Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/concavity-0.1+dfsg.1/apps/concavity/grid_creation.C
Examining data/concavity-0.1+dfsg.1/apps/concavity/grid_creation.h
Examining data/concavity-0.1+dfsg.1/apps/concavity/concavity.C
Examining data/concavity-0.1+dfsg.1/apps/concavity/pocket_extraction.C
Examining data/concavity-0.1+dfsg.1/apps/concavity/pocket_extraction.h
Examining data/concavity-0.1+dfsg.1/pkgs/PDB/PDBResidue.C
Examining data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.h
Examining data/concavity-0.1+dfsg.1/pkgs/PDB/PDBBond.C
Examining data/concavity-0.1+dfsg.1/pkgs/PDB/PDBChain.h
Examining data/concavity-0.1+dfsg.1/pkgs/PDB/PDB.C
Examining data/concavity-0.1+dfsg.1/pkgs/PDB/PDBAminoAcid.C
Examining data/concavity-0.1+dfsg.1/pkgs/PDB/PDBBond.h
Examining data/concavity-0.1+dfsg.1/pkgs/PDB/PDBResidue.h
Examining data/concavity-0.1+dfsg.1/pkgs/PDB/PDBChain.C
Examining data/concavity-0.1+dfsg.1/pkgs/PDB/PDB.h
Examining data/concavity-0.1+dfsg.1/pkgs/PDB/PDBAminoAcid.h
Examining data/concavity-0.1+dfsg.1/pkgs/PDB/PDBUtil.h
Examining data/concavity-0.1+dfsg.1/pkgs/PDB/PDBElement.C
Examining data/concavity-0.1+dfsg.1/pkgs/PDB/PDBPick.C
Examining data/concavity-0.1+dfsg.1/pkgs/PDB/PDBAtomTypes.C
Examining data/concavity-0.1+dfsg.1/pkgs/PDB/PDBDistance.C
Examining data/concavity-0.1+dfsg.1/pkgs/PDB/PDBModel.h
Examining data/concavity-0.1+dfsg.1/pkgs/PDB/PDBAtom.h
Examining data/concavity-0.1+dfsg.1/pkgs/PDB/PDBElement.h
Examining data/concavity-0.1+dfsg.1/pkgs/PDB/PDBAtomTypes.h
Examining data/concavity-0.1+dfsg.1/pkgs/PDB/PDBDistance.h
Examining data/concavity-0.1+dfsg.1/pkgs/PDB/PDBModel.C
Examining data/concavity-0.1+dfsg.1/pkgs/PDB/PDBAtom.C
Examining data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C
Examining data/concavity-0.1+dfsg.1/pkgs/PDB/PDBUtil.C
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Arc.C
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Span.C
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Io.h
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Vector.h
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Isect.C
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Solid.C
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Shapes.C
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Affine.h
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Curve.h
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Polygon.C
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Relate.h
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Point.h
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Span.h
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Arc.h
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Vector.C
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Io.C
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Isect.h
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Shapes.h
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Solid.h
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Curve.C
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Affine.C
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Point.C
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Relate.C
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Polygon.h
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Parall.C
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Cont.h
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Box.h
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Draw.h
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R3Matrix.C
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Perp.h
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Ray.h
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Halfspace.C
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Dist.h
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Xform.C
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Line.h
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Circle.C
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Shape.h
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Parall.h
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Box.C
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Draw.C
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R3Matrix.h
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Cont.C
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Halfspace.h
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Ray.C
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Perp.C
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Circle.h
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Line.C
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Shape.C
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Dist.C
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Xform.h
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Grid.C
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Grid.h
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Image.C
Examining data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Image.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Span.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Ellipsoid.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Point.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Surface.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Plane.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Ray.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Circle.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Curve.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Solid.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Isect.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Parall.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Align.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Box.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Cylinder.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Kdtree.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Crdsys.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Cone.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3TriangleArray.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Point.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Span.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Ellipsoid.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Circle.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Curve.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Solid.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Surface.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Ray.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Plane.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Align.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Parall.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Isect.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Box.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Cone.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Crdsys.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3TriangleArray.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Kdtree.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Cylinder.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Halfspace.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Xform.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Sphere.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Ellipse.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Shape.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Triangle.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Shapes.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Affine.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Draw.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3SphericalGrid.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Cont.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Relate.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Base.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3MeshSearchTree.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Perp.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Triad.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Vector.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Line.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R4Matrix.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Dist.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Shapes.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Shape.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Affine.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Xform.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Halfspace.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Sphere.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Ellipse.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Cont.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3SphericalGrid.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Base.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Relate.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Draw.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Triad.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Perp.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3MeshSearchTree.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Dist.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R4Matrix.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Vector.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Line.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Grid.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Grid.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Triangle.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.h
