Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/chemps2-1.8.9/CheMPS2/CASPT2.cpp
Examining data/chemps2-1.8.9/CheMPS2/CASSCF.cpp
Examining data/chemps2-1.8.9/CheMPS2/CASSCFdebug.cpp
Examining data/chemps2-1.8.9/CheMPS2/CASSCFnewtonraphson.cpp
Examining data/chemps2-1.8.9/CheMPS2/CASSCFpt2.cpp
Examining data/chemps2-1.8.9/CheMPS2/ConjugateGradient.cpp
Examining data/chemps2-1.8.9/CheMPS2/ConvergenceScheme.cpp
Examining data/chemps2-1.8.9/CheMPS2/Correlations.cpp
Examining data/chemps2-1.8.9/CheMPS2/Cumulant.cpp
Examining data/chemps2-1.8.9/CheMPS2/DIIS.cpp
Examining data/chemps2-1.8.9/CheMPS2/DMRG.cpp
Examining data/chemps2-1.8.9/CheMPS2/DMRGSCFindices.cpp
Examining data/chemps2-1.8.9/CheMPS2/DMRGSCFintegrals.cpp
Examining data/chemps2-1.8.9/CheMPS2/DMRGSCFmatrix.cpp
Examining data/chemps2-1.8.9/CheMPS2/DMRGSCFoptions.cpp
Examining data/chemps2-1.8.9/CheMPS2/DMRGSCFrotations.cpp
Examining data/chemps2-1.8.9/CheMPS2/DMRGSCFunitary.cpp
Examining data/chemps2-1.8.9/CheMPS2/DMRGSCFwtilde.cpp
Examining data/chemps2-1.8.9/CheMPS2/DMRGfock.cpp
Examining data/chemps2-1.8.9/CheMPS2/DMRGmpsio.cpp
Examining data/chemps2-1.8.9/CheMPS2/DMRGoperators.cpp
Examining data/chemps2-1.8.9/CheMPS2/DMRGoperators3RDM.cpp
Examining data/chemps2-1.8.9/CheMPS2/DMRGtechnics.cpp
Examining data/chemps2-1.8.9/CheMPS2/Davidson.cpp
Examining data/chemps2-1.8.9/CheMPS2/EdmistonRuedenberg.cpp
Examining data/chemps2-1.8.9/CheMPS2/Excitation.cpp
Examining data/chemps2-1.8.9/CheMPS2/FCI.cpp
Examining data/chemps2-1.8.9/CheMPS2/FourIndex.cpp
Examining data/chemps2-1.8.9/CheMPS2/Hamiltonian.cpp
Examining data/chemps2-1.8.9/CheMPS2/Heff.cpp
Examining data/chemps2-1.8.9/CheMPS2/HeffDiagonal.cpp
Examining data/chemps2-1.8.9/CheMPS2/HeffDiagrams1.cpp
Examining data/chemps2-1.8.9/CheMPS2/HeffDiagrams2.cpp
Examining data/chemps2-1.8.9/CheMPS2/HeffDiagrams3.cpp
Examining data/chemps2-1.8.9/CheMPS2/HeffDiagrams4.cpp
Examining data/chemps2-1.8.9/CheMPS2/HeffDiagrams5.cpp
Examining data/chemps2-1.8.9/CheMPS2/Initialize.cpp
Examining data/chemps2-1.8.9/CheMPS2/Irreps.cpp
Examining data/chemps2-1.8.9/CheMPS2/Molden.cpp
Examining data/chemps2-1.8.9/CheMPS2/PrintLicense.cpp
Examining data/chemps2-1.8.9/CheMPS2/Problem.cpp
Examining data/chemps2-1.8.9/CheMPS2/Sobject.cpp
Examining data/chemps2-1.8.9/CheMPS2/SyBookkeeper.cpp
Examining data/chemps2-1.8.9/CheMPS2/Tensor3RDM.cpp
Examining data/chemps2-1.8.9/CheMPS2/TensorF0.cpp
Examining data/chemps2-1.8.9/CheMPS2/TensorF1.cpp
Examining data/chemps2-1.8.9/CheMPS2/TensorGYZ.cpp
Examining data/chemps2-1.8.9/CheMPS2/TensorKM.cpp
Examining data/chemps2-1.8.9/CheMPS2/TensorL.cpp
Examining data/chemps2-1.8.9/CheMPS2/TensorO.cpp
Examining data/chemps2-1.8.9/CheMPS2/TensorOperator.cpp
Examining data/chemps2-1.8.9/CheMPS2/TensorQ.cpp
Examining data/chemps2-1.8.9/CheMPS2/TensorS0.cpp
Examining data/chemps2-1.8.9/CheMPS2/TensorS1.cpp
Examining data/chemps2-1.8.9/CheMPS2/TensorT.cpp
Examining data/chemps2-1.8.9/CheMPS2/TensorX.cpp
Examining data/chemps2-1.8.9/CheMPS2/ThreeDM.cpp
Examining data/chemps2-1.8.9/CheMPS2/TwoDM.cpp
Examining data/chemps2-1.8.9/CheMPS2/TwoIndex.cpp
Examining data/chemps2-1.8.9/CheMPS2/Wigner.cpp
Examining data/chemps2-1.8.9/CheMPS2/executable.cpp
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/CASPT2.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/CASSCF.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/ConjugateGradient.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/ConvergenceScheme.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/Correlations.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/Cumulant.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/DIIS.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/DMRG.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/DMRGSCFindices.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/DMRGSCFintegrals.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/DMRGSCFmatrix.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/DMRGSCFoptions.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/DMRGSCFrotations.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/DMRGSCFunitary.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/DMRGSCFwtilde.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/Davidson.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/EdmistonRuedenberg.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/Excitation.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/FCI.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/FourIndex.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/Hamiltonian.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/Heff.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/Initialize.