Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/depqbf-5.01/DepQBF4J-0.2/jni/DepQBF4J.c
Examining data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/examples/basic-api-example.c
Examining data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/examples/basic-api-example2.c
Examining data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/examples/basic-api-example3.c
Examining data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/examples/basic-clause-groups-api-example-assumptions.c
Examining data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/examples/basic-clause-groups-api-example.c
Examining data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/examples/basic-manual-selectors.c
Examining data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c
Examining data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.h
Examining data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll_app.c
Examining data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll_config.h
Examining data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll_dep_man_generic.h
Examining data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll_dep_man_qdag.c
Examining data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll_dep_man_qdag.h
Examining data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll_dep_man_qdag_types.h
Examining data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll_exit.h
Examining data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll_internals.h
Examining data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll_main.c
Examining data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll_mem.c
Examining data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll_mem.h
Examining data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll_pcnf.h
Examining data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll_pqueue.c
Examining data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll_pqueue.h
Examining data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll_stack.h
Examining data/depqbf-5.01/examples/basic-api-example.c
Examining data/depqbf-5.01/examples/basic-api-example2.c
Examining data/depqbf-5.01/examples/basic-api-example3.c
Examining data/depqbf-5.01/examples/basic-clause-groups-api-example-assumptions.c
Examining data/depqbf-5.01/examples/basic-clause-groups-api-example.c
Examining data/depqbf-5.01/examples/basic-manual-selectors.c
Examining data/depqbf-5.01/qdpll.c
Examining data/depqbf-5.01/qdpll.h
Examining data/depqbf-5.01/qdpll_app.c
Examining data/depqbf-5.01/qdpll_config.h
Examining data/depqbf-5.01/qdpll_dep_man_generic.h
Examining data/depqbf-5.01/qdpll_dep_man_qdag.c
Examining data/depqbf-5.01/qdpll_dep_man_qdag.h
Examining data/depqbf-5.01/qdpll_dep_man_qdag_types.h
Examining data/depqbf-5.01/qdpll_exit.h
Examining data/depqbf-5.01/qdpll_internals.h
Examining data/depqbf-5.01/qdpll_main.c
Examining data/depqbf-5.01/qdpll_mem.c
Examining data/depqbf-5.01/qdpll_mem.h
Examining data/depqbf-5.01/qdpll_pcnf.h
Examining data/depqbf-5.01/qdpll_pqueue.c
Examining data/depqbf-5.01/qdpll_pqueue.h
Examining data/depqbf-5.01/qdpll_stack.h

FINAL RESULTS:

data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll_app.c:178:3:  [4] (format) vfprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
  vfprintf (stderr, msg, list);
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll_app.c:554:3:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
  fprintf (stdout, USAGE1);
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll_app.c:555:3:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
  fprintf (stdout, USAGE2);
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll_app.c:562:3:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
  fprintf (stderr, VERSION);
data/depqbf-5.01/qdpll_app.c:178:3:  [4] (format) vfprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
  vfprintf (stderr, msg, list);
data/depqbf-5.01/qdpll_app.c:554:3:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
  fprintf (stdout, USAGE1);
data/depqbf-5.01/qdpll_app.c:555:3:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
  fprintf (stdout, USAGE2);
data/depqbf-5.01/qdpll_app.c:562:3:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
  fprintf (stderr, VERSION);
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:15981:3:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
  srand (qdpll->options.seed);
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16614:11:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
          srand (qdpll->options.seed);
data/depqbf-5.01/qdpll.c:15981:3:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
  srand (qdpll->options.seed);
data/depqbf-5.01/qdpll.c:16614:11:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
          srand (qdpll->options.seed);
data/depqbf-5.01/DepQBF4J-0.2/jni/DepQBF4J.c:107:12:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	FILE *f = fopen(str, "w");
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:1665:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char level_classes[dec_level + 2];
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:9640:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
          memcpy (unit->qpup_constraint->lits, qpup_constraint_lits.start, 
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:9667:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy (qpup_learnt_constraint->lits, qpup_constraint_lits.start, 
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:10034:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy (qpup_learnt_constraint->lits, qdpll->qpup_weak_predict_lits.start, 
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:10454:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
          memcpy (qdpll->assumption_lits_constraint->lits, (*lit_stack).start, 
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:13831:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
          memcpy (cover_set_copy->lits, c->lits, c->num_lits * sizeof (LitID));
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16136:59:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.elim_univ_dynamic_switch_delay = atoi (configure_str);