Examining data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNIntval.C
Examining data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNMem.C
Examining data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNBasics.h
Examining data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNArray.h
Examining data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNError.h
Examining data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNFlags.C
Examining data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNRgb.C
Examining data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNScalar.h
Examining data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNIntval.h
Examining data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNError.C
Examining data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNArray.C
Examining data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNMem.h
Examining data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNBasics.C
Examining data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNScalar.C
Examining data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNRgb.h
Examining data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNFlags.h
Examining data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNTime.C
Examining data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNExtern.h
Examining data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNGrfx.h
Examining data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNHeap.h
Examining data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNQueue.C
Examining data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNType.h
Examining data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNSvd.C
Examining data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNBase.C
Examining data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNTime.h
Examining data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNQueue.h
Examining data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNHeap.C
Examining data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNGrfx.C
Examining data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNType.C
Examining data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNBase.h
Examining data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNSvd.h
Examining data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNCompat.h
Examining data/concavity-0.1+dfsg.1/pkgs/gaps.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Graphics/R3Camera.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Graphics/R3Io.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Graphics/R3Viewer.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Graphics/R3Node.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Graphics/R3SpotLight.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Graphics/R3Brdf.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Graphics/R3DirectionalLight.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Graphics/R3PointLight.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Graphics/R3Graphics.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Graphics/R3Viewer.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Graphics/R3Io.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Graphics/R3Camera.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Graphics/R3SpotLight.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Graphics/R3Node.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Graphics/R3Brdf.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Graphics/R3PointLight.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Graphics/R3Graphics.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Graphics/R3DirectionalLight.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Graphics/R2Texture.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Graphics/R3Material.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Graphics/R3Scene.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Graphics/R3Light.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Graphics/R2Viewport.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Graphics/R2Texture.h
Examining data/concavity-0.1+dfsg.1/pkgs/R3Graphics/R3Scene.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Graphics/R3Material.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Graphics/R3Light.C
Examining data/concavity-0.1+dfsg.1/pkgs/R3Graphics/R2Viewport.h
FINAL RESULTS:
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:283:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(s) ? strcpy(pdb_id, s + 1) : strcpy(pdb_id, file->Name());
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:283:33: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(s) ? strcpy(pdb_id, s + 1) : strcpy(pdb_id, file->Name());
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:318:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(filename, "%s_%s_%s.scores", pdb_id, chain_name, basename);
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:386:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(res_pred_filename, "%s_%s_residue.pdb", pdb_id, basename);
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:632:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(command_issued, *args);
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:647:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(s) ? strcpy(pdb_id, s + 1) : strcpy(pdb_id, pdb_name);
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:647:33: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(s) ? strcpy(pdb_id, s + 1) : strcpy(pdb_id, pdb_name);
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:759:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(grid_outfile, "%s_%s.grd", pdb_id, output_basename);
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:764:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(grid_outfile, "%s_%s.dx", pdb_id, output_basename);
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:769:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(grid_outfile, "%s_%s_pocket.pdb", pdb_id, output_basename);
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:774:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(grid_outfile, "%s_%s.grdtxt", pdb_id, output_basename);
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:821:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pymol_script_name, "%s_%s.pml", pdb_id, output_basename);
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:839:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pymol_pocket_script_name, "%s_%s_pocket.pml", pdb_id, output_basename);
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:856:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pymol_residue_script_name, "%s_%s_residue.pml", pdb_id, output_basename);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:481:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(remark, "%s%s%s", buf1, buf2, buf3) == 3) {
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:508:20: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(chain_name, bufferp);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:559:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name2, chain->Name());
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:573:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(chain2->name, name2);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:591:10: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if ((sscanf(remark, "%s%s%s", buf1, buf2, buf3) == 3) &&
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:602:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, model2->Chain(j)->Name());
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:648:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(remark, "%s%s%s", buf1, buf2, buf3) == 3) {
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:676:20: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(chain_name, bufferp);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:801:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(residue_string, bufferp);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:874:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(chain_name, chain->Name());
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:876:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(chain_filename, consurf_basename);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:877:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(chain_filename, chain_name);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1016:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(chain_name, chain->Name());
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1018:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(chain_filename, hssp_basename);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1019:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(chain_filename, chain_name);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1203:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(chain_name, chain->Name());
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1205:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(chain_filename, jsd_basename);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1207:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(chain_filename, chain_name);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1300:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(chain_name, chain1->Name());
