-0.40.0/src/roaring.c:3457:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(dest->array, source->array,
data/bustools-0.40.0/src/roaring.c:3514:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(bitset->array, src->array,
data/bustools-0.40.0/src/roaring.c:3907:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(buf, container->array, l);
data/bustools-0.40.0/src/roaring.c:3915:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(buf, container->array, BITSET_CONTAINER_SIZE_IN_WORDS * sizeof(uint64_t));
data/bustools-0.40.0/src/roaring.c:3923:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(container->array, buf, BITSET_CONTAINER_SIZE_IN_WORDS * sizeof(uint64_t));
data/bustools-0.40.0/src/roaring.c:3939:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ptr, buf, sizeof(bitset_container_t));
data/bustools-0.40.0/src/roaring.c:3946:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ptr->array, buf, l);
data/bustools-0.40.0/src/roaring.c:5013:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(answer->runs + answer->n_runs, src_1->runs + rlepos,
data/bustools-0.40.0/src/roaring.c:5734:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(arr->array, src->array, start_index * sizeof(uint16_t));
data/bustools-0.40.0/src/roaring.c:5750:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(arr->array + out_pos, src->array + (last_index + 1),
data/bustools-0.40.0/src/roaring.c:6807:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(run->runs, src->runs, src->n_runs * sizeof(rle16_t));
data/bustools-0.40.0/src/roaring.c:6856:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(dst->runs, src->runs, sizeof(rle16_t) * n_runs);
data/bustools-0.40.0/src/roaring.c:7262:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(dst->runs + dst->n_runs, src_1->runs + rlepos1,
data/bustools-0.40.0/src/roaring.c:7278:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(out + outpos, &val,
data/bustools-0.40.0/src/roaring.c:7320:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(buf, &container->n_runs, off = sizeof(container->n_runs));
data/bustools-0.40.0/src/roaring.c:7321:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&buf[off], &container->capacity, sizeof(container->capacity));
data/bustools-0.40.0/src/roaring.c:7325:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&buf[off], container->runs, l);
data/bustools-0.40.0/src/roaring.c:7330:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(buf, &container->n_runs, sizeof(uint16_t));
data/bustools-0.40.0/src/roaring.c:7331:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(buf + sizeof(uint16_t), container->runs,
data/bustools-0.40.0/src/roaring.c:7339:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&container->n_runs, buf, sizeof(uint16_t));
data/bustools-0.40.0/src/roaring.c:7343:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(container->runs, buf + sizeof(uint16_t),
data/bustools-0.40.0/src/roaring.c:7366:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&ptr->n_runs, buf, off = 4);
data/bustools-0.40.0/src/roaring.c:7367:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&ptr->capacity, &buf[off], 4);
data/bustools-0.40.0/src/roaring.c:7382:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ptr->runs, &buf[off], len);
data/bustools-0.40.0/src/roaring.c:8865:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(buf + 1, &cardinality, sizeof(uint32_t));
data/bustools-0.40.0/src/roaring.c:8921:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&card, bufaschar + 1, sizeof(uint32_t));
data/bustools-0.40.0/src/roaring.c:9121:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(newit, it, sizeof(roaring_uint32_iterator_t));
data/bustools-0.40.0/src/roaring.c:10321:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(bitset_zone, bitset->array,
data/bustools-0.40.0/src/roaring.c:10335:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(run_zone, run->runs, num_bytes);
data/bustools-0.40.0/src/roaring.c:10344:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(array_zone, array->array, num_bytes);
data/bustools-0.40.0/src/roaring.c:10352:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&count_zone[i], &count, 2);
data/bustools-0.40.0/src/roaring.c:10354:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(key_zone, ra->keys, ra->size * sizeof(uint16_t));
data/bustools-0.40.0/src/roaring.c:10355:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(typecode_zone, ra->typecodes, ra->size * sizeof(uint8_t));
data/bustools-0.40.0/src/roaring.c:10357:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(header_zone, &header, 4);
data/bustools-0.40.0/src/roaring.c:10371:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&header, buf + length - 4, 4); // header may be misaligned
data/bustools-0.40.0/src/roaring.c:10538:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(newcontainers, ra->containers, sizeof(void *) * ra->size);
data/bustools-0.40.0/src/roaring.c:10539:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(newkeys, ra->keys, sizeof(uint16_t) * ra->size);
data/bustools-0.40.0/src/roaring.c:10540:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(newtypecodes, ra->typecodes, sizeof(uint8_t) * ra->size);
data/bustools-0.40.0/src/roaring.c:10596:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(dest->keys, source->keys, dest->size * sizeof(uint16_t));
data/bustools-0.40.0/src/roaring.c:10606:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
          memcpy(dest->containers, source->containers,
data/bustools-0.40.0/src/roaring.c:10608:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
          memcpy(dest->typecodes, source->typecodes,
data/bustools-0.40.0/src/roaring.c:10613:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
          memcpy(dest->typecodes, source->typecodes,
data/bustools-0.40.0/src/roaring.c:10640:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(dest->keys, source->keys, dest->size * sizeof(uint16_t));
data/bustools-0.40.0/src/roaring.c:10648:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(dest->containers, source->containers,
data/bustools-0.40.0/src/roaring.c:10650:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(dest->typecodes, source->typecodes,
data/bustools-0.40.0/src/roaring.c:10653:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(dest->typecodes, source->typecodes,