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16149:64:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.elim_univ_dynamic_success_threshold = atoi (configure_str);
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16163:60:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.qbcp_qbce_find_witness_max_occs = atoi (configure_str);
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16174:54:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.qbcp_qbce_max_clause_size = atoi (configure_str);
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16263:41:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.var_act_bias = atoi (configure_str);
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16312:47:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.orestart_dist_init = atoi (configure_str);
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16326:46:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.orestart_dist_inc = atoi (configure_str);
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16339:47:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.irestart_dist_init = atoi (configure_str);
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16353:46:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.irestart_dist_inc = atoi (configure_str);
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16366:47:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.lclauses_init_size = atoi (configure_str);
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16379:51:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.lclauses_min_init_size = atoi (configure_str);
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16392:51:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.lclauses_max_init_size = atoi (configure_str);
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16405:49:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.lcubes_min_init_size = atoi (configure_str);
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16418:49:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.lcubes_max_init_size = atoi (configure_str);
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16431:45:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.lcubes_init_size = atoi (configure_str);
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16444:50:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.lclauses_resize_value = atoi (configure_str);
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16457:48:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.lcubes_resize_value = atoi (configure_str);
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16538:38:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.max_space = atoi (configure_str);
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16552:43:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.soft_max_space = atoi (configure_str);
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16562:36:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.max_dec = atoi (configure_str);
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16579:40:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.max_btracks = atoi (configure_str);
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16596:37:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.max_secs = atoi (configure_str);
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16613:33:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.seed = atoi (configure_str);
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll_app.c:432:35:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          app->options.max_time = atoi (opt_str);
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll_app.c:460:30:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
          FILE *input_file = fopen (app->options.in_filename, "r");
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll_dep_man_qdag.c:569:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy (new, pq->elems_start, old_size * sizeof (Edge *));
data/depqbf-5.01/qdpll.c:1665:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char level_classes[dec_level + 2];
data/depqbf-5.01/qdpll.c:9640:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
          memcpy (unit->qpup_constraint->lits, qpup_constraint_lits.start, 
data/depqbf-5.01/qdpll.c:9667:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy (qpup_learnt_constraint->lits, qpup_constraint_lits.start, 
data/depqbf-5.01/qdpll.c:10034:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy (qpup_learnt_constraint->lits, qdpll->qpup_weak_predict_lits.start, 
data/depqbf-5.01/qdpll.c:10454:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
          memcpy (qdpll->assumption_lits_constraint->lits, (*lit_stack).start, 
data/depqbf-5.01/qdpll.c:13831:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
          memcpy (cover_set_copy->lits, c->lits, c->num_lits * sizeof (LitID));
data/depqbf-5.01/qdpll.c:16136:59:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.elim_univ_dynamic_switch_delay = atoi (configure_str);
data/depqbf-5.01/qdpll.c:16149:64:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.elim_univ_dynamic_success_threshold = atoi (configure_str);
data/depqbf-5.01/qdpll.c:16163:60:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.qbcp_qbce_find_witness_max_occs = atoi (configure_str);
data/depqbf-5.01/qdpll.c:16174:54:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.qbcp_qbce_max_clause_size = atoi (configure_str);
data/depqbf-5.01/qdpll.c:16263:41:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.var_act_bias = atoi (configure_str);
data/depqbf-5.01/qdpll.c:16312:47:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.orestart_dist_init = atoi (configure_str);
data/depqbf-5.01/qdpll.c:16326:46:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.orestart_dist_inc = atoi (configure_str);
data/depqbf-5.01/qdpll.c:16339:47:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.irestart_dist_init = atoi (configure_str);
data/depqbf-5.01/qdpll.c:16353:46:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.irestart_dist_inc = atoi (configure_str);
data/depqbf-5.01/qdpll.c:16366:47:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.lclauses_init_size = atoi (configure_str);
