Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/coinor-cgl-0.60.3+repack1/Cgl/examples/cgl1.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/examples/cgl_data_test.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/test/unitTest.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglTwomir/CglTwomir.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglTwomir/CglTwomirTest.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglTwomir/CglTwomir.hpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglStored.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglClique/CglClique.hpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglClique/CglClique.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglClique/CglCliqueHelper.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglClique/CglCliqueTest.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglRedSplit/CglRedSplitParam.hpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglRedSplit/CglRedSplit.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglRedSplit/CglRedSplitTest.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglRedSplit/CglRedSplitParam.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglRedSplit/CglRedSplit.hpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglStored.hpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglMixedIntegerRounding/CglMixedIntegerRounding.hpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglMixedIntegerRounding/CglMixedIntegerRounding.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglMixedIntegerRounding/CglMixedIntegerRoundingTest.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglTreeInfo.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/config_cgl_default.h Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglSimpleRounding/CglSimpleRounding.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglSimpleRounding/CglSimpleRoundingTest.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglSimpleRounding/CglSimpleRounding.hpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglProbing/CglProbing.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglProbing/CglProbingTest.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglProbing/CglProbing.hpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglTreeInfo.hpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglDuplicateRow/CglDuplicateRow.hpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglDuplicateRow/CglDuplicateRow.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglMessage.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglRedSplit2/CglRedSplit2.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglRedSplit2/CglRedSplit2Test.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglRedSplit2/CglRedSplit2Param.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglRedSplit2/CglRedSplit2.hpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglRedSplit2/CglRedSplit2Param.hpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglZeroHalf/CglZeroHalf.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglZeroHalf/CglZeroHalfTest.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglZeroHalf/Cgl012cut.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglZeroHalf/CglZeroHalf.hpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglZeroHalf/Cgl012cut.hpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglMessage.hpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglMixedIntegerRounding2/CglMixedIntegerRounding2.hpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglMixedIntegerRounding2/CglMixedIntegerRounding2.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglMixedIntegerRounding2/CglMixedIntegerRounding2Test.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglOddHole/CglOddHole.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglOddHole/CglOddHoleTest.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglOddHole/CglOddHole.hpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglParam.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglCutGenerator.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglPreProcess/CglPreProcess.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglPreProcess/CglPreProcess.hpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglParam.hpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglResidualCapacity/CglResidualCapacity.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglResidualCapacity/CglResidualCapacityTest.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglResidualCapacity/CglResidualCapacity.hpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglCutGenerator.hpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglKnapsackCover/CglKnapsackCover.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglKnapsackCover/CglKnapsackCoverTest.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglKnapsackCover/CglKnapsackCover.hpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglConfig.h Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglLandP/CglLandPValidator.hpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglLandP/CglLandPMessages.hpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglLandP/CglLandPTabRow.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglLandP/CglLandP.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglLandP/CglLandPTest.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglLandP/CglLandPUtils.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglLandP/CglLandPSimplex.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglLandP/CglLandPTabRow.hpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglLandP/CglLandP.hpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglLandP/CglLandPUtils.hpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglLandP/CglLandPValidator.