data/bustools-0.40.0/src/roaring.c:11016:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(append_ans, t_ans, dtr * sizeof(uint32_t));
data/bustools-0.40.0/src/roaring.c:11043:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(ans, t_ans+first_skip, limit * sizeof(uint32_t));
data/bustools-0.40.0/src/roaring.c:11086:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(buf, &cookie, sizeof(cookie));
data/bustools-0.40.0/src/roaring.c:11097:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(buf, bitmapOfRunContainers, s);
data/bustools-0.40.0/src/roaring.c:11108:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(buf, &cookie, sizeof(cookie));
data/bustools-0.40.0/src/roaring.c:11110:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(buf, &ra->size, sizeof(ra->size));
data/bustools-0.40.0/src/roaring.c:11116:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(buf, &ra->keys[k], sizeof(ra->keys[k]));
data/bustools-0.40.0/src/roaring.c:11122:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(buf, &card, sizeof(card));
data/bustools-0.40.0/src/roaring.c:11128:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(buf, &startOffset, sizeof(startOffset));
data/bustools-0.40.0/src/roaring.c:11152:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&cookie, buf, sizeof(int32_t));
data/bustools-0.40.0/src/roaring.c:11165:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&size, buf, sizeof(int32_t));
data/bustools-0.40.0/src/roaring.c:11212:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(&n_runs, buf, sizeof(uint16_t));
data/bustools-0.40.0/src/roaring.c:11239:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&cookie, buf, sizeof(int32_t));
data/bustools-0.40.0/src/roaring.c:11257:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&size, buf, sizeof(int32_t));
data/bustools-0.40.0/src/roaring.c:11350:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(&n_runs, buf, sizeof(uint16_t));
data/bustools-0.40.0/src/BUSData.cpp:77:7:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  inf.read((char*)(&magic[0]), 4);
data/bustools-0.40.0/src/BUSData.cpp:81:7:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  inf.read((char*)(&header.version), sizeof(header.version));
data/bustools-0.40.0/src/BUSData.cpp:85:7:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  inf.read((char*)(&header.bclen), sizeof(header.bclen));
data/bustools-0.40.0/src/BUSData.cpp:86:7:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  inf.read((char*)(&header.umilen), sizeof(header.umilen));
data/bustools-0.40.0/src/BUSData.cpp:88:7:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  inf.read((char*)(&tlen), sizeof(tlen));
data/bustools-0.40.0/src/BUSData.cpp:90:7:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  inf.read(t, tlen);
data/bustools-0.40.0/src/bustools_capture.cpp:87:10:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      in.read((char*)p, N*sizeof(BUSData));
data/bustools-0.40.0/src/bustools_correct.cpp:136:10:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      in.read((char*)p, N*sizeof(BUSData));
data/bustools-0.40.0/src/bustools_count.cpp:304:10:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      in.read((char*)p, N*sizeof(BUSData));
data/bustools-0.40.0/src/bustools_extract.cpp:68:8:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    in.read((char *) p, N * sizeof(BUSData));
data/bustools-0.40.0/src/bustools_inspect.cpp:119:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  in.read((char*) p, N * sizeof(BUSData));
data/bustools-0.40.0/src/bustools_inspect.cpp:188:8:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    in.read((char*) p, N * sizeof(BUSData));
data/bustools-0.40.0/src/bustools_linker.cpp:79:10:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      in.read((char*) p, N * sizeof(BUSData));
data/bustools-0.40.0/src/bustools_main.cpp:1511:16:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
            in.read((char*)p, N*sizeof(BUSData));
data/bustools-0.40.0/src/bustools_merge.cpp:127:13:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      bf[i].read((char *) &t, sizeof(t));
data/bustools-0.40.0/src/bustools_merge.cpp:182:13:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      bf[i].read((char *) &t, sizeof(t));
data/bustools-0.40.0/src/bustools_project.cpp:71:12:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        in.read((char*)p, N*sizeof(BUSData));
data/bustools-0.40.0/src/bustools_project.cpp:145:12:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        in.read((char*)p, N*sizeof(BUSData));
data/bustools-0.40.0/src/bustools_project.cpp:290:10:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      in.read((char*) p, N * sizeof(BUSData));
data/bustools-0.40.0/src/bustools_sort.cpp:206:10:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      in.read((char*)p, N*sizeof(BUSData));
data/bustools-0.40.0/src/bustools_sort.cpp:272:10:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      in.read((char*)p, M*sizeof(BUSData));
data/bustools-0.40.0/src/bustools_sort.cpp:297:13:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      bf[i].read((char*) &t, sizeof(t));
data/bustools-0.40.0/src/bustools_sort.cpp:324:15:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        bf[i].read((char*) &t, sizeof(t));
data/bustools-0.40.0/src/bustools_sort.cpp:374:10:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      in.read((char*)p, N*sizeof(BUSData));
data/bustools-0.40.0/src/bustools_whitelist.cpp:50:10:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      in.read((char*) p, N * sizeof(BUSData));
data/bustools-0.40.0/src/bustools_whitelist.cpp:127:8:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    in.read((char*) p, N * sizeof(BUSData));

ANALYSIS SUMMARY:

Hits = 169
Lines analyzed = 24189 in approximately 0.64 seconds (37632 lines/second)
Physical Source Lines of Code (SLOC) = 18450
Hits@level = [0]  60 [1]  26 [2] 131 [3]  11 [4]   1 [5]   0
Hits@level+ = [0+] 229 [1+] 169 [2+] 143 [3+]  12 [4+]   1 [5+]   0
Hits/KSLOC@level+ = [0+] 12.4119 [1+] 9.15989 [2+] 7.75068 [3+] 0.650407 [4+] 0.0542005 [5+]   0
Dot directories skipped = 2 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.