data/depqbf-5.01/qdpll.c:16379:51:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.lclauses_min_init_size = atoi (configure_str);
data/depqbf-5.01/qdpll.c:16392:51:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.lclauses_max_init_size = atoi (configure_str);
data/depqbf-5.01/qdpll.c:16405:49:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.lcubes_min_init_size = atoi (configure_str);
data/depqbf-5.01/qdpll.c:16418:49:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.lcubes_max_init_size = atoi (configure_str);
data/depqbf-5.01/qdpll.c:16431:45:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.lcubes_init_size = atoi (configure_str);
data/depqbf-5.01/qdpll.c:16444:50:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.lclauses_resize_value = atoi (configure_str);
data/depqbf-5.01/qdpll.c:16457:48:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.lcubes_resize_value = atoi (configure_str);
data/depqbf-5.01/qdpll.c:16538:38:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.max_space = atoi (configure_str);
data/depqbf-5.01/qdpll.c:16552:43:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.soft_max_space = atoi (configure_str);
data/depqbf-5.01/qdpll.c:16562:36:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.max_dec = atoi (configure_str);
data/depqbf-5.01/qdpll.c:16579:40:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.max_btracks = atoi (configure_str);
data/depqbf-5.01/qdpll.c:16596:37:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.max_secs = atoi (configure_str);
data/depqbf-5.01/qdpll.c:16613:33:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          qdpll->options.seed = atoi (configure_str);
data/depqbf-5.01/qdpll_app.c:432:35:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          app->options.max_time = atoi (opt_str);
data/depqbf-5.01/qdpll_app.c:460:30:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
          FILE *input_file = fopen (app->options.in_filename, "r");
data/depqbf-5.01/qdpll_dep_man_qdag.c:569:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy (new, pq->elems_start, old_size * sizeof (Edge *));
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16106:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (!strncmp (configure_str, "--trace", strlen ("--trace")))
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16110:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--trace");
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16118:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      else if (strlen (configure_str) != 0 && strcmp (configure_str, "=qrp"))
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16131:62:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        (configure_str, "--elim-univ-dynamic-switch-delay=", strlen ("--elim-univ-dynamic-switch-delay=")))
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16133:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--elim-univ-dynamic-switch-delay=");
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16144:67:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        (configure_str, "--elim-univ-dynamic-success-threshold=", strlen ("--elim-univ-dynamic-success-threshold=")))
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16146:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--elim-univ-dynamic-success-threshold=");
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16158:53:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        (configure_str, "--qbce-witness-max-occs=", strlen ("--qbce-witness-max-occs=")))
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16160:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--qbce-witness-max-occs=");
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16169:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        (configure_str, "--qbce-max-clause-size=", strlen ("--qbce-max-clause-size=")))
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16171:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--qbce-max-clause-size=");
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16258:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        (configure_str, "--var-act-bias=", strlen ("--var-act-bias=")))
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16260:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--var-act-bias=");
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16279:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         strlen ("--no-lin-lcubes-inc")))
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16286:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         strlen ("--no-lin-lclauses-inc")))
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16293:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         strlen ("--no-lin-orestart-inc")))
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16300:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         strlen ("--no-lin-irestart-inc")))
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16307:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         strlen ("--orestart-dist-init=")))
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16309:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--orestart-dist-init=");
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16321:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         strlen ("--orestart-dist-inc=")))
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16323:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--orestart-dist-inc=");
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16334:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         strlen ("--irestart-dist-init=")))
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16336:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--irestart-dist-init=");
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16348:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         strlen ("--irestart-dist-inc=")))
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16350:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--irestart-dist-inc=");
