stdin

Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/delly-0.8.3/src/align.h
Examining data/delly-0.8.3/src/assemble.h
Examining data/delly-0.8.3/src/bolog.h
Examining data/delly-0.8.3/src/cluster.h
Examining data/delly-0.8.3/src/coverage.h
Examining data/delly-0.8.3/src/delly.cpp
Examining data/delly-0.8.3/src/delly.h
Examining data/delly-0.8.3/src/dpe.cpp
Examining data/delly-0.8.3/src/filter.h
Examining data/delly-0.8.3/src/genotype.h
Examining data/delly-0.8.3/src/gotoh.h
Examining data/delly-0.8.3/src/junction.h
Examining data/delly-0.8.3/src/merge.h
Examining data/delly-0.8.3/src/modvcf.h
Examining data/delly-0.8.3/src/msa.h
Examining data/delly-0.8.3/src/needle.h
Examining data/delly-0.8.3/src/shortpe.h
Examining data/delly-0.8.3/src/split.h
Examining data/delly-0.8.3/src/tags.h
Examining data/delly-0.8.3/src/tegua.h
Examining data/delly-0.8.3/src/util.h
Examining data/delly-0.8.3/src/version.h

FINAL RESULTS:

data/delly-0.8.3/src/align.h:16:17:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    TScoreValue mismatch;
data/delly-0.8.3/src/align.h:29:104:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    DnaScore(TScoreValue m, TScoreValue mm, TScoreValue gapopen, TScoreValue gapextension) : match(m), mismatch(mm), go(gapopen), ge(gapextension) {
data/delly-0.8.3/src/align.h:100:48:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    return (s1[row] == s2[col] ? sc.match : sc.mismatch );
data/delly-0.8.3/src/align.h:109:22:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
      else return sc.mismatch;
data/delly-0.8.3/src/align.h:115:70:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
	  score += p1[k1][row] * p2[k2][col] * ( (k1 == k2) ? sc.match : sc.mismatch );
data/delly-0.8.3/src/coverage.h:462:146:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
		  int32_t scoreAltThreshold = (int32_t) (c.flankQuality * consProbe.size() * simple.match + (1.0 - c.flankQuality) * consProbe.size() * simple.mismatch);
data/delly-0.8.3/src/coverage.h:468:144:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
		  int32_t scoreRefThreshold = (int32_t) (c.flankQuality * refProbe.size() * simple.match + (1.0 - c.flankQuality) * refProbe.size() * simple.mismatch);
data/delly-0.8.3/src/genotype.h:371:58:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
	      DnaScore<int> simple(c.aliscore.match, c.aliscore.mismatch, c.aliscore.mismatch, c.aliscore.mismatch);
data/delly-0.8.3/src/genotype.h:371:79:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
	      DnaScore<int> simple(c.aliscore.match, c.aliscore.mismatch, c.aliscore.mismatch, c.aliscore.mismatch);
data/delly-0.8.3/src/genotype.h:371:100:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
	      DnaScore<int> simple(c.aliscore.match, c.aliscore.mismatch, c.aliscore.mismatch, c.aliscore.mismatch);
data/delly-0.8.3/src/genotype.h:374:140:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
	      scoreAlt /= (double) (c.flankQuality * gbp[svid].alt.size() * simple.match + (1.0 - c.flankQuality) * gbp[svid].alt.size() * simple.mismatch);
data/delly-0.8.3/src/genotype.h:379:140:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
	      scoreRef /= (double) (c.flankQuality * gbp[svid].ref.size() * simple.match + (1.0 - c.flankQuality) * gbp[svid].ref.size() * simple.mismatch);
data/delly-0.8.3/src/needle.h:66:96:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
	mat[row][col] = std::max(std::max(mat[row-1][col-1] + (s1[row-1] == s2[col-1] ? sc.match : sc.mismatch), mat[row-1][col] + _verticalGap(ac, col, n, sc.ge)), mat[row][col-1] + _horizontalGap(ac, row, m, sc.ge));
data/delly-0.8.3/src/needle.h:81:102:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
	rev[row][col] = std::max(std::max(rev[row-1][col-1] + (sRev1[row-1] == sRev2[col-1] ? sc.match : sc.mismatch), rev[row-1][col] + _verticalGap(ac, col, n, sc.ge)), rev[row][col-1] + _horizontalGap(ac, row, m, sc.ge));
data/delly-0.8.3/src/tegua.h:74:39:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    c.aliscore = DnaScore<int>(match, mismatch, go, ge);

ANALYSIS SUMMARY:

Hits = 15
Lines analyzed = 9228 in approximately 0.32 seconds (28596 lines/second)
Physical Source Lines of Code (SLOC) = 7456
Hits@level = [0]   0 [1]  15 [2]   0 [3]   0 [4]   0 [5]   0
Hits@level+ = [0+]  15 [1+]  15 [2+]   0 [3+]   0 [4+]   0 [5+]   0
Hits/KSLOC@level+ = [0+] 2.0118 [1+] 2.0118 [2+]   0 [3+]   0 [4+]   0 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.