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1304:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(chain_filename, jsd_basename);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1306:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(chain_filename, chain_name);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1308:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(chain_filename, conservation_file_source);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1329:15: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(header, "%s %s %s %s %s %s", dummy, dummy, dummy, from, dummy, to) == 6) {
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1331:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(chain_name, from);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1339:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(chain_filename, jsd_basename);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1341:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(chain_filename, chain_name);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1343:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(chain_filename, conservation_file_source);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1360:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(chain_filename, jsd_basename);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1364:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(chain_filename, conservation_file_source);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1387:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(chain_name, chain2->Name());
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1393:17: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(header, "%s %s %s %s %s %s", dummy, dummy, dummy, from, dummy, to) == 6) {
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1395:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(chain_name, from);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1404:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(chain_filename, jsd_basename);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1406:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(chain_filename, chain_name);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1408:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(chain_filename, conservation_file_source);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1473:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(chain_name, chain->Name());
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1475:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(chain_filename, jsd_basename);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1477:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(chain_filename, chain_name);
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Grid.C:2377:3: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
fscanf(fp, "%s", magic);
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Io.C:78:6: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(bufferp, "%s%s", keyword, filetype) != 2) {
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Io.C:109:6: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(bufferp, "%s%d%lf%lf%lf%lf%lf%lf%lf%d",
data/concavity-0.1+dfsg.1/pkgs/R3Graphics/R3Io.C:34:12: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
while (fscanf(fp, "%s", cmd) == 1) {
data/concavity-0.1+dfsg.1/pkgs/R3Graphics/R3Io.C:141:10: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (fscanf(fp, "%lf%lf%lf%lf%lf%lf%lf%lf%lf%lf%lf%lf%lf%lf%lf%d%s",
data/concavity-0.1+dfsg.1/pkgs/R3Graphics/R3Io.C:174:10: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (fscanf(fp, "%s", texture_name) != 1) {
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2037:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(bufferp, "%s", keyword) != 1) {
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2046:11: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(bufferp, "%s%lf%lf%lf", keyword, &x, &y, &z) != 4) {
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2057:11: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(bufferp, "%s%s%s%s", keyword, s1, s2, s3) != 4) {
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2136:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(bufferp, "%s%d%d%d", header, &tmp, &nfaces, &nedges) == 4) {
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2240:10: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
while (fscanf(fp, "%s", cmd) == 1) {
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2336:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(bufferp, "%s", keyword) != 1) {
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2368:12: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if ((sscanf(bufferp, "%d%s%s", &id, buffer1, buffer2) != 3) ||
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2591:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(buffer, "%s", cmd) != 1) continue;
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2594:11: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(buffer, "%s%lf%lf%lf", cmd, &x, &y, &z) != 4) {
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNError.C:58:9: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(buf, fmt, args);
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNError.C:59:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(outbuf, buf);
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNError.C:72:6: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(RNerror_file, fmt, args);
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNError.C:97:9: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(buf, fmt, args);
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNError.C:98:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(outbuf, buf);
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNError.C:111:6: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(RNerror_file, fmt, args);
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNError.C:133:9: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(buf, fmt, args);
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNError.C:134:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(outbuf, buf);
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNError.C:147:6: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(RNerror_file, fmt, args);
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNType.C:46:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(this->name, name);
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNType.C:61:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(this->name, name);
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNScalar.h:213:26: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (seed == 0.0) srand(GetTickCount());
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNScalar.h:214:14: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
else srand((int) (1.0E6 * seed));
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNScalar.h:224:16: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
return drand48();
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:228:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(grid_name, "w");
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:280:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pdb_id[1024];
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:315:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[1024];
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:321:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "w");
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:385:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char res_pred_filename[1024];
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:437:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
argc--; argv++; print_grid_raw = atoi(*argv);
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:440:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
argc--; argv++; print_grid_dx = atoi(*argv);
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:443:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
argc--; argv++; print_grid_pdb = atoi(*argv);
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:446:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
argc--; argv++; print_grid_txt = atoi(*argv);
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:449:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
argc--; argv++; pymol_script = atoi(*argv);
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:452:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
argc--; argv++; pymol_pocket_script = atoi(*argv);
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:455:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
argc--; argv++; pymol_residue_script = atoi(*argv);
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:458:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
argc--; argv++; pymol_image_res = atoi(*argv);
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:488:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
argc--; argv++; normalization_type = atoi(*argv);
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:509:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
argc--; argv++; max_cavities = atoi(*argv);
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:512:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
argc--; argv++; cavity_rank_method = atoi(*argv);
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:515:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
argc--; argv++; pocket_threshold_type = atoi(*argv);
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:553:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
argc--; argv++; values_from_world = atoi(*argv);
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:569:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
argc--; argv++; grid_resolution[0] = atoi(*argv);
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:570:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