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16361:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         strlen ("--lclauses-init-size=")))
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16363:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--lclauses-init-size=");
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16374:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         strlen ("--lclauses-min-init-size=")))
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16376:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--lclauses-min-init-size=");
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16387:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         strlen ("--lclauses-max-init-size=")))
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16389:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--lclauses-max-init-size=");
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16400:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         strlen ("--lcubes-min-init-size=")))
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16402:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--lcubes-min-init-size=");
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16413:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         strlen ("--lcubes-max-init-size=")))
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16415:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--lcubes-max-init-size=");
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16426:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         strlen ("--lcubes-init-size=")))
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16428:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--lcubes-init-size=");
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16439:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         strlen ("--lclauses-resize-value=")))
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16441:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--lclauses-resize-value=");
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16452:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         strlen ("--lcubes-resize-value=")))
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16454:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--lcubes_resize_value=");
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16463:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!strncmp (configure_str, "--var-act-inc=", strlen ("--var-act-inc=")))
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16465:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--var-act-inc=");
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16477:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         strlen ("--var-act-dec-ifactor=")))
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16479:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--var-act-dec-ifactor=");
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16491:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         strlen ("--lclauses-delfactor=")))
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16493:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--lclauses-delfactor=");
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16504:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         strlen ("--lcubes-delfactor=")))
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16506:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--lcubes-delfactor=");
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16514:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  else if (!strncmp (configure_str, "--dec-heur=", strlen ("--dec-heur=")))
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16516:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--dec-heur=");
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16517:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      if (!strncmp (configure_str, "simple", strlen ("simple")))
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16519:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      else if (!strncmp (configure_str, "sdcl", strlen ("sdcl")))
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16521:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      else if (!strncmp (configure_str, "qtype", strlen ("qtype")))
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16523:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      else if (!strncmp (configure_str, "rand", strlen ("rand")))
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16525:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      else if (!strncmp (configure_str, "falsify", strlen ("falsify")))
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16527:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      else if (!strncmp (configure_str, "satisfy", strlen ("satisfy")))
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16533:53:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  else if (!strncmp (configure_str, "--max-space=", strlen ("--max-space=")))
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16535:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--max-space=");
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16547:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        (configure_str, "--soft-max-space=", strlen ("--soft-max-space=")))
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16549:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--soft-max-space=");
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16557:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  else if (!strncmp (configure_str, "--max-dec=", strlen ("--max-dec=")))
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16559:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--max-dec=");
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16574:55:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  else if (!strncmp (configure_str, "--max-btracks=", strlen ("--max-btracks=")))
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16576:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--max-btracks=");