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/Irreps.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/Lapack.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/MPIchemps2.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/Molden.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/MyHDF5.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/Options.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/Problem.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/Sobject.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/Special.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/SyBookkeeper.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/Tensor.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/Tensor3RDM.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/TensorF0.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/TensorF1.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/TensorGYZ.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/TensorKM.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/TensorL.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/TensorO.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/TensorOperator.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/TensorQ.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/TensorS0.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/TensorS1.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/TensorT.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/TensorX.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/ThreeDM.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/TwoDM.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/TwoIndex.h
Examining data/chemps2-1.8.9/CheMPS2/include/chemps2/Wigner.h
Examining data/chemps2-1.8.9/integrals/psi4plugins/dmrg.cc
Examining data/chemps2-1.8.9/integrals/psi4plugins/fcidump.cc
Examining data/chemps2-1.8.9/integrals/psi4plugins/savehdf.cc

FINAL RESULTS:

data/chemps2-1.8.9/CheMPS2/CASSCFnewtonraphson.cpp:48:18:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
      int info = system( temp.c_str() );
data/chemps2-1.8.9/CheMPS2/DMRGmpsio.cpp:168:15:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
   int info = system(thestream.str().c_str());
data/chemps2-1.8.9/CheMPS2/DMRGoperators.cpp:1545:15:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
   int info = system(temp.str().c_str());
data/chemps2-1.8.9/integrals/psi4plugins/dmrg.cc:854:13:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
            system(("rm " + chemps2filename).c_str());
data/chemps2-1.8.9/integrals/psi4plugins/dmrg.cc:890:13:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
            system(("rm " + chemps2filename).c_str());
data/chemps2-1.8.9/integrals/psi4plugins/dmrg.cc:943:13:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
            system(("rm " + chemps2filename).c_str());
data/chemps2-1.8.9/integrals/psi4plugins/dmrg.cc:986:13:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
            system(("rm " + chemps2filename).c_str());
data/chemps2-1.8.9/integrals/psi4plugins/dmrg.cc:1134:13:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
            system(("rm " + chemps2filename).c_str());
data/chemps2-1.8.9/integrals/psi4plugins/dmrg.cc:1176:13:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
            system(("rm " + chemps2filename).c_str());
data/chemps2-1.8.9/CheMPS2/DMRG.cpp:167:46:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
            if ( am_i_master ){ MPS[ site ]->random(); }
data/chemps2-1.8.9/CheMPS2/DMRG.cpp:184:29:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
               MPS[ site ]->random();
data/chemps2-1.8.9/CheMPS2/DMRGfock.cpp:239:26:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
         MPS[ orbital ]->random();
data/chemps2-1.8.9/CheMPS2/Initialize.cpp:29:4:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
   srand(time(NULL));
data/chemps2-1.8.9/CheMPS2/TensorT.cpp:167:24:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
void CheMPS2::TensorT::random(){
data/chemps2-1.8.9/CheMPS2/executable.cpp:475:17:  [3] (buffer) getopt_long:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
   while (( c = getopt_long( argc, argv, "hvf:", long_options, &option_index )) != -1 ){
data/chemps2-1.8.9/CheMPS2/include/chemps2/TensorT.h:90:15:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
         void random();
data/chemps2-1.8.9/CheMPS2/Hamiltonian.cpp:320:9:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    L = atoi( part.c_str() );
data/chemps2-1.8.9/CheMPS2/Hamiltonian.cpp:340:33:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        const int molproirrep = atoi( part.c_str() );