argc--; argv++; grid_resolution[1] = atoi(*argv);
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:571:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
argc--; argv++; grid_resolution[2] = atoi(*argv);
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:574:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
argc--; argv++; max_grid_resolution = atoi(*argv);
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:627:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command_issued[2048] = "concavity ";
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:645:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pdb_id[1024];
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:756:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grid_outfile[1024];
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:820:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pymol_script_name[256];
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:823:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *py_fp = fopen(pymol_script_name, "w");
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:838:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pymol_pocket_script_name[256];
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:841:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *py_fp = fopen(pymol_pocket_script_name, "w");
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:855:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pymol_residue_script_name[256];
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:858:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *py_fp = fopen(pymol_residue_script_name, "w");
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBAminoAcid.h:84:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[16];
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBAminoAcid.h:85:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char code[4];
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBAtom.h:60:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[8];
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBChain.C:91:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[64];
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBChain.C:115:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int residue_sequence = atoi(seqp);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBChain.h:59:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[4];
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBElement.h:55:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[4];
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:182:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "r");
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:214:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "w");
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:235:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char token[128];
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:252:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model_name[16];
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:253:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(model_name, "%d", NModels()+1);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:259:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:268:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int serial = atoi(PDBToken(buffer, 7, 11, len));
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:269:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char atomName[8]; strncpy(atomName, &buffer[12], 4); atomName[4] = '\0';
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:271:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char resName[4]; strncpy(resName, PDBToken(buffer, 18, 20, len), 4);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:272:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chainName[4]; chainName[0] = buffer[21]; chainName[1] = '\0';
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:273:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int resSeq = atoi(PDBToken(buffer, 23, 26, len));
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:278:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char occupancy_string[8]; strncpy(occupancy_string, PDBToken(buffer, 55, 60, len), 8);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:280:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempFactor_string[8]; strncpy(tempFactor_string, PDBToken(buffer, 61, 66, len), 8);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:282:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char elementName[4]; strncpy(elementName, PDBToken(buffer, 77, 78, len), 4);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:283:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char charge_string[4]; strncpy(charge_string, PDBToken(buffer, 79, 80, len), 4);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:372:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model_name[16];
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:373:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(model_name, "%d", NModels()+1);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:459:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024], *bufferp;
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:460:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[128], buf2[128], buf3[128];
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:506:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chain_name[16];
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:517:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024], *bufferp;
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:525:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int row_number = atoi(&bufferp[strlen(bufferp)-1]);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:555:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name2[4] = { 0, 0, 0, 0 };
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:599:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buffer, "REMARK 350 APPLY THE FOLLOWING TO CHAINS: ");
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:601:22: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (j > 0) strcat(buffer, ", ");
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:632:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024], *bufferp;
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:633:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[128], buf2[128], buf3[128];
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:674:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chain_name[16];
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:687:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024], *bufferp;
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:695:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int row_number = atoi(&bufferp[strlen(bufferp)-1]);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:766:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "r");
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:776:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:800:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char residue_string[64];
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:806:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int residue_sequence = atoi(&residue_string[3]);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:817:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int residue_conservation_color = atoi(bufferp);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:869:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chain_filename[256];
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:873:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chain_name[4] = { 0 };
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:878:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(chain_filename, ".gradesPE");
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:903:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "r");
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:913:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1011:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chain_filename[256];
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1015:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chain_name[4] = { 0 };
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1020:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(chain_filename, ".hssp.orig");
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1045:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "r");
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1055:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1069:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int residue_serial = atoi(bufferp);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1198:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chain_filename[256];
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1202:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chain_name[4] = { 0 };
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1208:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(chain_filename, "_hssp.jsd_scores");
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1280:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chain_filename[256];
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1299:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chain_name[4] = { 0 };
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1309:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(chain_filename, ".scores");