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16591:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  else if (!strncmp (configure_str, "--max-secs=", strlen ("--max-secs=")))
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16593:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--max-secs=");
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16608:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  else if (!strncmp (configure_str, "--seed=", strlen ("--seed=")))
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16610:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--seed=");
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16619:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  else if (!strncmp (configure_str, "--dep-man=", strlen ("--dep-man=")))
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll.c:16637:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--dep-man=");
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll_app.c:194:24:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  while (isdigit ((c = getc (in))));
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll_app.c:199:11:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      c = getc (in);				     \
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll_app.c:205:9:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    c = getc (in);
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll_app.c:217:15:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  while ((c = getc (in)) != EOF)
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll_app.c:223:23:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
          while ((c = getc (in)) != '\n' && c != EOF)
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll_app.c:225:15:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
          c = getc (in);
data/depqbf-5.01/DepQBF4J-0.2/jni/depqbf/qdpll_app.c:307:34:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
              if (!isdigit ((c = getc (in))))
data/depqbf-5.01/qdpll.c:16106:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (!strncmp (configure_str, "--trace", strlen ("--trace")))
data/depqbf-5.01/qdpll.c:16110:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--trace");
data/depqbf-5.01/qdpll.c:16118:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      else if (strlen (configure_str) != 0 && strcmp (configure_str, "=qrp"))
data/depqbf-5.01/qdpll.c:16131:62:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        (configure_str, "--elim-univ-dynamic-switch-delay=", strlen ("--elim-univ-dynamic-switch-delay=")))
data/depqbf-5.01/qdpll.c:16133:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--elim-univ-dynamic-switch-delay=");
data/depqbf-5.01/qdpll.c:16144:67:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        (configure_str, "--elim-univ-dynamic-success-threshold=", strlen ("--elim-univ-dynamic-success-threshold=")))
data/depqbf-5.01/qdpll.c:16146:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--elim-univ-dynamic-success-threshold=");
data/depqbf-5.01/qdpll.c:16158:53:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        (configure_str, "--qbce-witness-max-occs=", strlen ("--qbce-witness-max-occs=")))
data/depqbf-5.01/qdpll.c:16160:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--qbce-witness-max-occs=");
data/depqbf-5.01/qdpll.c:16169:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        (configure_str, "--qbce-max-clause-size=", strlen ("--qbce-max-clause-size=")))
data/depqbf-5.01/qdpll.c:16171:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--qbce-max-clause-size=");
data/depqbf-5.01/qdpll.c:16258:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        (configure_str, "--var-act-bias=", strlen ("--var-act-bias=")))
data/depqbf-5.01/qdpll.c:16260:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--var-act-bias=");
data/depqbf-5.01/qdpll.c:16279:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         strlen ("--no-lin-lcubes-inc")))
data/depqbf-5.01/qdpll.c:16286:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         strlen ("--no-lin-lclauses-inc")))
data/depqbf-5.01/qdpll.c:16293:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         strlen ("--no-lin-orestart-inc")))
data/depqbf-5.01/qdpll.c:16300:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         strlen ("--no-lin-irestart-inc")))
data/depqbf-5.01/qdpll.c:16307:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         strlen ("--orestart-dist-init=")))
data/depqbf-5.01/qdpll.c:16309:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--orestart-dist-init=");
data/depqbf-5.01/qdpll.c:16321:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         strlen ("--orestart-dist-inc=")))
data/depqbf-5.01/qdpll.c:16323:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--orestart-dist-inc=");
data/depqbf-5.01/qdpll.c:16334:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         strlen ("--irestart-dist-init=")))
data/depqbf-5.01/qdpll.c:16336:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--irestart-dist-init=");
data/depqbf-5.01/qdpll.c:16348:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         strlen ("--irestart-dist-inc=")))
data/depqbf-5.01/qdpll.c:16350:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--irestart-dist-inc=");
data/depqbf-5.01/qdpll.c:16361:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         strlen ("--lclauses-init-size=")))
data/depqbf-5.01/qdpll.c:16363:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--lclauses-init-size=");
data/depqbf-5.01/qdpll.c:16374:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         strlen ("--lclauses-min-init-size=")))
data/depqbf-5.01/qdpll.c:16376:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--lclauses-min-init-size=");
data/depqbf-5.01/qdpll.c:16387:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         strlen ("--lclauses-max-init-size=")))
data/depqbf-5.01/qdpll.c:16389:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--lclauses-max-init-size=");
data/depqbf-5.01/qdpll.c:16400:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         strlen ("--lcubes-min-init-size=")))
data/depqbf-5.01/qdpll.c:16402:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--lcubes-min-init-size=");