data/chemps2-1.8.9/CheMPS2/Hamiltonian.cpp:381:28:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        const int index1 = atoi( part.c_str() );
data/chemps2-1.8.9/CheMPS2/Hamiltonian.cpp:387:28:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        const int index2 = atoi( part.c_str() );
data/chemps2-1.8.9/CheMPS2/Hamiltonian.cpp:393:28:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        const int index3 = atoi( part.c_str() );
data/chemps2-1.8.9/CheMPS2/Hamiltonian.cpp:398:28:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        const int index4 = atoi( part.c_str() );
data/chemps2-1.8.9/CheMPS2/Hamiltonian.cpp:461:21:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    const int LAS = atoi( part.c_str() );
data/chemps2-1.8.9/CheMPS2/Hamiltonian.cpp:483:33:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        const int molproirrep = atoi( part.c_str() );
data/chemps2-1.8.9/CheMPS2/Hamiltonian.cpp:506:32:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            const int index1 = atoi( part.c_str() );
data/chemps2-1.8.9/CheMPS2/Hamiltonian.cpp:511:32:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            const int index2 = atoi( part.c_str() );
data/chemps2-1.8.9/CheMPS2/Hamiltonian.cpp:544:16:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
   capturing = fopen( fcidumpfile.c_str(), "w" ); // "w" with fopen means truncate file
data/chemps2-1.8.9/CheMPS2/Molden.cpp:100:35:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
         const int molpro_irrep = atoi( part.c_str() );
data/chemps2-1.8.9/CheMPS2/TwoDM.cpp:379:16:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
   capturing = fopen( filename.c_str(), "w" ); // "w" with fopen means truncate file
data/chemps2-1.8.9/CheMPS2/executable.cpp:45:22:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      result[ no ] = atoi( rawdata.substr( pos, pos2-pos ).c_str() );
data/chemps2-1.8.9/CheMPS2/executable.cpp:93:21:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      result[ 0 ] = atoi( line.substr( pos, line.length() - pos ).c_str() );
data/chemps2-1.8.9/CheMPS2/executable.cpp:231:19:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      capturing = fopen( filename.c_str(), "w" ); // "w" with fopen means truncate file
data/chemps2-1.8.9/CheMPS2/executable.cpp:660:22:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      fcidump_norb = atoi( line.substr( pos+1, pos2-pos-1 ).c_str() );
data/chemps2-1.8.9/CheMPS2/executable.cpp:662:23:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      fcidump_nelec = atoi( line.substr( pos+1, pos2-pos-1 ).c_str() );
data/chemps2-1.8.9/CheMPS2/executable.cpp:664:23:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      fcidump_two_s = atoi( line.substr( pos+1, pos2-pos-1 ).c_str() );
data/chemps2-1.8.9/CheMPS2/executable.cpp:667:36:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      const int molpro_wfn_irrep = atoi( line.substr( pos+1, pos2-pos-1 ).c_str() );
data/chemps2-1.8.9/integrals/psi4plugins/dmrg.cc:358:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    psio->open(PSIF_LIBTRANS_DPD, PSIO_OPEN_OLD);
data/chemps2-1.8.9/integrals/psi4plugins/dmrg.cc:423:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    psio->open(PSIF_LIBTRANS_DPD, PSIO_OPEN_OLD);
data/chemps2-1.8.9/integrals/psi4plugins/dmrg.cc:464:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    psio->open(PSIF_LIBTRANS_DPD, PSIO_OPEN_OLD);
data/chemps2-1.8.9/integrals/psi4plugins/dmrg.cc:823:23:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            capturing.open( chemps2filename.c_str() , ios::trunc ); // truncate
data/chemps2-1.8.9/integrals/psi4plugins/dmrg.cc:848:21:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            copying.open( chemps2filename , ios::in ); // read only
data/chemps2-1.8.9/integrals/psi4plugins/dmrg.cc:873:23:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            capturing.open( chemps2filename.c_str() , ios::trunc ); // truncate
data/chemps2-1.8.9/integrals/psi4plugins/dmrg.cc:884:21:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            copying.open( chemps2filename , ios::in ); // read only
data/chemps2-1.8.9/integrals/psi4plugins/dmrg.cc:906:23:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            capturing.open( chemps2filename.c_str() , ios::trunc ); // truncate
data/chemps2-1.8.9/integrals/psi4plugins/dmrg.cc:937:21:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            copying.open( chemps2filename , ios::in ); // read only
data/chemps2-1.8.9/integrals/psi4plugins/dmrg.cc:970:23:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            capturing.open( chemps2filename.c_str() , ios::trunc ); // truncate