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1327:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummy[256], from[256], to[256];
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1344:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(chain_filename, ".scores");
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1365:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(chain_filename, ".scores");
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1386:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chain_name[4] = { 0 };
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1391:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummy[256], from[256], to[256];
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1409:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(chain_filename, ".scores");
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1436:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "w");
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1468:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chain_filename[256];
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1472:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chain_name[4] = { 0 };
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1478:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(chain_filename, "_hssp.jsd_scores");
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1553:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "r");
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1562:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_line[1024];
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1589:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chain1_name[4]; chain1_name[0] = input_line[6]; chain1_name[1] = '\0';
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1590:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int residue1_sequence = atoi(PDBToken(input_line, 10, 13, len));
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1592:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char residue1_name[4]; strncpy(residue1_name, PDBToken(input_line, 15, 17, len), 4);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1593:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int atom1_serial = atoi(PDBToken(input_line, 19, 23, len));
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1594:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char atom1_name[8]; strncpy(atom1_name, &input_line[24], 4); atom1_name[4] = '\0';
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1597:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chain2_name[4]; chain2_name[0] = input_line[54]; chain2_name[1] = '\0';
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1598:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int residue2_sequence = atoi(PDBToken(input_line, 49, 53, len));
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1600:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char residue2_name[4]; strncpy(residue2_name, PDBToken(input_line, 45, 47, len), 4);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1601:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int atom2_serial = atoi(PDBToken(input_line, 39, 43, len));
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1602:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char atom2_name[8]; strncpy(atom2_name, &input_line[33], 4); atom2_name[4] = '\0';
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.h:74:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[128];
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBModel.C:65:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chain_name[4];
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBModel.h:63:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBResidue.C:248:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *atom_names[natoms] = { " CA ", " C ", " N " };
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBResidue.C:266:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *atom_names[natoms] = { " CA ", " CB ", " N " };
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBResidue.C:278:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *atom_names[natoms] = { " CB ", " SG ", " CA " };
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBResidue.C:290:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *atom_names[natoms] = { " CG ", " OD1", " OD2" };
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBResidue.C:302:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *atom_names[natoms] = { " CD ", " OE1", " OE2" };
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBResidue.C:314:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *atom_names[natoms] = { " CG ", " CD2", " CE2", " CZ ", " CE1", " CD1", " CB " };
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBResidue.C:331:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *atom_names[natoms] = { " CA ", " C ", " N " };
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBResidue.C:343:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *atom_names[natoms] = { " CG ", " CD2", " NE2", " CE1", " ND1" };
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBResidue.C:361:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *atom_names[natoms] = { " CB ", " CG2", " CG1" };
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBResidue.C:373:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *atom_names[natoms] = { " CE ", " NZ ", " CD " };
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBResidue.C:385:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *atom_names[natoms] = { " CG ", " CD2", " CD1" };
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBResidue.C:397:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *atom_names[natoms] = { " SD ", " CG ", " CE " };
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBResidue.C:409:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *atom_names[natoms] = { " CG ", " OD1", " ND2" };
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBResidue.C:421:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *atom_names[natoms] = { " CA ", " N ", " CD ", " CG ", " CB " };
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBResidue.C:434:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *atom_names[natoms] = { " CD ", " OE1", " NE2" };
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBResidue.C:446:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *atom_names[natoms] = { " CZ ", " NE ", " CD ", " NH1", " NH2" };
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBResidue.C:459:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *atom_names[natoms] = { " CB ", " OG ", " CA " };
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBResidue.C:471:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *atom_names[natoms] = { " CB ", " OG1", " CG2" };
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBResidue.C:483:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *atom_names[natoms] = { " CB ", " CG2", " CG1" };
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBResidue.C:495:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *atom_names[natoms] = { " CH2", " CZ3", " CE3", " CD2", " CG ", " CD1", " NE1", " CE2", " CZ2" };
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBResidue.C:508:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *atom_names[natoms] = { " CG ", " CD2", " CE2", " CZ ", " OH ", " CE1", " CD1", " CB " };
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBResidue.C:538:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *atom_names[natoms] = { " CA ", " CB ", " N " };
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBResidue.C:550:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *atom_names[natoms] = { " CB ", " SG ", " CA " };
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBResidue.C:562:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *atom_names[natoms] = { " CA ", " C ", " N " };
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBResidue.h:64:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[4];
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Grid.C:2241:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "rb");
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Grid.C:2317:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "wb");
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Grid.C:2365:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "rb");
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Grid.C:2376:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[256];
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Grid.C:2395:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char width_string[256];
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Grid.C:2412:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char height_string[256];
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Grid.C:2429:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char endian_string[256];
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Grid.C:2445:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
width = atoi(width_string);
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Grid.C:2446:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
height = atoi(height_string);
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Grid.C:2498:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "wb");
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Grid.C:2543:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "rb");
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Grid.C:2605:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "wb");
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Image.C:458:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "rb");