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglLandP/CglLandPSimplex.hpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglLandP/CglLandPMessages.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglAllDifferent/CglAllDifferent.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglAllDifferent/CglAllDifferent.hpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglFlowCover/CglFlowCover.hpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglFlowCover/CglFlowCover.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglFlowCover/CglFlowCoverTest.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglLiftAndProject/CglLiftAndProject.hpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglLiftAndProject/CglLiftAndProject.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/config_default.h Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglGMI/CglGMI.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglGMI/CglGMIParam.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglGMI/CglGMI.hpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglGMI/CglGMIParam.hpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglGomory/CglGomory.hpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglGomory/CglGomory.cpp Examining data/coinor-cgl-0.60.3+repack1/Cgl/src/CglGomory/CglGomoryTest.cpp Examining data/coinor-cgl-0.60.3+repack1/BuildTools/headers/configall_system.h Examining data/coinor-cgl-0.60.3+repack1/BuildTools/headers/configall_system_msc.h FINAL RESULTS: data/coinor-cgl-0.60.3+repack1/Cgl/examples/cgl_data_test.cpp:28:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(f_name, &(f_name_pos[1])); data/coinor-cgl-0.60.3+repack1/Cgl/examples/cgl_data_test.cpp:31:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(f_name, f_name_lp); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglTwomir/CglTwomir.hpp:355:2: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stdout, ##REST); \ data/coinor-cgl-0.60.3+repack1/Cgl/src/CglTwomir/CglTwomir.hpp:361:2: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stdout, ##REST); \ data/coinor-cgl-0.60.3+repack1/Cgl/src/CglTwomir/CglTwomir.hpp:377:4: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stdout, ##REST); \ data/coinor-cgl-0.60.3+repack1/Cgl/src/CglTwomir/CglTwomir.hpp:389:39: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define DGG_IF_EXIT(A,B,REST) {if(A) {fprintf(stdout, REST);exit(B);}} data/coinor-cgl-0.60.3+repack1/Cgl/src/CglDuplicateRow/CglDuplicateRow.cpp:156:4: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. random[i]=0.0; data/coinor-cgl-0.60.3+repack1/Cgl/src/CglDuplicateRow/CglDuplicateRow.cpp:158:4: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. random[i] = randomGenerator->randomDouble(); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglDuplicateRow/CglDuplicateRow.cpp:163:4: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. random[i]=0.0; data/coinor-cgl-0.60.3+repack1/Cgl/src/CglDuplicateRow/CglDuplicateRow.cpp:165:4: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. random[i] = CoinDrand48(); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglDuplicateRow/CglDuplicateRow.cpp:175:25: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. value += element[jj]*random[iRow]; data/coinor-cgl-0.60.3+repack1/Cgl/src/CglDuplicateRow/CglDuplicateRow.cpp:213:12: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. if (random[iRow]) { data/coinor-cgl-0.60.3+repack1/Cgl/src/CglDuplicateRow/CglDuplicateRow.cpp:241:7: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. if (random[iRow]) { data/coinor-cgl-0.60.3+repack1/Cgl/src/CglDuplicateRow/CglDuplicateRow.cpp:370:14: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. if (!random[iRow]) { data/coinor-cgl-0.60.3+repack1/Cgl/src/CglDuplicateRow/CglDuplicateRow.cpp:425:15: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. delete [] random; data/coinor-cgl-0.60.3+repack1/Cgl/examples/cgl_data_test.cpp:17:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *f_name_lp, *last_dot_pos, f_name[256], *f_name_pos; data/coinor-cgl-0.60.3+repack1/Cgl/src/CglClique/CglClique.cpp:890:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(siSimplex->primalColumnSolution(), data/coinor-cgl-0.60.3+repack1/Cgl/src/CglClique/CglCliqueTest.cpp:48:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *in_f = fopen(fn2.c_str(), "r"); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglDuplicateRow/CglDuplicateRow.cpp:2243:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(duplicate_,temp,numberRows*sizeof(int)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglFlowCover/CglFlowCoverTest.cpp:57:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *in_f = fopen(fn2.c_str(), "r"); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglGomory/CglGomory.cpp:122:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(simplex->columnLower(),colLower,numberColumns*sizeof(double)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglGomory/CglGomory.cpp:123:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(simplex->columnUpper(),colUpper,numberColumns*sizeof(double)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglGomory/CglGomory.cpp:222:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(simplex->primalColumnSolution(),si.getColSolution(), data/coinor-cgl-0.60.3+repack1/Cgl/src/CglGomory/CglGomory.cpp:289:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(simplex->objective(),objective,numberColumns*sizeof(double)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglGomory/CglGomoryTest.cpp:72:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char intVar[7]={2,2,2,2,2,2,2}; data/coinor-cgl-0.60.3+repack1/Cgl/src/CglGomory/CglGomoryTest.cpp:289:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char intVar[7]={2,2,2,2,2,2,2}; data/coinor-cgl-0.60.3+repack1/Cgl/src/CglGomory/CglGomoryTest.cpp:506:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char