data/chemps2-1.8.9/integrals/psi4plugins/dmrg.cc:980:21:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            copying.open( chemps2filename , ios::in ); // read only
data/chemps2-1.8.9/integrals/psi4plugins/dmrg.cc:1081:23:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            capturing.open( chemps2filename.c_str() , ios::trunc ); // truncate
data/chemps2-1.8.9/integrals/psi4plugins/dmrg.cc:1128:21:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            copying.open( chemps2filename , ios::in ); // read only
data/chemps2-1.8.9/integrals/psi4plugins/dmrg.cc:1160:23:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            capturing.open( chemps2filename.c_str() , ios::trunc ); // truncate
data/chemps2-1.8.9/integrals/psi4plugins/dmrg.cc:1170:21:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            copying.open( chemps2filename , ios::in ); // read only
data/chemps2-1.8.9/integrals/psi4plugins/fcidump.cc:106:17:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    capturing = fopen( filenamefcidump.c_str(), "w" ); // "w" with fopen means truncate file
data/chemps2-1.8.9/integrals/psi4plugins/fcidump.cc:119:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    psio->open(PSIF_LIBTRANS_DPD, PSIO_OPEN_OLD);
data/chemps2-1.8.9/integrals/psi4plugins/savehdf.cc:141:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    psio->open(PSIF_LIBTRANS_DPD, PSIO_OPEN_OLD);
data/chemps2-1.8.9/CheMPS2/DMRGSCFmatrix.cpp:136:30:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
void CheMPS2::DMRGSCFmatrix::read( const string filename, const int n_irreps, double ** storage ){
data/chemps2-1.8.9/CheMPS2/DMRGSCFunitary.cpp:439:28:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
   CheMPS2::DMRGSCFmatrix::read( filename, num_irreps, entries );
data/chemps2-1.8.9/CheMPS2/FourIndex.cpp:372:26:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
void CheMPS2::FourIndex::read(const std::string name){
data/chemps2-1.8.9/CheMPS2/Hamiltonian.cpp:199:28:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
void CheMPS2::Hamiltonian::read(const string file_parent, const string file_tmat, const string file_vmat){
data/chemps2-1.8.9/CheMPS2/Hamiltonian.cpp:201:10:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
   Tmat->read(file_tmat);
data/chemps2-1.8.9/CheMPS2/Hamiltonian.cpp:202:10:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
   Vmat->read(file_vmat);
data/chemps2-1.8.9/CheMPS2/Hamiltonian.cpp:291:4:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
   read(file_parent, file_tmat, file_vmat);
data/chemps2-1.8.9/CheMPS2/Molden.cpp:148:28:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
   CheMPS2::DMRGSCFmatrix::read( filename, num_irreps, unitary );
data/chemps2-1.8.9/CheMPS2/TwoDM.cpp:345:22:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
void CheMPS2::TwoDM::read(){
data/chemps2-1.8.9/CheMPS2/TwoIndex.cpp:140:25:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
void CheMPS2::TwoIndex::read(const std::string name){
data/chemps2-1.8.9/CheMPS2/executable.cpp:210:91:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
bool print_molcas_reorder( int * dmrg2ham, const int L, const string filename, const bool read ){
data/chemps2-1.8.9/CheMPS2/executable.cpp:214:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
   if ( read ){
data/chemps2-1.8.9/CheMPS2/include/chemps2/DMRGSCFmatrix.h:83:22:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
         static void read( const string filename, const int n_irreps, double ** storage );
data/chemps2-1.8.9/CheMPS2/include/chemps2/FourIndex.h:95:15:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
         void read(const std::string name);
data/chemps2-1.8.9/CheMPS2/include/chemps2/Hamiltonian.h:153:15:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
         void read(const string file_parent=HAMILTONIAN_ParentStorageName, const string file_tmat=HAMILTONIAN_TmatStorageName, const string file_vmat=HAMILTONIAN_VmatStorageName);
data/chemps2-1.8.9/CheMPS2/include/chemps2/TwoDM.h:145:15:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
         void read();
data/chemps2-1.8.9/CheMPS2/include/chemps2/TwoIndex.h:67:15:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
         void read(const std::string name);

ANALYSIS SUMMARY:

Hits = 71
Lines analyzed = 56342 in approximately 5.35 seconds (10524 lines/second)
Physical Source Lines of Code (SLOC) = 38533
Hits@level = [0]  23 [1]  17 [2]  38 [3]   7 [4]   9 [5]   0
Hits@level+ = [0+]  94 [1+]  71 [2+]  54 [3+]  16 [4+]   9 [5+]   0
Hits/KSLOC@level+ = [0+] 2.43947 [1+] 1.84258 [2+] 1.4014 [3+] 0.415229 [4+] 0.233566 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.