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Image.C:554:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "wb");
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Image.C:631:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "rb");
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Image.C:638:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[128];
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Image.C:740:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "w");
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Image.C:769:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "wb");
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Image.C:808:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "rb");
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Image.C:822:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char width_string[256];
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Image.C:839:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char height_string[256];
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Image.C:856:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char endian_string[256];
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Image.C:872:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
width = atoi(width_string);
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Image.C:873:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
height = atoi(height_string);
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Image.C:972:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "rb");
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Image.C:1034:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "wb");
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Image.C:1219:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "rb");
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Image.C:1297:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "wb");
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Image.C:1357:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "rb");
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Io.C:52:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Io.C:55:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[64], filetype[64];
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Io.C:62:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r");
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Io.C:143:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Io.C:149:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r");
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Polygon.C:321:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "r");
data/concavity-0.1+dfsg.1/pkgs/R3Graphics/R3Io.C:16:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(filename, "r"))) {
data/concavity-0.1+dfsg.1/pkgs/R3Graphics/R3Io.C:32:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[128];
data/concavity-0.1+dfsg.1/pkgs/R3Graphics/R3Io.C:140:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[64];
data/concavity-0.1+dfsg.1/pkgs/R3Graphics/R3Io.C:173:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char texture_name[256];
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Grid.C:1901:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "rb");
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Grid.C:1923:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "wb");
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Grid.C:1943:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "wb");
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Grid.C:1963:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "wb");
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Grid.C:2101:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "rb");
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Grid.C:2119:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uplbl[32];
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Grid.C:2147:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nextlbl[32];
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Grid.C:2154:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char toplbl[64];
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Grid.C:2236:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char trailer[128];
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Grid.C:2338:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "rb");
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Grid.C:2356:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char toplabel[128];
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Grid.C:2559:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "r");
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Grid.C:2566:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2014:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(filename, "r"))) {
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2020:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2036:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[80];
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2056:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s1[128], s2[128], s3[128];
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2064:57: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
char *p1 = strchr(s1, '/'); if (p1) *p1 = 0; i1 = atoi(s1);
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2065:57: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
char *p2 = strchr(s2, '/'); if (p2) *p2 = 0; i2 = atoi(s2);
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2066:57: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
char *p3 = strchr(s3, '/'); if (p3) *p3 = 0; i3 = atoi(s3);
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2104:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(filename, "r"))) {
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2116:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2117:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[64];
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2168:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (bufferp) face_nverts = atoi(bufferp);
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2182:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
R3MeshVertex *v = Vertex(atoi(bufferp));
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2231:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(filename, "r"))) {
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2237:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[128];
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2313:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(filename, "r"))) {
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2319:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2335:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[80];
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2366:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer1[256];
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2367:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer2[256];
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2380:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int id = atoi(bufferp);
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2443:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2447:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(filename, "rb"))) {
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2580:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(filename, "r"))) {
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2587:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024], cmd[1024];
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2640:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(filename, "r"))) {
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2646:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2705:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int vertex_index = atoi(bufferp);
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2791:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(filename, "w"))) {
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2830:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(filename, "w"))) {
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2865:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(filename, "w"))) {
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2904:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(filename, "w"))) {
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2975:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(filename, "wb"))) {
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:3027:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(filename, "w"))) {
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.h:512:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[R3_MESH_NAME_LENGTH];
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNError.C:52:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outbuf[256];
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNError.C:55:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNError.C:91:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outbuf[256];
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNError.C:94:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNError.C:127:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outbuf[256];
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNError.C:130:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNHeap.C:164:56: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (entry_offset >= 0) *((PtrType **) ((unsigned char *) newentries[i] + entry_offset)) = &newentries[i];
