Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/clearcut-1.0.9/clearcut.h Examining data/clearcut-1.0.9/cmdargs.c Examining data/clearcut-1.0.9/cmdargs.h Examining data/clearcut-1.0.9/common.h Examining data/clearcut-1.0.9/dayhoff.h Examining data/clearcut-1.0.9/dist.c Examining data/clearcut-1.0.9/dist.h Examining data/clearcut-1.0.9/dmat.h Examining data/clearcut-1.0.9/fasta.c Examining data/clearcut-1.0.9/fasta.h Examining data/clearcut-1.0.9/getopt_long.c Examining data/clearcut-1.0.9/getopt_long.h Examining data/clearcut-1.0.9/prng.c Examining data/clearcut-1.0.9/prng.h Examining data/clearcut-1.0.9/clearcut.c Examining data/clearcut-1.0.9/dmat.c FINAL RESULTS: data/clearcut-1.0.9/clearcut.c:1987:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dest->taxaname[i], src->taxaname[i]); data/clearcut-1.0.9/dmat.c:560:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dmat->taxaname[row], token->buf); data/clearcut-1.0.9/fasta.c:468:2: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf(ptr, "%s", alignment->titles[seq]); /* get the first word and use as the title */ data/clearcut-1.0.9/cmdargs.c:133:9: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. c = getopt_long(argc, data/clearcut-1.0.9/getopt_long.c:270:1: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. getopt_long(int argc, char **argv, data/clearcut-1.0.9/getopt_long.c:492:9: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. c = getopt_long(argc, argv, shortopts, longopts, indexptr); data/clearcut-1.0.9/getopt_long.h:47:5: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. int getopt_long(int argc, char **argv, data/clearcut-1.0.9/clearcut.c:1485:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(nj_args->outfilename, "w"); /* open for writing */ data/clearcut-1.0.9/clearcut.c:1487:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(nj_args->outfilename, "a"); /* open for appending */ data/clearcut-1.0.9/clearcut.c:1991:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest->val, src->valhandle, NJ_NCELLS(src->ntaxa)*sizeof(float)); data/clearcut-1.0.9/clearcut.c:1994:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest->r, src->rhandle, src->ntaxa*sizeof(float)); data/clearcut-1.0.9/clearcut.c:1995:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest->r2, src->r2handle, src->ntaxa*sizeof(float)); data/clearcut-1.0.9/cmdargs.c:166:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). nj_args.seed = atoi(optarg); data/clearcut-1.0.9/cmdargs.c:174:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). nj_args.ntrees = atoi(optarg); data/clearcut-1.0.9/cmdargs.c:408:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char input_mode[32]; data/clearcut-1.0.9/cmdargs.c:412:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(input_mode, "Distance Matrix"); data/clearcut-1.0.9/cmdargs.c:415:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(input_mode, "Unaligned Sequences"); data/clearcut-1.0.9/cmdargs.c:418:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(input_mode, "Aligned Sequences"); data/clearcut-1.0.9/cmdargs.c:421:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(input_mode, "UNKNOWN"); data/clearcut-1.0.9/dmat.c:467:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(nj_args->infilename, "r"); data/clearcut-1.0.9/dmat.c:796:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(nj_args->matrixout, "w"); data/clearcut-1.0.9/fasta.c:61:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char NJ_dna_ambiguity_syms[NJ_NUM_DNA_AMBIGUITY_SYMS] = data/clearcut-1.0.9/fasta.c:70:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char NJ_protein_ambiguity_syms[NJ_NUM_PROTEIN_AMBIGUITY_SYMS] = data/clearcut-1.0.9/fasta.c:76:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char NJ_dna_syms[NJ_NUM_DNA_SYMS] = data/clearcut-1.0.9/fasta.c:83:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char NJ_protein_syms[NJ_NUM_PROTEIN_SYMS] = data/clearcut-1.0.9/fasta.c:342:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(nj_args->infilename, "r"); data/clearcut-1.0.9/getopt_long.c:471:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *argv[50]; data/clearcut-1.0.9/clearcut.c:1967:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dest->taxaname[i] = (char *)calloc(strlen(src->taxaname[i])+1, sizeof(char)); data/clearcut-1.0.9/dist.c:148:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dmat->taxaname[i] = (char *)calloc(strlen(alignment->titles[i])+1, sizeof(char)); data/clearcut-1.0.9/dist.c:154:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(dmat->taxaname[i], alignment->titles[i], strlen(alignment->titles[i])); data/clearcut-1.0.9/dist.c:154:54: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncpy(dmat->taxaname[i], alignment->titles[i], strlen(alignment->titles[i])); data/clearcut-1.0.9/dmat.c:194:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(token) == 1) { data/clearcut-1.0.9/dmat.c:200:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(i=0;i<strlen(token);i++) { data/clearcut-1.0.9/dmat.c:280:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(!NJ_is_number(token[strlen(token)-1])) { data/clearcut-1.0.9/dmat.c:326:7: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = fgetc(fp); data/clearcut-1.0.9/dmat.c:355:9: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = fgetc(fp); data/clearcut-1.0.9/dmat.c:554:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dmat->taxaname[row] = (char *)calloc(strlen(token->buf)+1, sizeof(char)); data/clearcut-1.0.9/fasta.c:380:9: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = fgetc(fp); data/clearcut-1.0.9/fasta.c:452:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). alignment->titles[seq] = (char *)calloc(strlen(buf), sizeof(char)); data/clearcut-1.0.9/getopt_long.c:208:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int len = strlen(arg); data/clearcut-1.0.9/getopt_long.c:383:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int len = strlen(opt); ANALYSIS SUMMARY: Hits = 41 Lines analyzed = 8376 in approximately 0.26 seconds (32142 lines/second) Physical Source Lines of Code (SLOC) = 4494 Hits@level = [0] 195 [1] 14 [2] 20 [3] 4 [4] 3 [5] 0 Hits@level+ = [0+] 236 [1+] 41 [2+] 27 [3+] 7 [4+] 3 [5+] 0 Hits/KSLOC@level+ = [0+] 52.5145 [1+] 9.12328 [2+] 6.00801 [3+] 1.55763 [4+] 0.667557 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.