data/depqbf-5.01/qdpll.c:16413:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         strlen ("--lcubes-max-init-size=")))
data/depqbf-5.01/qdpll.c:16415:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--lcubes-max-init-size=");
data/depqbf-5.01/qdpll.c:16426:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         strlen ("--lcubes-init-size=")))
data/depqbf-5.01/qdpll.c:16428:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--lcubes-init-size=");
data/depqbf-5.01/qdpll.c:16439:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         strlen ("--lclauses-resize-value=")))
data/depqbf-5.01/qdpll.c:16441:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--lclauses-resize-value=");
data/depqbf-5.01/qdpll.c:16452:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         strlen ("--lcubes-resize-value=")))
data/depqbf-5.01/qdpll.c:16454:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--lcubes_resize_value=");
data/depqbf-5.01/qdpll.c:16463:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!strncmp (configure_str, "--var-act-inc=", strlen ("--var-act-inc=")))
data/depqbf-5.01/qdpll.c:16465:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--var-act-inc=");
data/depqbf-5.01/qdpll.c:16477:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         strlen ("--var-act-dec-ifactor=")))
data/depqbf-5.01/qdpll.c:16479:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--var-act-dec-ifactor=");
data/depqbf-5.01/qdpll.c:16491:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         strlen ("--lclauses-delfactor=")))
data/depqbf-5.01/qdpll.c:16493:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--lclauses-delfactor=");
data/depqbf-5.01/qdpll.c:16504:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         strlen ("--lcubes-delfactor=")))
data/depqbf-5.01/qdpll.c:16506:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--lcubes-delfactor=");
data/depqbf-5.01/qdpll.c:16514:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  else if (!strncmp (configure_str, "--dec-heur=", strlen ("--dec-heur=")))
data/depqbf-5.01/qdpll.c:16516:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--dec-heur=");
data/depqbf-5.01/qdpll.c:16517:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      if (!strncmp (configure_str, "simple", strlen ("simple")))
data/depqbf-5.01/qdpll.c:16519:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      else if (!strncmp (configure_str, "sdcl", strlen ("sdcl")))
data/depqbf-5.01/qdpll.c:16521:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      else if (!strncmp (configure_str, "qtype", strlen ("qtype")))
data/depqbf-5.01/qdpll.c:16523:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      else if (!strncmp (configure_str, "rand", strlen ("rand")))
data/depqbf-5.01/qdpll.c:16525:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      else if (!strncmp (configure_str, "falsify", strlen ("falsify")))
data/depqbf-5.01/qdpll.c:16527:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      else if (!strncmp (configure_str, "satisfy", strlen ("satisfy")))
data/depqbf-5.01/qdpll.c:16533:53:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  else if (!strncmp (configure_str, "--max-space=", strlen ("--max-space=")))
data/depqbf-5.01/qdpll.c:16535:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--max-space=");
data/depqbf-5.01/qdpll.c:16547:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        (configure_str, "--soft-max-space=", strlen ("--soft-max-space=")))
data/depqbf-5.01/qdpll.c:16549:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--soft-max-space=");
data/depqbf-5.01/qdpll.c:16557:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  else if (!strncmp (configure_str, "--max-dec=", strlen ("--max-dec=")))
data/depqbf-5.01/qdpll.c:16559:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--max-dec=");
data/depqbf-5.01/qdpll.c:16574:55:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  else if (!strncmp (configure_str, "--max-btracks=", strlen ("--max-btracks=")))
data/depqbf-5.01/qdpll.c:16576:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--max-btracks=");
data/depqbf-5.01/qdpll.c:16591:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  else if (!strncmp (configure_str, "--max-secs=", strlen ("--max-secs=")))
data/depqbf-5.01/qdpll.c:16593:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--max-secs=");
data/depqbf-5.01/qdpll.c:16608:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  else if (!strncmp (configure_str, "--seed=", strlen ("--seed=")))
data/depqbf-5.01/qdpll.c:16610:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--seed=");
data/depqbf-5.01/qdpll.c:16619:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  else if (!strncmp (configure_str, "--dep-man=", strlen ("--dep-man=")))
data/depqbf-5.01/qdpll.c:16637:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      configure_str += strlen ("--dep-man=");
data/depqbf-5.01/qdpll_app.c:194:24:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  while (isdigit ((c = getc (in))));
data/depqbf-5.01/qdpll_app.c:199:11:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      c = getc (in);				     \
data/depqbf-5.01/qdpll_app.c:205:9:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    c = getc (in);
data/depqbf-5.01/qdpll_app.c:217:15:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  while ((c = getc (in)) != EOF)
data/depqbf-5.01/qdpll_app.c:223:23:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
          while ((c = getc (in)) != '\n' && c != EOF)
data/depqbf-5.01/qdpll_app.c:225:15:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
          c = getc (in);
data/depqbf-5.01/qdpll_app.c:307:34:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
              if (!isdigit ((c = getc (in))))

ANALYSIS SUMMARY:

Hits = 233
Lines analyzed = 58132 in approximately 1.70 seconds (34190 lines/second)
Physical Source Lines of Code (SLOC) = 44901
Hits@level = [0] 1224 [1] 156 [2]  65 [3]   4 [4]   8 [5]   0
Hits@level+ = [0+] 1457 [1+] 233 [2+]  77 [3+]  12 [4+]   8 [5+]   0
Hits/KSLOC@level+ = [0+] 32.4492 [1+] 5.18919 [2+] 1.71488 [3+] 0.267255 [4+] 0.17817 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.