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNHeap.C:175:52: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (entry_offset >= 0) *((PtrType **) ((unsigned char *) entries[nentries] + entry_offset)) = &entries[nentries];
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNHeap.C:198:52: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (entry_offset >= 0) *((PtrType **) ((unsigned char *) entries[0] + entry_offset)) = NULL;
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNHeap.C:205:52: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (entry_offset >= 0) *((PtrType **) ((unsigned char *) entries[0] + entry_offset)) = &entries[0];
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNHeap.C:271:52: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (entry_offset >= 0) *((PtrType **) ((unsigned char *) entries[index] + entry_offset)) = NULL;
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNHeap.C:278:52: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (entry_offset >= 0) *((PtrType **) ((unsigned char *) entries[index] + entry_offset)) = &entries[index];
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNHeap.C:301:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
*((PtrType **) ((unsigned char *) entries[i] + entry_offset)) = &entries[i];
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNHeap.C:302:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
*((PtrType **) ((unsigned char *) entries[j] + entry_offset)) = &entries[j];
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNHeap.C:324:41: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
value = *((RNScalar *) ((unsigned char *) entries[index] + value_offset));
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNHeap.C:325:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
parent_value = *((RNScalar *) ((unsigned char *) entries[parent_index] + value_offset));
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNHeap.C:374:50: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
child1_value = *((RNScalar *) ((unsigned char *) entries[child1_index] + value_offset));
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNHeap.C:375:50: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
child2_value = *((RNScalar *) ((unsigned char *) entries[child2_index] + value_offset));
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNHeap.C:391:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
value = *((RNScalar *) ((unsigned char *) entries[index] + value_offset));
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNHeap.C:392:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
child_value = *((RNScalar *) ((unsigned char *) entries[child_index] + value_offset));
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNHeap.C:430:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
assert(*((PtrType **) ((unsigned char *) entries[i] + entry_offset)) == &entries[i]);
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNHeap.C:443:62: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (value_offset >= 0) value = *((RNScalar *) ((unsigned char *) entries[i] + value_offset));
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNHeap.C:450:71: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (value_offset >= 0) child1_value = *((RNScalar *) ((unsigned char *) entries[child1_index] + value_offset));
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNHeap.C:460:71: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (value_offset >= 0) child2_value = *((RNScalar *) ((unsigned char *) entries[child2_index] + value_offset));
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNMem.C:69:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char swap_buffer[RN_SWAP_BUFFER_SIZE];
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNMem.C:105:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, size);
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNSvd.C:88:32: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define COPY2D(d,m,n,s) (void) memcpy((char*)(d),(char*)(s),(int)((m)*(n)*sizeof(RNScalar)))
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:633:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(command_issued, " ");
data/concavity-0.1+dfsg.1/apps/concavity/concavity.C:648:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pdb_id[strlen(pdb_id) - 4] = '\0';
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBAminoAcid.C:59:15: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
if (name) { strncpy(this->name, name, 16); this->name[15] = 0; }
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBAminoAcid.C:63:15: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
if (name) { strncpy(this->code, code, 4); this->code[3] = 0; }
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBAtom.C:39:15: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
if (name) { strncpy(this->name, atom_name, 8); this->name[7] = 0; }
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBAtom.h:288:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(this->name, name, 8);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBChain.C:24:15: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
if (name) { strncpy(this->name, name, 4); this->name[3] = 0; }
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBChain.C:88:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str) < 1) return PDB_CHAIN;
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBChain.C:92:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer, str, 64);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBChain.h:213:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(this->name, name, 2);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBElement.C:55:15: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
if (name) { strncpy(this->name, name, 4); this->name[3] = 0; }
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:22:15: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
if (name) { strncpy(this->name, name, 128); this->name[127] = 0; }
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:137:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str) < 1) return PDB_FILE;
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:198:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int filename_length = strlen(filenamep);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:200:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(this->name, filenamep, 128);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:262:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(buffer);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:269:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
char atomName[8]; strncpy(atomName, &buffer[12], 4); atomName[4] = '\0';
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:271:24: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
char resName[4]; strncpy(resName, PDBToken(buffer, 18, 20, len), 4);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:278:33: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
char occupancy_string[8]; strncpy(occupancy_string, PDBToken(buffer, 55, 60, len), 8);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:279:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
RNScalar occupancy = (strlen(occupancy_string) > 0) ? atof(occupancy_string) : 1;
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:280:34: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
char tempFactor_string[8]; strncpy(tempFactor_string, PDBToken(buffer, 61, 66, len), 8);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:281:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
RNScalar tempFactor = (strlen(tempFactor_string) > 0) ? atof(tempFactor_string) : 0;
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:282:28: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
char elementName[4]; strncpy(elementName, PDBToken(buffer, 77, 78, len), 4);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:283:30: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
char charge_string[4]; strncpy(charge_string, PDBToken(buffer, 79, 80, len), 4);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:284:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
RNScalar charge = (strlen(charge_string) > 0) ? atof(charge_string) : PDB_UNKNOWN;
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:305:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(&atomName[1], PDBelements[i].Name(), strlen(PDBelements[i].Name()))) {
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:486:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer, remark, 1024); buffer[1023] = '\0';
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:507:45: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
if (!strcmp(bufferp, "NULL")) strcpy(chain_name, " ");
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:518:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer, remark, 1024); buffer[1023] = '\0';
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:525:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int row_number = atoi(&bufferp[strlen(bufferp)-1]);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:556:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(chain->Name()) == 1);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:604:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buffer, "\n");
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:654:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer, remark, 1024); buffer[1023] = '\0';
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:675:45: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
if (!strcmp(bufferp, "NULL")) strcpy(chain_name, " ");
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:688:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer, remark, 1024); buffer[1023] = '\0';