intVar[2]={2,2}; data/coinor-cgl-0.60.3+repack1/Cgl/src/CglGomory/CglGomoryTest.cpp:717:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char intVar[2]={2,2}; data/coinor-cgl-0.60.3+repack1/Cgl/src/CglGomory/CglGomoryTest.cpp:933:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char intVar[7]={2,0,0,0,0,0,0}; data/coinor-cgl-0.60.3+repack1/Cgl/src/CglGomory/CglGomoryTest.cpp:1071:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char intVar[7]={2,0,0,0,0,0,0}; data/coinor-cgl-0.60.3+repack1/Cgl/src/CglGomory/CglGomoryTest.cpp:1209:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char intVar[2]={2,0}; data/coinor-cgl-0.60.3+repack1/Cgl/src/CglGomory/CglGomoryTest.cpp:1342:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char intVar[2]={2,0}; data/coinor-cgl-0.60.3+repack1/Cgl/src/CglKnapsackCover/CglKnapsackCover.cpp:333:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(thisColumnIndex,column+rowStart[rowIndex],length*sizeof(int)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglKnapsackCover/CglKnapsackCover.cpp:334:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(thisElement,elementByRow+rowStart[rowIndex], data/coinor-cgl-0.60.3+repack1/Cgl/src/CglKnapsackCover/CglKnapsackCover.cpp:748:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(thisColumnIndex,column+rowStart[rowIndex], data/coinor-cgl-0.60.3+repack1/Cgl/src/CglKnapsackCover/CglKnapsackCover.cpp:750:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(thisElement,elementByRow+rowStart[rowIndex], data/coinor-cgl-0.60.3+repack1/Cgl/src/CglKnapsackCover/CglKnapsackCoverTest.cpp:540:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE * fp = fopen("knapsack.debug","r"); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglLandP/CglLandP.cpp:34:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(source_,"Lap"); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglLandP/CglLandPMessages.cpp:39:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(source_,"Lap"); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglMessage.cpp:40:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(source_, "Cgl"); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglMixedIntegerRounding/CglMixedIntegerRoundingTest.cpp:68:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *in_f = fopen(fn2.c_str(), "r"); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglMixedIntegerRounding2/CglMixedIntegerRounding2Test.cpp:68:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *in_f = fopen(fn2.c_str(), "r"); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglOddHole/CglOddHole.cpp:57:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(checkRow,suitableRows_,CoinMin(nRows,numberRows_)*sizeof(int)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglOddHole/CglOddHole.cpp:62:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(solution,si.getColSolution(),nCols*sizeof(double)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglOddHole/CglOddHole.cpp:618:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(suitableRows_,possible,nRows*sizeof(int)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglOddHole/CglOddHole.cpp:665:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(suitableRows_,whichRow,numberRows*sizeof(int)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglOddHole/CglOddHole.cpp:675:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(startClique_,cliqueStart,(numberCliques_+1)*sizeof(int)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglOddHole/CglOddHole.cpp:678:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(member_,cliqueMember,length*sizeof(int)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglOddHole/CglOddHole.cpp:725:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(suitableRows_,source.suitableRows_,numberRows_*sizeof(int)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglOddHole/CglOddHole.cpp:733:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(startClique_,source.startClique_,(numberCliques_+1)*sizeof(int)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglOddHole/CglOddHole.cpp:736:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(member_,source.member_,length*sizeof(int)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglOddHole/CglOddHole.cpp:781:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(suitableRows_,rhs.suitableRows_,numberRows_*sizeof(int)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglOddHole/CglOddHole.cpp:788:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(startClique_,rhs.startClique_,(numberCliques_+1)*sizeof(int)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglOddHole/CglOddHole.cpp:791:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(member_,rhs.member_,length*sizeof(int)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglPreProcess/CglPreProcess.cpp:34:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nameMps[50]; data/coinor-cgl-0.60.3+repack1/Cgl/src/CglPreProcess/CglPreProcess.cpp:851:21: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(best, current, nSet * sizeof(int)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglPreProcess/CglPreProcess.cpp:931:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(whichCol, startCC, nColB * sizeof(int)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglPreProcess/CglPreProcess.cpp:1078:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[20]; data/coinor-cgl-0.60.3+repack1/Cgl/src/CglPreProcess/CglPreProcess.cpp:1079:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(name, "presolve%2.2d.mps", mpsNumber); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglPreProcess/CglPreProcess.cpp:1489:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(newSolution, startModel_->getColSolution(), numberColumns * sizeof(double)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglPreProcess/CglPreProcess.cpp:1927:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(temp, prohibited_, numberProhibited_); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglPreProcess/CglPreProcess.cpp:2341:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(generator_ + nAdd, temp, numberCutGenerators_ * sizeof(CglCutGenerator *)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglPreProcess/CglPreProcess.cpp:3104:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(newLower, colLower, numberColumns * sizeof(double)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglPreProcess/CglPreProcess.cpp:3106:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(newUpper, colUpper, numberColumns * sizeof(double)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglPreProcess/CglPreProcess.cpp:3108:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(columnLower, colLower, numberColumns * sizeof(double)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglPreProcess/CglPreProcess.cpp:3110:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(columnUpper, colUpper, numberColumns * sizeof(double)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglPreProcess/CglPreProcess.cpp:3620:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nameMps, "start_%d", whichMps); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglPreProcess/CglPreProcess.cpp:3811:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nameMps, "bad2_%d", whichMps); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglPreProcess/CglPreProcess.cpp:3828:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nameMps, "good2_%d", whichMps); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglPreProcess/CglPreProcess.cpp:4122:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nameMps, "bad3_%d", whichMps); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglPreProcess/CglPreProcess.cpp:4292:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char result[2 * TRIPLE_ROWS][2 * TRIPLE_ROWS]; data/coinor-cgl-0.60.3+repack1/Cgl/src/CglPreProcess/CglPreProcess.cpp:4352:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char generalPrint[100]; data/coinor-cgl-0.60.3+repack1/Cgl/src/CglPreProcess/CglPreProcess.cpp:4353:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(generalPrint, "%d input bounds %g %g", data/coinor-cgl-0.60.3+repack1/Cgl/src/CglPreProcess/CglPreProcess.cpp:6553:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(generator_, temp, numberCutGenerators_ * sizeof(CglCutGenerator *)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglPreProcess/CglPreProcess.cpp:6643:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(originalColumn_, presolve_[iPass]->originalColumns(), data/coinor-cgl-0.60.3+repack1/Cgl/src/CglPreProcess/CglPreProcess.cpp:6645:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(originalRow_, presolve_[iPass]->originalRows(), data/coinor-cgl-0.60.3+repack1/Cgl/src/CglProbing/CglProbing.cpp:2925:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(colLower,trueLower,nCols*sizeof(double)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglProbing/CglProbing.cpp:2926:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(colUpper,trueUpper,nCols*sizeof(double)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglProbing/CglProbing.cpp:3287:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(lookedAt_+maxProbe,stackC,k*sizeof(int)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglProbing/CglProbing.cpp:3313:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(lookedAt_+maxProbe,stackC,k*sizeof(int)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglRedSplit/CglRedSplitTest.cpp:77:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *in_f = fopen(fn2.c_str(), "r"); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglRedSplit2/CglRedSplit2.cpp:716:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(workNonBasicTab[i], contNonBasicTab[i], data/coinor-cgl-0.60.3+repack1/Cgl/src/CglRedSplit2/CglRedSplit2.cpp:2131:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(lambda + (i*nrow), bufflambda + (quality[i].index*nrow), data/coinor-cgl-0.60.3+repack1/Cgl/src/CglRedSplit2/CglRedSplit2Test.cpp:60:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *in_f = fopen(fn2.c_str(), "r"); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglResidualCapacity/CglResidualCapacityTest.cpp:62:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *in_f = fopen(fn2.c_str(), "r"); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglStored.cpp:272:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(fileName, "rb"); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglStored.cpp:373:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(bestSolution_, bestSolution, numberColumns_ * sizeof(double)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglStored.cpp:379:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(bounds_, lower, numberColumns_ * sizeof(double)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglStored.cpp:380:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(bounds_ + numberColumns_, upper, numberColumns_ * sizeof(double)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglTreeInfo.cpp:153:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fixEntry_, rhs.fixEntry_, maximumEntries_ * sizeof(CliqueEntry)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglTreeInfo.cpp:191:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fixEntry_, rhs.fixEntry_, maximumEntries_ * sizeof(CliqueEntry)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglTreeInfo.cpp:467:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(entryC + nel, entry + cliqueStart[kClique], nn * sizeof(CliqueEntry)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglTreeInfo.cpp:480:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(entryC + nel, entry + cliqueStart[kClique], nn * sizeof(CliqueEntry)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglTreeInfo.cpp:673:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(entry + numberEntries, entries, numberExtraEntries * sizeof(CliqueEntry)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglTreeInfo.cpp:1018:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(temp, entry, numberEntries * sizeof(CliqueEntry)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglTreeInfo.cpp:1022:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tempI, whichClique, numberEntries * sizeof(int)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglTreeInfo.cpp:1029:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(temp, cliqueStart, (numberCliques + 1) * sizeof(CoinBigIndex)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglTreeInfo.cpp:1033:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tempT, cliqueType, numberCliques); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglTreeInfo.cpp:1107:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(temp, entry, numberEntries * sizeof(CliqueEntry)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglTreeInfo.cpp:1111:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tempI, whichClique, numberEntries * sizeof(int)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglTreeInfo.cpp:1118:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(temp, cliqueStart, (numberCliques + 1) * sizeof(CoinBigIndex)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglTreeInfo.cpp:1122:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tempT, cliqueType, numberCliques); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglTreeInfo.cpp:1253:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(temp1, fixEntry_, numberEntries_ * sizeof(CliqueEntry)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglTreeInfo.cpp:1257:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(temp2, fixingEntry_, numberEntries_ * sizeof(int)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglTwomir/CglTwomir.cpp:144:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(simplex->columnLower(),colLower,numberColumns*sizeof(double)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglTwomir/CglTwomir.cpp:145:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(simplex->columnUpper(),colUpper,numberColumns*sizeof(double)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglTwomir/CglTwomir.cpp:256:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(simplex->primalColumnSolution(),si.getColSolution(), data/coinor-cgl-0.60.3+repack1/Cgl/src/CglTwomir/CglTwomir.cpp:438:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(simplex->objective(),objective,numberColumns*sizeof(double)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglTwomir/CglTwomir.cpp:1131:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(nc->coeff, c->coeff, sizeof(double)*nc->nz); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglTwomir/CglTwomir.cpp:1132:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(nc->index, c->index, sizeof(int)*nc->nz); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglTwomir/CglTwomirTest.cpp:60:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *in_f = fopen(fn2.c_str(), "r"); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglZeroHalf/CglZeroHalf.cpp:465:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(mtind_+mnz_,mtind_+mnz_-k,k*sizeof(int)); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglZeroHalf/CglZeroHalf.cpp:466:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(mtval_+mnz_,mtval_+mnz_-k,k*sizeof(int)); data/coinor-cgl-0.60.3+repack1/Cgl/examples/cgl_data_test.cpp:42:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strcmp(&(f_name_lp[strlen(f_name_lp)-3]), ".lp") == 0) { data/coinor-cgl-0.60.3+repack1/Cgl/examples/cgl_data_test.cpp:46:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strcmp(&(f_name_lp[strlen(f_name_lp)-4]), ".mps") == 0) { data/coinor-cgl-0.60.3+repack1/Cgl/examples/cgl_data_test.cpp:114:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strcmp(&(f_name_lp[strlen(f_name_lp)-3]), ".lp") == 0) { data/coinor-cgl-0.60.3+repack1/Cgl/examples/cgl_data_test.cpp:118:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strcmp(&(f_name_lp[strlen(f_name_lp)-4]), ".mps") == 0) { data/coinor-cgl-0.60.3+repack1/Cgl/src/CglClique/CglClique.cpp:729:17: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. CoinAbsFltEq equal(1.0e-12); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglClique/CglClique.cpp:730:35: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. cs.insertIfNotDuplicate(rowcut,equal); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglClique/CglClique.cpp:923:15: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. CoinAbsFltEq equal(1.0e-12); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglClique/CglClique.cpp:924:29: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. cs.insertIfNotDuplicate(rc,equal); data/coinor-cgl-0.60.3+repack1/Cgl/src/CglZeroHalf/Cgl012cut.cpp:3180:13: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. short int equal; data/coinor-cgl-0.60.3+repack1/Cgl/src/CglZeroHalf/Cgl012cut.cpp:3209:10: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if ( equal ) { ANALYSIS SUMMARY: Hits = 123 Lines analyzed = 73407 in approximately 1.80 seconds (40737 lines/second) Physical Source Lines of Code (SLOC) = 57141 Hits@level = [0] 1409 [1] 10 [2] 98 [3] 9 [4] 6 [5] 0 Hits@level+ = [0+] 1532 [1+] 123 [2+] 113 [3+] 15 [4+] 6 [5+] 0 Hits/KSLOC@level+ = [0+] 26.8109 [1+] 2.15257 [2+] 1.97756 [3+] 0.262509 [4+] 0.105003 [5+] 0 Dot directories skipped = 2 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.