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:695:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int row_number = atoi(&bufferp[strlen(bufferp)-1]);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1206:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(chain_filename, "_");
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1305:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(chain_filename, "_");
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1307:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(chain_filename, "_");
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1340:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(chain_filename, "_");
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1342:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(chain_filename, "_");
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1361:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(chain_filename, "_");
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1362:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(chain_filename, "A");
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1363:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(chain_filename, "_");
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1405:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(chain_filename, "_");
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1407:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(chain_filename, "_");
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1476:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(chain_filename, "_");
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1571:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(input_line);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1592:28: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
char residue1_name[4]; strncpy(residue1_name, PDBToken(input_line, 15, 17, len), 4);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1594:26: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
char atom1_name[8]; strncpy(atom1_name, &input_line[24], 4); atom1_name[4] = '\0';
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1600:28: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
char residue2_name[4]; strncpy(residue2_name, PDBToken(input_line, 45, 47, len), 4);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.C:1602:26: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
char atom2_name[8]; strncpy(atom2_name, &input_line[33], 4); atom2_name[4] = '\0';
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBFile.h:154:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(this->name, name, 32);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBModel.C:24:15: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
if (name) { strncpy(this->name, name, 32); this->name[31] = 0; }
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBModel.C:62:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str) < 1) return PDB_MODEL;
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBModel.h:232:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(this->name, name, 32);
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBResidue.C:31:15: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
if (name) { strncpy(this->name, name, 4); this->name[3] = 0; }
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBResidue.C:198:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str) < 1) return PDB_RESIDUE;
data/concavity-0.1+dfsg.1/pkgs/PDB/PDBResidue.h:240:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(this->name, name, 4);
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Grid.C:2389:7: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(fp); if (c != 'P') { fprintf(stderr, "Bad magic keyword in %s\n", filename); return 0; }
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Grid.C:2390:7: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(fp); if (c != 'f') { fprintf(stderr, "Bad magic keyword in %s\n", filename); return 0; }
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Grid.C:2391:7: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(fp); if (c != '\n') { fprintf(stderr, "Bad magic keyword in %s\n", filename); return 0; }
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Grid.C:2397:9: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(fp);
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Grid.C:2414:9: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(fp);
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Grid.C:2431:9: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(fp);
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Image.C:392:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
lsb = getc(fp);
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Image.C:393:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
msb = getc(fp);
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Image.C:411:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
unsigned int b1 = getc(fp);
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Image.C:412:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
unsigned int b2 = getc(fp);
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Image.C:413:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
unsigned int b3 = getc(fp);
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Image.C:414:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
unsigned int b4 = getc(fp);
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Image.C:434:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int b1 = getc(fp);
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Image.C:435:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int b2 = getc(fp);
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Image.C:436:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int b3 = getc(fp);
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Image.C:437:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int b4 = getc(fp);
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Image.C:646:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int c = getc(fp);
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Image.C:648:27: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (c != '\n') c = getc(fp);
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Image.C:649:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(fp);
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Image.C:685:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int c = getc(fp);
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Image.C:694:19: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
*(p++) = ((255 * getc(fp)) / max_value) & 0xFF;
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Image.C:695:19: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
*(p++) = ((255 * getc(fp)) / max_value) & 0xFF;
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Image.C:696:19: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
*(p++) = ((255 * getc(fp)) / max_value) & 0xFF;
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Image.C:816:7: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(fp); if (c != 'P') { fprintf(stderr, "Bad magic keyword in %s\n", filename); return 0; }
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Image.C:817:7: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(fp); if (c != 'f') { fprintf(stderr, "Bad magic keyword in %s\n", filename); return 0; }
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Image.C:818:7: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(fp); if (c != '\n') { fprintf(stderr, "Bad magic keyword in %s\n", filename); return 0; }
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Image.C:824:9: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(fp);
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Image.C:841:9: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(fp);
data/concavity-0.1+dfsg.1/pkgs/R2Shapes/R2Image.C:858:9: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(fp);
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2001:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(Name()) == 0) SetName(filename);
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.C:2948:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int length = strlen(buffer) + 1;
data/concavity-0.1+dfsg.1/pkgs/R3Shapes/R3Mesh.h:908:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(this->name, name, R3_MESH_NAME_LENGTH);
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNError.C:61:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(outbuf, "\n");
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNError.C:100:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(outbuf, "\n");
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNError.C:136:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(outbuf, "\n");
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNTime.C:106:5: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep((unsigned long) (1000000 * seconds));
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNType.C:44:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
this->name = new char[strlen(name) + 1];
data/concavity-0.1+dfsg.1/pkgs/RNBasics/RNType.C:59:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
this->name = new char[strlen(name) + 1];
ANALYSIS SUMMARY:
Hits = 431
Lines analyzed = 65597 in approximately 1.44 seconds (45600 lines/second)
Physical Source Lines of Code (SLOC) = 40945
Hits@level = [0] 578 [1] 97 [2] 253 [3] 3 [4] 78 [5] 0
Hits@level+ = [0+] 1009 [1+] 431 [2+] 334 [3+] 81 [4+] 78 [5+] 0
Hits/KSLOC@level+ = [0+] 24.6428 [1+] 10.5263 [2+] 8.15728 [3+] 1.97826 [4+] 1.90499 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.